Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/_Pin8D1ej_AfrLVibWW0ihc189A.roa
File: _Pin8D1ej_AfrLVibWW0ihc189A.roa (raw, json)
Hash identifier: pdJKS8pFuTtwhBkfqj+kzWvugBqx5OK9jan3iBnDRR0=
Subject key identifier: FC:F8:A7:F0:3D:5E:8F:F0:1F:AC:B5:62:6D:65:B4:8A:17:35:F3:D0
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 018CC64B34147D443E547AA31A6B46E126D5
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/_Pin8D1ej_AfrLVibWW0ihc189A.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a02:3040:50::/48 maxlen: 48
2a02:3040:4e::/48 maxlen: 48
2a02:3040:4f::/50 maxlen: 50
2a02:3040:43:ff00::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:34:14:7d:44:3e:54:7a:a3:1a:6b:46:e1:26:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcf8a7f03d5e8ff01facb5626d65b48a1735f3d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4d:fa:0d:06:6d:7d:39:17:22:40:67:fd:ed:
95:31:2b:aa:bb:60:52:f8:19:1e:d6:21:d0:0c:de:
bd:0f:51:a9:0c:74:81:ad:cf:a3:48:4f:83:e7:f5:
00:cb:6f:2a:4f:ca:fd:0c:f8:2d:90:57:bd:eb:90:
a2:40:37:74:13:30:c4:3b:21:df:4a:d1:5d:ea:ba:
a5:dc:23:15:ac:4b:41:bb:ed:5f:0d:d2:17:ac:e8:
b5:1d:62:99:03:b1:11:f7:6d:7a:42:97:b6:f1:01:
b0:2c:41:1e:18:c6:0a:57:82:2b:48:4e:73:04:ae:
cf:06:f7:03:6c:5c:7e:3d:d2:fc:97:c1:39:bc:6d:
88:3a:1a:eb:91:e7:3d:24:dd:a0:fa:c5:24:cd:59:
e2:4f:3d:d1:ea:d0:ea:ea:10:ea:59:81:86:05:36:
d0:a7:78:cb:dc:5c:1e:f4:08:ab:a2:9f:13:dd:ce:
d3:fb:75:bb:33:b1:14:84:e7:f8:b5:c3:be:9e:fa:
55:09:49:c2:11:0a:eb:3b:52:6d:c9:5b:20:bd:7d:
b3:d8:e4:18:2b:78:6a:ba:46:cb:88:25:47:32:46:
7f:f2:e1:06:dc:45:34:ed:fa:75:53:0a:b6:f5:52:
ac:11:96:d4:6a:0c:d6:4d:4a:69:15:7e:25:a3:a6:
13:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F8:A7:F0:3D:5E:8F:F0:1F:AC:B5:62:6D:65:B4:8A:17:35:F3:D0
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/_Pin8D1ej_AfrLVibWW0ihc189A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:3040:43:ff00::/56
2a02:3040:4e::-2a02:3040:4f:3fff:ffff:ffff:ffff:ffff
2a02:3040:50::/48
Signature Algorithm: sha256WithRSAEncryption
0a:85:30:d0:74:20:68:3e:b7:5e:23:f5:05:d4:e7:43:38:e8:
fb:10:98:0d:ce:4b:36:c0:df:21:a0:af:d3:2c:01:c0:27:77:
0f:97:f9:e2:c0:fa:f2:2e:b1:c3:3f:05:4f:00:a4:02:14:1f:
b7:71:01:6b:62:58:42:cf:26:fa:c8:e3:b1:46:19:f1:39:35:
92:cf:26:c9:ec:1e:0a:a5:a3:70:31:21:0d:f4:41:89:b1:76:
05:95:84:6b:3d:f3:f1:f3:67:8a:99:b2:f3:68:02:bf:46:6e:
b3:e8:16:0d:be:33:73:bb:26:4c:ed:3d:ed:53:7a:b9:73:22:
cb:12:0d:c3:4d:e7:72:b6:2f:6d:63:76:e1:e4:04:2c:99:d7:
f7:93:c8:71:7d:10:e3:93:26:5f:6e:a5:7c:95:f5:bb:40:0f:
5a:dc:13:4f:56:38:f0:b9:ca:72:ee:da:a9:70:6e:1b:65:f6:
3c:d6:76:91:79:0c:e7:e2:24:fd:c8:7a:e3:3e:70:48:54:34:
55:ac:ff:23:98:d3:97:48:f4:79:38:a9:ef:74:d4:9b:94:42:
1a:04:15:df:19:3e:4a:af:c1:3d:2d:02:5f:e2:f0:62:fd:8b:
8f:cc:f3:32:92:43:57:cb:83:b4:78:2b:fe:fd:a5:2a:2b:3f:
5c:90:d3:16
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGSzQUfUQ+VHqjGmtG4SbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y4YTdmMDNkNWU4ZmYwMWZhY2I1NjI2ZDY1YjQ4YTE3MzVmM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE36DQZtfTkXIkBn/e2VMSuqu2BS
+Bke1iHQDN69D1GpDHSBrc+jSE+D5/UAy28qT8r9DPgtkFe965CiQDd0EzDEOyHf
StFd6rql3CMVrEtBu+1fDdIXrOi1HWKZA7ER9216Qpe28QGwLEEeGMYKV4IrSE5z
BK7PBvcDbFx+PdL8l8E5vG2IOhrrkec9JN2g+sUkzVniTz3R6tDq6hDqWYGGBTbQ
p3jL3Fwe9Airop8T3c7T+3W7M7EUhOf4tcO+nvpVCUnCEQrrO1JtyVsgvX2z2OQY
K3hqukbLiCVHMkZ/8uEG3EU07fp1Uwq29VKsEZbUagzWTUppFX4lo6YTdwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPz4p/A9Xo/wH6y1Ym1ltIoXNfPQMB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvX1BpbjhEMWVqX0FmckxWaWJXVzBpaGMxODlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwgAKgIwQABD
/zATAwcBKgIwQABOAwgGKgIwQABPAAMHACoCMEAAUDANBgkqhkiG9w0BAQsFAAOC
AQEACoUw0HQgaD63XiP1BdTnQzjo+xCYDc5LNsDfIaCv0ywBwCd3D5f54sD68i6x
wz8FTwCkAhQft3EBa2JYQs8m+sjjsUYZ8Tk1ks8myeweCqWjcDEhDfRBibF2BZWE
az3z8fNnipmy82gCv0Zus+gWDb4zc7smTO097VN6uXMiyxINw03ncrYvbWN24eQE
LJnX95PIcX0Q45MmX26lfJX1u0APWtwTT1Y48LnKcu7aqXBuG2X2PNZ2kXkM5+Ik
/ch64z5wSFQ0Vaz/I5jTl0j0eTip73TUm5RCGgQV3xk+Sq/BPS0CX+LwYv2Lj8zz
MpJDV8uDtHgr/v2lKis/XJDTFg==
-----END CERTIFICATE-----
Generated at Thu May 2 10:46:05 2024 by rpki-client on console-ams.rpki-client.org