Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/c44saO_74WqYPAu9UxLv52EyWJE.roa
File: c44saO_74WqYPAu9UxLv52EyWJE.roa (raw, json)
Hash identifier: 2cfairtrKasX01Xll7L0D41o9hWRF7rCduyFgatM7Yk=
Subject key identifier: 73:8E:2C:68:EF:FB:E1:6A:98:3C:0B:BD:53:12:EF:E7:61:32:58:91
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 018DB3B918D2ABAB0E40F9103CABA713FBB6
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/c44saO_74WqYPAu9UxLv52EyWJE.roa
Signing time: Fri 16 Feb 2024 21:01:08 +0000
ROA not before: Fri 16 Feb 2024 21:01:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22781
IP address blocks: 2a03:efc0:4500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b3:b9:18:d2:ab:ab:0e:40:f9:10:3c:ab:a7:13:fb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Feb 16 21:01:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=738e2c68effbe16a983c0bbd5312efe761325891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:83:70:29:3f:9a:8d:5e:92:0e:70:d5:c9:c8:
80:10:95:c4:2f:d6:84:0b:5c:79:87:15:38:74:5f:
e9:87:7f:84:6a:0d:25:44:d7:e2:92:2a:82:6a:bc:
82:50:dd:9d:33:ac:23:e6:bb:bd:b7:7b:8c:5e:3c:
08:73:05:a4:ac:ba:ef:fc:9e:23:05:a2:c4:1d:7a:
58:d1:ef:5b:2e:88:45:e2:cf:61:46:92:81:fb:e6:
70:77:34:f6:ca:33:84:3b:ce:a4:4c:65:d9:35:96:
f4:96:01:e1:37:7c:5a:11:29:32:1d:90:52:64:c2:
0d:1c:79:bb:8d:33:78:d9:d4:db:47:94:bc:5d:ab:
d6:53:a8:66:b1:06:c2:36:71:d5:7f:c4:34:01:c6:
43:79:d4:08:ec:2e:5e:9d:7f:76:a9:b3:20:2f:8b:
eb:13:86:4b:32:a9:03:5b:3e:c5:30:4a:1f:5b:46:
1f:90:e0:4f:15:71:55:6c:a1:ef:bd:dc:33:fb:4d:
c6:99:20:a4:04:9c:ee:e4:03:69:28:84:eb:30:b0:
0e:6b:b8:ab:0f:da:7d:6b:f9:59:9c:0c:05:36:e0:
d9:90:2b:35:55:96:4b:45:b2:13:f2:b4:b6:0f:35:
b1:8a:cf:72:fe:af:ee:62:6d:c5:d9:43:69:74:dd:
f6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8E:2C:68:EF:FB:E1:6A:98:3C:0B:BD:53:12:EF:E7:61:32:58:91
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/c44saO_74WqYPAu9UxLv52EyWJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:4500::/40
Signature Algorithm: sha256WithRSAEncryption
12:bd:dd:8c:78:13:11:2a:0e:97:c1:2b:fd:8e:3d:a8:f2:dd:
36:ad:d2:de:8d:03:07:7a:99:0d:5b:cd:d4:68:87:61:77:77:
fd:62:56:83:0b:4c:da:e3:6b:4a:bb:a5:99:91:77:34:df:5e:
42:e2:4d:1a:c3:9c:fb:7e:ba:7b:33:e4:a9:8d:e5:c5:d1:fd:
eb:cd:d3:53:2c:36:d0:1a:cd:74:1e:5f:8d:6d:61:fd:fd:5a:
0e:99:99:a9:85:20:c4:2c:ba:1d:a4:64:46:f8:b9:d8:2c:9f:
d0:7d:0e:21:1f:2a:5e:22:64:a4:4f:26:19:14:88:8a:18:95:
5e:c2:b0:63:b9:4b:c5:1e:53:bb:13:3a:8c:ef:d2:1c:c8:f2:
7c:6f:80:ab:3d:d9:99:26:82:27:02:39:b5:64:eb:35:97:ea:
f8:36:5f:8d:72:51:bc:09:db:07:16:b5:1b:f1:71:5b:6b:ff:
36:5e:c2:2d:d4:f0:49:0d:6a:0e:b0:39:24:73:b1:0a:0d:61:
ac:1a:dd:8f:bf:3e:0c:82:31:20:93:b1:a6:1e:ba:2e:27:88:
ef:75:b9:50:5a:83:c4:a1:dd:7e:32:9a:cf:d4:04:d8:eb:fb:
51:c2:89:21:e8:77:d0:d0:de:35:87:1a:64:3f:a3:06:fd:62:
70:0e:3e:88
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY2zuRjSq6sOQPkQPKunE/u2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwMjE2MjEwMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzhlMmM2OGVmZmJlMTZhOTgzYzBiYmQ1MzEyZWZlNzYxMzI1ODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA94NwKT+ajV6SDnDVyciAEJXEL9aE
C1x5hxU4dF/ph3+Eag0lRNfikiqCaryCUN2dM6wj5ru9t3uMXjwIcwWkrLrv/J4j
BaLEHXpY0e9bLohF4s9hRpKB++ZwdzT2yjOEO86kTGXZNZb0lgHhN3xaESkyHZBS
ZMINHHm7jTN42dTbR5S8XavWU6hmsQbCNnHVf8Q0AcZDedQI7C5enX92qbMgL4vr
E4ZLMqkDWz7FMEofW0YfkOBPFXFVbKHvvdwz+03GmSCkBJzu5ANpKITrMLAOa7ir
D9p9a/lZnAwFNuDZkCs1VZZLRbIT8rS2DzWxis9y/q/uYm3F2UNpdN32swIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHOOLGjv++FqmDwLvVMS7+dhMliRMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvYzQ0c2FPXzc0V3FZUEF1OVV4THY1MkV5V0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgPvwEUw
DQYJKoZIhvcNAQELBQADggEBABK93Yx4ExEqDpfBK/2OPajy3Tat0t6NAwd6mQ1b
zdRoh2F3d/1iVoMLTNrja0q7pZmRdzTfXkLiTRrDnPt+unsz5KmN5cXR/evN01Ms
NtAazXQeX41tYf39Wg6ZmamFIMQsuh2kZEb4udgsn9B9DiEfKl4iZKRPJhkUiIoY
lV7CsGO5S8UeU7sTOozv0hzI8nxvgKs92ZkmgicCObVk6zWX6vg2X41yUbwJ2wcW
tRvxcVtr/zZewi3U8EkNag6wOSRzsQoNYawa3Y+/PgyCMSCTsaYeui4niO91uVBa
g8Sh3X4yms/UBNjr+1HCiSHod9DQ3jWHGmQ/owb9YnAOPog=
-----END CERTIFICATE-----
Generated at Tue Jun 4 03:16:05 2024 by rpki-client on console-ams.rpki-client.org