Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/SSeI0rZuyYQoOR-82lgDckQuuJs.roa
File: SSeI0rZuyYQoOR-82lgDckQuuJs.roa (raw, json)
Hash identifier: jui0iRacIMNRCDqjnmT+Fat6GJgErVM1DDSgns8HWps=
Subject key identifier: 49:27:88:D2:B6:6E:C9:84:28:39:1F:BC:DA:58:03:72:44:2E:B8:9B
Certificate issuer: /CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Certificate serial: 018CC56EABB900C1F1D2F9E2CD29049DA9D1
Authority key identifier: 73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/SSeI0rZuyYQoOR-82lgDckQuuJs.roa
Signing time: Mon 01 Jan 2024 14:30:13 +0000
ROA not before: Mon 01 Jan 2024 14:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41051
IP address blocks: 2a01:20e::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ab:b9:00:c1:f1:d2:f9:e2:cd:29:04:9d:a9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Validity
Not Before: Jan 1 14:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=492788d2b66ec98428391fbcda580372442eb89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:95:39:90:68:54:a5:08:04:6a:ec:c5:49:5d:
74:b0:79:6f:b9:a9:36:0f:5e:e3:8b:2e:8c:e2:a3:
e0:13:ca:42:64:e2:e6:74:04:9b:5f:c5:b0:07:54:
3b:57:0f:02:fe:a7:84:d8:d4:5b:89:8c:93:47:ce:
09:c3:72:d8:6e:fc:00:f1:fa:27:2e:9b:89:1f:2d:
8c:e9:31:70:da:01:6b:28:50:41:fc:f0:15:6c:5e:
fc:f6:8c:b9:6e:97:63:0b:eb:9a:74:7d:7b:b1:11:
df:02:27:82:fa:9e:cc:27:38:d5:01:ee:f9:d6:7e:
27:a3:50:8b:c2:fd:5d:92:d0:69:36:d6:b5:27:27:
f7:04:91:42:0e:3e:f8:04:b5:5e:34:8c:a8:86:8c:
6a:7d:2b:59:3d:5c:d6:12:f5:ba:a9:92:a9:d8:0a:
4e:73:63:2d:ce:62:9c:06:5f:d8:0e:47:89:f3:91:
29:fa:e4:ba:d3:f6:22:67:b9:cb:4f:cb:53:c5:55:
8d:ec:cb:37:96:da:80:5f:b3:83:8f:74:bc:f2:ea:
15:11:f4:4f:9e:3c:f6:1d:79:96:68:7f:13:fa:85:
c9:91:1b:da:21:e5:61:cf:92:f2:4c:14:02:6d:ea:
90:40:95:e9:d4:e0:bc:37:b3:da:97:fa:3e:0b:38:
95:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:27:88:D2:B6:6E:C9:84:28:39:1F:BC:DA:58:03:72:44:2E:B8:9B
X509v3 Authority Key Identifier:
keyid:73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/SSeI0rZuyYQoOR-82lgDckQuuJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:20e::/32
Signature Algorithm: sha256WithRSAEncryption
22:e1:ed:ed:12:7b:86:a2:0f:bc:0c:2e:b2:0c:54:69:52:4a:
23:a4:24:3a:90:1e:97:76:68:88:d9:d4:40:6c:e3:62:62:17:
15:58:07:79:52:18:21:8b:58:82:57:f2:2f:b4:a6:c2:d5:93:
57:be:0f:dc:4b:76:38:d9:8f:f4:9a:54:24:33:6f:d7:69:c5:
0b:b8:51:eb:9b:32:21:15:ea:df:03:d9:f9:e3:c0:e8:7a:b0:
4e:75:73:66:a6:d6:45:ec:73:97:e0:07:3c:33:e9:22:b6:65:
d1:45:61:cb:c1:a7:21:09:d7:b9:ec:1a:f6:63:f0:14:5c:34:
7a:5e:6b:a2:b1:84:25:86:6a:56:0c:53:1c:ea:a7:8a:a1:46:
7d:81:38:00:07:b6:06:91:e2:81:27:06:94:03:1e:b4:5c:c1:
fd:81:26:95:92:48:b4:6b:fe:c6:61:ba:bc:76:cb:0a:64:4f:
9d:9b:9a:d9:1a:95:00:98:73:be:25:ba:29:46:88:a8:f5:0c:
ac:ab:d8:5d:65:82:4e:a4:b4:7d:08:a7:5e:f2:01:a8:10:d2:
5b:91:5f:9b:9e:f5:78:1e:ac:41:c1:94:ba:73:9b:bd:df:9e:
50:74:05:5b:7b:cf:4a:3b:8b:c1:45:60:6c:15:06:65:fe:3f:
0e:a0:7a:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFbqu5AMHx0vnizSkEnanRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOTc1ZDVkYTlkYThhMDc0YjMzZmJjYjVjMDlkNTAzYTNi
NDQzYTEwHhcNMjQwMTAxMTQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTI3ODhkMmI2NmVjOTg0MjgzOTFmYmNkYTU4MDM3MjQ0MmViODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZU5kGhUpQgEauzFSV10sHlvuak2
D17jiy6M4qPgE8pCZOLmdASbX8WwB1Q7Vw8C/qeE2NRbiYyTR84Jw3LYbvwA8fon
LpuJHy2M6TFw2gFrKFBB/PAVbF789oy5bpdjC+uadH17sRHfAieC+p7MJzjVAe75
1n4no1CLwv1dktBpNta1Jyf3BJFCDj74BLVeNIyohoxqfStZPVzWEvW6qZKp2ApO
c2MtzmKcBl/YDkeJ85Ep+uS60/YiZ7nLT8tTxVWN7Ms3ltqAX7ODj3S88uoVEfRP
njz2HXmWaH8T+oXJkRvaIeVhz5LyTBQCbeqQQJXp1OC8N7Pal/o+CziVNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEkniNK2bsmEKDkfvNpYA3JELribMB8GA1UdIwQY
MBaAFHOXXV2p2ooHSzP7y1wJ1QOjtEOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYt
OWU4MGQwZDg3YzJkLzEvU1NlSTByWnV5WVFvT1ItODJsZ0Rja1F1dUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYtOWU4MGQwZDg3YzJk
LzEvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgECDjAN
BgkqhkiG9w0BAQsFAAOCAQEAIuHt7RJ7hqIPvAwusgxUaVJKI6QkOpAel3ZoiNnU
QGzjYmIXFVgHeVIYIYtYglfyL7SmwtWTV74P3Et2ONmP9JpUJDNv12nFC7hR65sy
IRXq3wPZ+ePA6HqwTnVzZqbWRexzl+AHPDPpIrZl0UVhy8GnIQnXuewa9mPwFFw0
el5rorGEJYZqVgxTHOqniqFGfYE4AAe2BpHigScGlAMetFzB/YEmlZJItGv+xmG6
vHbLCmRPnZua2RqVAJhzviW6KUaIqPUMrKvYXWWCTqS0fQinXvIBqBDSW5Ffm571
eB6sQcGUunObvd+eUHQFW3vPSjuLwUVgbBUGZf4/DqB6kA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:11:50 2024 by rpki-client on console-ams.rpki-client.org