Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/sLMQOTgw6SPhburE63WoUY1c5Ew.roa
File: sLMQOTgw6SPhburE63WoUY1c5Ew.roa (raw, json)
Hash identifier: 5bMThNgvoPfq7tvfVDiOPkA7In8Zy3dY8BYZ429DBaw=
Subject key identifier: B0:B3:10:39:38:30:E9:23:E1:6E:EA:C4:EB:75:A8:51:8D:5C:E4:4C
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 018CC2DB078C3007C6A594EC2D5B65A75E5B
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/sLMQOTgw6SPhburE63WoUY1c5Ew.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208136
IP address blocks: 2a00:8860:d00::/40 maxlen: 64
2a00:8861:d00::/40 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:07:8c:30:07:c6:a5:94:ec:2d:5b:65:a7:5e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0b310393830e923e16eeac4eb75a8518d5ce44c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4f:8b:82:3a:a8:60:4e:c7:7a:c6:00:7b:84:
42:b7:bb:9d:47:ee:ec:0f:92:b5:8e:30:d2:5e:a7:
84:bf:8e:ea:79:f7:0b:43:5e:33:51:0f:9e:d4:a4:
3f:71:e3:ff:25:94:d9:32:04:dd:21:c3:e6:46:e6:
68:5c:99:1f:7f:33:47:0a:d5:5d:17:96:ab:f1:e2:
d8:10:ec:9c:f5:14:7e:82:92:6d:74:3f:2c:90:05:
b5:0f:6e:f6:e2:8d:4d:39:0a:ab:96:e5:ff:ea:b6:
7e:ce:7c:0f:91:16:ed:6e:1f:61:23:20:c1:31:db:
7b:8e:4e:04:74:31:b2:a4:10:53:18:1a:ef:ee:ea:
6e:fd:93:66:48:b6:ea:19:97:ca:1b:4d:1e:ea:60:
3d:7c:03:61:4e:d5:c8:b5:fc:8c:4b:6b:6b:a4:8a:
99:96:5e:d3:97:2e:76:7d:62:9f:4b:5a:e7:2c:94:
0a:ef:d0:66:54:30:ec:23:b5:51:fd:72:93:10:53:
17:d7:3f:02:0f:53:89:19:d5:20:a4:75:5b:d2:71:
db:32:19:1a:89:2a:4d:d0:8d:c1:bf:7f:ef:51:77:
1b:dd:11:35:70:47:86:c8:e1:bd:72:7c:25:cf:f6:
19:11:17:0c:de:df:85:e2:2b:8a:78:87:6e:30:d1:
94:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B3:10:39:38:30:E9:23:E1:6E:EA:C4:EB:75:A8:51:8D:5C:E4:4C
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/sLMQOTgw6SPhburE63WoUY1c5Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:d00::/40
2a00:8861:d00::/40
Signature Algorithm: sha256WithRSAEncryption
68:2a:53:04:28:09:00:ea:12:72:82:52:ec:bd:0b:18:df:a2:
2e:08:15:a8:4d:f7:76:8b:77:4d:3f:55:32:b0:7b:fa:94:e4:
ce:ea:d2:7c:ef:f7:e7:6c:17:8b:1d:10:46:cb:98:29:49:80:
5e:8a:87:14:d3:35:2e:f1:e7:17:22:5e:3c:5f:62:84:fe:60:
c5:85:69:ed:5b:a4:10:c9:00:0a:24:a4:37:3c:3f:3c:60:1e:
fb:f1:32:de:1d:cc:f3:cb:65:e3:b1:b9:2f:0f:f3:61:87:2a:
b7:28:ba:cf:e8:f8:84:29:c9:6b:bb:ac:75:93:42:16:04:8f:
2b:79:e1:60:d6:ee:5e:82:e3:48:24:14:b0:51:3b:c7:ec:e2:
34:8c:c0:cf:f8:db:73:3d:ad:39:31:c6:65:56:7c:95:8d:ea:
8e:a6:48:18:bf:01:75:7e:73:6c:46:05:20:85:68:a8:ec:fe:
05:5a:29:5f:66:39:ed:ca:a1:99:46:d6:2f:c3:0b:2b:ab:c4:
87:49:da:e0:c1:81:47:45:ff:fc:e7:12:8d:e0:47:59:19:2e:
17:65:6e:15:f7:07:ee:f4:ac:65:b8:9d:6d:9a:2c:1e:81:0f:
52:67:26:a2:90:40:b9:80:3a:c2:f9:5d:fb:45:00:7f:2e:8c:
0b:bf:91:14
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzC2weMMAfGpZTsLVtlp15bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGIzMTAzOTM4MzBlOTIzZTE2ZWVhYzRlYjc1YTg1MThkNWNlNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk+LgjqoYE7HesYAe4RCt7udR+7s
D5K1jjDSXqeEv47qefcLQ14zUQ+e1KQ/ceP/JZTZMgTdIcPmRuZoXJkffzNHCtVd
F5ar8eLYEOyc9RR+gpJtdD8skAW1D2724o1NOQqrluX/6rZ+znwPkRbtbh9hIyDB
Mdt7jk4EdDGypBBTGBrv7upu/ZNmSLbqGZfKG00e6mA9fANhTtXItfyMS2trpIqZ
ll7Tly52fWKfS1rnLJQK79BmVDDsI7VR/XKTEFMX1z8CD1OJGdUgpHVb0nHbMhka
iSpN0I3Bv3/vUXcb3RE1cEeGyOG9cnwlz/YZERcM3t+F4iuKeIduMNGUnwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLCzEDk4MOkj4W7qxOt1qFGNXORMMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvc0xNUU9UZ3c2U1BoYnVyRTYzV29VWTFjNUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYA0D
BgAqAIhhDTANBgkqhkiG9w0BAQsFAAOCAQEAaCpTBCgJAOoScoJS7L0LGN+iLggV
qE33dot3TT9VMrB7+pTkzurSfO/352wXix0QRsuYKUmAXoqHFNM1LvHnFyJePF9i
hP5gxYVp7VukEMkACiSkNzw/PGAe+/Ey3h3M88tl47G5Lw/zYYcqtyi6z+j4hCnJ
a7usdZNCFgSPK3nhYNbuXoLjSCQUsFE7x+ziNIzAz/jbcz2tOTHGZVZ8lY3qjqZI
GL8BdX5zbEYFIIVoqOz+BVopX2Y57cqhmUbWL8MLK6vEh0na4MGBR0X//OcSjeBH
WRkuF2VuFfcH7vSsZbidbZosHoEPUmcmopBAuYA6wvld+0UAfy6MC7+RFA==
-----END CERTIFICATE-----
Generated at Sun May 19 22:59:42 2024 by rpki-client on console-fra.rpki-client.org