Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1--iHetK_P_jtNOKbUk3HSX3Qauw.roa
File: 1--iHetK_P_jtNOKbUk3HSX3Qauw.roa (raw, json)
Hash identifier: KH5wpB1k6q/h19itWlh7YxNNsKwMDyK+27EKgS7h0Ts=
Subject key identifier: FB:E8:87:7A:D2:BF:3F:F8:ED:34:E2:9B:52:4D:C7:49:7D:D0:6A:EC
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D206F2A03B5402005ABDF9FF23B55
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1--iHetK_P_jtNOKbUk3HSX3Qauw.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0e:aa02::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:20:6f:2a:03:b5:40:20:05:ab:df:9f:f2:3b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe8877ad2bf3ff8ed34e29b524dc7497dd06aec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b8:21:d5:6a:58:88:09:d6:37:2d:70:3d:6e:
f3:f1:45:4d:6b:2e:d7:34:f2:7c:28:43:64:73:01:
5e:05:e9:99:02:92:1b:26:a5:02:a9:7b:ae:97:e2:
ce:b3:6e:7f:ad:43:61:55:46:45:9a:e2:e9:06:31:
17:60:2b:57:e4:a3:12:a8:3e:d5:a6:59:c8:2f:1f:
45:2e:4a:3a:ae:8d:a5:f5:73:f4:13:02:d0:b3:e5:
11:03:fa:da:3c:c4:ac:9b:b0:d0:4d:16:b5:8d:bf:
c5:fc:6e:31:69:67:5d:70:4d:18:13:8b:a0:25:ce:
ee:6a:27:18:7e:1b:fc:e5:e0:3a:43:33:f2:2e:27:
9a:12:b6:b8:50:24:3f:8e:51:93:ca:32:80:ea:a4:
57:b7:9d:0b:b9:b2:3f:06:ad:ed:95:ae:da:3a:a7:
4f:89:91:23:1f:72:07:eb:e1:fe:df:4d:d9:b4:05:
54:81:c8:de:75:0e:ad:82:65:16:ab:b9:6b:f6:db:
15:17:c5:1c:16:57:90:16:d4:ff:6b:50:05:aa:aa:
10:d8:3d:60:7b:d6:18:b3:60:42:2d:2e:a9:2c:07:
98:05:66:06:a5:12:15:a7:cc:c9:cc:34:58:2e:33:
5a:5e:ef:7a:69:8d:0b:45:ab:da:d5:b2:0c:db:95:
0d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E8:87:7A:D2:BF:3F:F8:ED:34:E2:9B:52:4D:C7:49:7D:D0:6A:EC
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1--iHetK_P_jtNOKbUk3HSX3Qauw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa02::/40
Signature Algorithm: sha256WithRSAEncryption
34:4b:89:ba:04:02:6a:13:03:2e:58:b7:c8:a7:42:e6:6f:6a:
d6:86:6f:97:10:87:bb:02:b1:5d:83:04:4e:51:7d:31:9a:9c:
e7:3d:ae:11:12:af:c8:0c:1b:f7:81:3c:4b:45:3e:48:a0:fb:
a3:be:76:08:dd:26:eb:39:1a:eb:29:b4:11:68:4e:79:ca:7f:
39:5f:84:2b:f9:3f:a4:e7:c0:ed:c0:8f:c7:c3:d9:f9:28:87:
c6:73:ab:d9:e2:26:25:a3:f1:a5:94:de:3f:64:02:b5:95:ff:
38:d8:f7:3d:cd:18:01:5e:a4:4f:0e:16:0f:84:94:96:22:ea:
65:8f:69:b4:d3:59:40:56:41:63:03:16:d1:90:38:d7:a4:f9:
9b:53:44:2f:a5:26:e0:61:17:2a:b5:77:35:09:0b:64:ef:4a:
21:72:e5:d5:f9:ba:65:4f:20:72:f6:8a:13:cc:24:6e:fc:20:
d5:30:66:17:9a:db:7d:46:74:ea:03:0e:cd:30:22:09:b6:cd:
63:03:24:b5:ae:2d:19:48:9a:4d:07:64:14:e8:b3:9e:c6:ba:
c0:53:1a:48:a0:43:c3:95:98:8e:38:9c:d4:dc:ff:e3:d3:86:
b9:21:0b:15:9b:af:79:40:f8:53:23:5d:4b:03:6d:6b:df:09:
5b:ff:8b:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbSBvKgO1QCAFq9+f8jtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU4ODc3YWQyYmYzZmY4ZWQzNGUyOWI1MjRkYzc0OTdkZDA2YWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7gh1WpYiAnWNy1wPW7z8UVNay7X
NPJ8KENkcwFeBemZApIbJqUCqXuul+LOs25/rUNhVUZFmuLpBjEXYCtX5KMSqD7V
plnILx9FLko6ro2l9XP0EwLQs+URA/raPMSsm7DQTRa1jb/F/G4xaWddcE0YE4ug
Jc7uaicYfhv85eA6QzPyLieaEra4UCQ/jlGTyjKA6qRXt50LubI/Bq3tla7aOqdP
iZEjH3IH6+H+303ZtAVUgcjedQ6tgmUWq7lr9tsVF8UcFleQFtT/a1AFqqoQ2D1g
e9YYs2BCLS6pLAeYBWYGpRIVp8zJzDRYLjNaXu96aY0LRava1bIM25UNTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPvoh3rSvz/47TTim1JNx0l90GrsMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvMS0taUhldEtfUF9qdE5PS2JVazNIU1gzUWF1dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUx
OS8xL2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoOqgIA
MA0GCSqGSIb3DQEBCwUAA4IBAQA0S4m6BAJqEwMuWLfIp0Lmb2rWhm+XEIe7ArFd
gwROUX0xmpznPa4REq/IDBv3gTxLRT5IoPujvnYI3SbrORrrKbQRaE55yn85X4Qr
+T+k58DtwI/Hw9n5KIfGc6vZ4iYlo/GllN4/ZAK1lf842Pc9zRgBXqRPDhYPhJSW
Iuplj2m001lAVkFjAxbRkDjXpPmbU0QvpSbgYRcqtXc1CQtk70ohcuXV+bplTyBy
9ooTzCRu/CDVMGYXmtt9RnTqAw7NMCIJts1jAyS1ri0ZSJpNB2QU6LOexrrAUxpI
oEPDlZiOOJzU3P/j04a5IQsVm695QPhTI11LA21r3wlb/4tE
-----END CERTIFICATE-----
Generated at Wed May 1 23:14:41 2024 by rpki-client on console-ams.rpki-client.org