Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/1ciAdWkkmI8Eg5aYgCvcwlzWQB0.roa
File: 1ciAdWkkmI8Eg5aYgCvcwlzWQB0.roa (raw, json)
Hash identifier: 4fFGlkq/lufEU7LiueyFJaZtIJMk81QsFMhX/2ao3oo=
Subject key identifier: D5:C8:80:75:69:24:98:8F:04:83:96:98:80:2B:DC:C2:5C:D6:40:1D
Certificate issuer: /CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Certificate serial: 018D06DD922AD6FCF9484065B83A4861172B
Authority key identifier: 97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/1ciAdWkkmI8Eg5aYgCvcwlzWQB0.roa
Signing time: Sun 14 Jan 2024 07:26:40 +0000
ROA not before: Sun 14 Jan 2024 07:26:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 2a07:1980::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.mft
rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:dd:92:2a:d6:fc:f9:48:40:65:b8:3a:48:61:17:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Validity
Not Before: Jan 14 07:26:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5c880756924988f04839698802bdcc25cd6401d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:75:03:99:49:d2:ed:df:64:78:fe:82:ef:a5:
ae:95:9d:f1:d2:e7:a3:35:8b:45:6e:ea:70:96:c7:
af:a2:ac:16:3c:60:66:90:cc:11:23:8d:59:33:50:
b7:2d:56:85:b2:0a:c9:76:4f:16:d6:f3:83:ea:dd:
6a:6f:50:89:a5:87:41:aa:db:94:80:9d:77:93:79:
e0:64:ef:bb:59:e3:2d:dc:a8:c6:73:9b:0f:8c:ca:
3e:40:0b:e5:32:3e:c9:03:6c:40:fc:b6:95:14:00:
1f:a0:0e:c7:a4:bc:d0:4d:cc:11:9e:f8:ba:5f:8c:
ab:71:11:7c:71:21:57:4a:18:f6:ba:b4:5c:64:59:
8f:58:b3:03:97:a0:09:7c:04:32:7a:69:31:5b:9e:
d4:46:f6:4b:f5:48:ff:7a:d9:cf:dd:f6:70:8e:b5:
83:33:d8:34:80:26:70:28:93:02:c7:d3:e1:ee:8d:
80:dc:65:15:8a:cb:6e:42:9c:87:5e:fa:51:29:ae:
98:3d:ee:bf:38:f2:b5:a5:28:16:7a:fa:f6:88:b8:
33:fc:1c:fb:e1:5f:52:3c:bc:78:d6:9f:ce:3b:f3:
f8:bf:9e:13:d0:9c:e3:e8:e4:2d:a7:59:d0:b2:99:
29:28:21:04:22:2d:ec:7b:82:69:93:f2:78:5d:c9:
87:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C8:80:75:69:24:98:8F:04:83:96:98:80:2B:DC:C2:5C:D6:40:1D
X509v3 Authority Key Identifier:
keyid:97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/1ciAdWkkmI8Eg5aYgCvcwlzWQB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:1980::/29
Signature Algorithm: sha256WithRSAEncryption
01:22:01:98:5e:63:c6:f3:37:ce:01:1e:47:e1:45:89:bf:7a:
b8:b2:7d:d8:35:9d:c9:29:bf:71:d8:02:cf:1e:2a:1e:e7:eb:
4b:f1:c7:9a:79:84:5a:42:d0:7c:d1:08:93:e5:8e:9c:30:f7:
5f:0a:d5:1f:e4:fb:0c:9b:d6:05:1f:6d:fc:1d:ea:61:b9:b9:
b8:1c:ca:f4:8c:e0:82:7c:59:8c:01:e8:dd:6f:c0:fd:5f:91:
d3:c1:ff:91:8f:55:eb:d7:80:1d:0d:26:a2:ff:03:2f:06:a8:
b2:29:0e:99:be:72:93:74:04:54:73:b1:41:60:13:aa:1e:57:
99:08:73:f4:09:de:c7:9f:a9:da:03:0d:f5:76:6f:1f:60:51:
c0:3a:ff:8f:5e:b6:19:62:ee:ac:6f:e7:19:8c:d7:de:b9:8b:
77:f9:30:d0:86:b7:dc:54:fe:04:aa:bd:54:a3:d7:7a:bc:38:
fe:70:2d:79:a4:58:f2:8b:79:25:2c:f8:e7:8e:91:72:22:a9:
ac:b0:04:b0:fa:84:1e:2c:64:54:0a:14:9b:6e:7a:39:ba:93:
0f:3c:aa:ce:38:61:20:52:9d:b0:76:97:cc:9b:cf:ef:9d:23:
72:d6:95:c2:a1:62:1e:b6:16:9e:01:41:1b:4b:4c:5c:40:f6:
11:2b:5c:fc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY0G3ZIq1vz5SEBluDpIYRcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmQ5Yjg2NTMxZTU0NGFmYTAzMDlkOGJlMmE3YmE2OTE2
M2Y5YWQwHhcNMjQwMTE0MDcyNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWM4ODA3NTY5MjQ5ODhmMDQ4Mzk2OTg4MDJiZGNjMjVjZDY0MDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHUDmUnS7d9keP6C76WulZ3x0uej
NYtFbupwlsevoqwWPGBmkMwRI41ZM1C3LVaFsgrJdk8W1vOD6t1qb1CJpYdBqtuU
gJ13k3ngZO+7WeMt3KjGc5sPjMo+QAvlMj7JA2xA/LaVFAAfoA7HpLzQTcwRnvi6
X4yrcRF8cSFXShj2urRcZFmPWLMDl6AJfAQyemkxW57URvZL9Uj/etnP3fZwjrWD
M9g0gCZwKJMCx9Ph7o2A3GUVistuQpyHXvpRKa6YPe6/OPK1pSgWevr2iLgz/Bz7
4V9SPLx41p/OO/P4v54T0Jzj6OQtp1nQspkpKCEEIi3se4Jpk/J4XcmHrwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNXIgHVpJJiPBIOWmIAr3MJc1kAdMB8GA1UdIwQY
MBaAFJe9m4ZTHlRK+gMJ2L4qe6aRY/mtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjIt
MzQ2MGNjMjY0ODBiLzEvMWNpQWRXa2ttSThFZzVhWWdDdmN3bHpXUUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNGJkOGItNTVmNC00NzY1LWFkMjItMzQ2MGNjMjY0ODBi
LzEvbDcyYmhsTWVWRXI2QXduWXZpcDdwcEZqLWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgcZgDAN
BgkqhkiG9w0BAQsFAAOCAQEAASIBmF5jxvM3zgEeR+FFib96uLJ92DWdySm/cdgC
zx4qHufrS/HHmnmEWkLQfNEIk+WOnDD3XwrVH+T7DJvWBR9t/B3qYbm5uBzK9Izg
gnxZjAHo3W/A/V+R08H/kY9V69eAHQ0mov8DLwaosikOmb5yk3QEVHOxQWATqh5X
mQhz9Anex5+p2gMN9XZvH2BRwDr/j162GWLurG/nGYzX3rmLd/kw0Ia33FT+BKq9
VKPXerw4/nAteaRY8ot5JSz4546RciKprLAEsPqEHixkVAoUm256ObqTDzyqzjhh
IFKdsHaXzJvP750jctaVwqFiHrYWngFBG0tMXED2EStc/A==
-----END CERTIFICATE-----
Generated at Mon May 6 09:51:10 2024 by rpki-client on console-fra.rpki-client.org