Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/somf2MEdk4WC7d2Lke415mkyIog.roa
File: somf2MEdk4WC7d2Lke415mkyIog.roa (raw, json)
Hash identifier: eXCtaed9S0OHHEeDrs0crR1KqAF3HD7TCyy4cWsSCFk=
Subject key identifier: B2:89:9F:D8:C1:1D:93:85:82:ED:DD:8B:91:EE:35:E6:69:32:22:88
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 018CC2DB07CD1355423865EFFF1C4BF75D3F
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/somf2MEdk4WC7d2Lke415mkyIog.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209485
IP address blocks: 2a00:8860:900::/40 maxlen: 64
2a00:8861:900::/40 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:07:cd:13:55:42:38:65:ef:ff:1c:4b:f7:5d:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2899fd8c11d938582eddd8b91ee35e669322288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:db:5c:d9:39:92:c4:65:63:81:d2:19:23:bc:
40:ae:76:00:e7:3e:21:68:10:5b:94:80:5d:f4:e8:
e7:60:1b:23:77:3a:d9:0f:02:4d:46:48:04:e6:96:
d0:41:68:e2:b6:6f:fe:2e:63:88:5b:8d:c8:c9:8a:
92:ce:ab:95:47:2f:7f:fb:73:e1:88:82:19:7f:fe:
73:d4:df:91:95:c0:61:2a:de:2b:97:a8:0f:16:5c:
d1:4d:5a:fa:04:97:54:64:74:19:8b:31:0f:ea:5a:
d5:c3:38:17:77:3d:fe:5e:b9:c0:f5:3e:be:54:83:
ed:29:a5:26:ab:35:f9:f4:fa:aa:50:b0:76:b8:d6:
da:43:26:51:db:f3:e8:ae:45:3f:63:6b:e1:f1:cb:
83:99:5f:fd:2c:7f:92:b1:0e:bd:2e:97:6c:ee:65:
c7:1d:77:c6:71:8b:a6:8d:5e:87:70:5e:87:3c:79:
f1:f9:f1:e6:2b:42:da:4e:07:91:26:81:27:5a:6d:
ec:6c:ef:7f:bf:d5:ba:8a:f9:6f:4c:ac:50:f1:cc:
21:71:ec:02:c0:f7:1f:55:87:42:54:0f:b3:a2:d6:
82:df:04:55:21:bb:8e:cd:46:dc:3e:26:1a:88:b6:
f4:b8:3d:58:90:93:b7:30:b1:f2:5e:4a:38:b5:4d:
a6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:9F:D8:C1:1D:93:85:82:ED:DD:8B:91:EE:35:E6:69:32:22:88
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/somf2MEdk4WC7d2Lke415mkyIog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:900::/40
2a00:8861:900::/40
Signature Algorithm: sha256WithRSAEncryption
08:9c:64:a4:dc:65:2a:24:d6:5b:9f:ce:3d:fb:ab:36:ce:9d:
ef:65:a6:f7:0d:85:e3:c6:1a:39:89:ad:61:07:a1:70:73:ca:
df:20:f3:5a:fc:6f:e6:f4:de:69:04:25:33:9b:6c:86:7e:11:
d2:e3:09:0d:36:a4:c9:cc:0d:38:a5:db:d3:49:46:b5:79:37:
ab:b8:0a:58:bc:e7:02:75:89:8c:a1:dc:2d:d0:a7:18:25:bc:
bf:ce:a4:b2:ca:f1:7b:aa:81:a8:9c:47:ef:17:11:14:5e:84:
f4:4c:ea:fb:aa:49:95:fe:94:5e:1b:e6:4d:53:bf:3b:50:10:
57:51:9a:1d:45:b7:04:d4:2c:ca:46:df:cd:e2:09:bd:a2:12:
5f:2e:49:d7:7f:03:0c:6f:ac:64:eb:02:2d:b3:70:17:e6:d6:
60:bc:41:74:b1:21:5c:85:1a:fa:23:43:4f:a4:22:e8:46:a9:
12:39:a6:22:04:35:a4:4f:58:09:8b:2e:73:54:ba:68:f8:c5:
1f:0e:80:68:e1:f0:e1:55:6b:2a:d4:70:91:fa:a6:23:bc:4c:
2d:ca:da:a9:60:ed:49:76:bc:a1:70:5d:e1:2e:09:ae:8a:d5:
07:f9:ec:04:06:86:95:9f:6b:22:66:09:36:f7:39:5c:d7:67:
da:06:a5:80
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzC2wfNE1VCOGXv/xxL910/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg5OWZkOGMxMWQ5Mzg1ODJlZGRkOGI5MWVlMzVlNjY5MzIyMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ttc2TmSxGVjgdIZI7xArnYA5z4h
aBBblIBd9OjnYBsjdzrZDwJNRkgE5pbQQWjitm/+LmOIW43IyYqSzquVRy9/+3Ph
iIIZf/5z1N+RlcBhKt4rl6gPFlzRTVr6BJdUZHQZizEP6lrVwzgXdz3+XrnA9T6+
VIPtKaUmqzX59PqqULB2uNbaQyZR2/PorkU/Y2vh8cuDmV/9LH+SsQ69Lpds7mXH
HXfGcYumjV6HcF6HPHnx+fHmK0LaTgeRJoEnWm3sbO9/v9W6ivlvTKxQ8cwhcewC
wPcfVYdCVA+zotaC3wRVIbuOzUbcPiYaiLb0uD1YkJO3MLHyXko4tU2mewIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLKJn9jBHZOFgu3di5HuNeZpMiKIMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEvc29tZjJNRWRrNFdDN2QyTGtlNDE1bWt5SW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAkD
BgAqAIhhCTANBgkqhkiG9w0BAQsFAAOCAQEACJxkpNxlKiTWW5/OPfurNs6d72Wm
9w2F48YaOYmtYQehcHPK3yDzWvxv5vTeaQQlM5tshn4R0uMJDTakycwNOKXb00lG
tXk3q7gKWLznAnWJjKHcLdCnGCW8v86kssrxe6qBqJxH7xcRFF6E9Ezq+6pJlf6U
XhvmTVO/O1AQV1GaHUW3BNQsykbfzeIJvaISXy5J138DDG+sZOsCLbNwF+bWYLxB
dLEhXIUa+iNDT6Qi6EapEjmmIgQ1pE9YCYsuc1S6aPjFHw6AaOHw4VVrKtRwkfqm
I7xMLcraqWDtSXa8oXBd4S4JrorVB/nsBAaGlZ9rImYJNvc5XNdn2galgA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:56:16 2024 by rpki-client on console-fra.rpki-client.org