Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/dZiwVMkkjaV1ofB7uuhbpBmqitk.roa
File: dZiwVMkkjaV1ofB7uuhbpBmqitk.roa (raw, json)
Hash identifier: Fyym8JOmuUNZQ/FnpLzA0JSPbc+KUqXz2nuAOmwI5tw=
Subject key identifier: 75:98:B0:54:C9:24:8D:A5:75:A1:F0:7B:BA:E8:5B:A4:19:AA:8A:D9
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 018CC727166BCA3AD4FB3E637BE6DD266F7B
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/dZiwVMkkjaV1ofB7uuhbpBmqitk.roa
Signing time: Mon 01 Jan 2024 22:31:16 +0000
ROA not before: Mon 01 Jan 2024 22:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61230
IP address blocks: 2a0e:1107:10::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:16:6b:ca:3a:d4:fb:3e:63:7b:e6:dd:26:6f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 22:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7598b054c9248da575a1f07bbae85ba419aa8ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:80:c5:89:8d:da:be:db:5f:89:eb:43:06:
bb:e0:b0:ef:c9:c6:6f:93:f3:67:4b:cd:dc:5a:7a:
ce:bb:58:8c:8e:ee:4d:65:ca:b3:6d:c1:4e:0e:0d:
a4:df:9b:61:a2:05:1a:34:f1:02:45:56:0e:5f:31:
0a:f0:0d:a3:2f:93:b0:02:f8:15:4b:44:0a:75:0f:
ae:60:6f:b7:40:8b:4b:86:bb:ad:df:78:9a:5b:2b:
9d:95:01:29:08:6e:02:98:86:28:03:04:77:bb:ac:
76:c2:d1:f2:9c:51:fa:0b:fa:f2:07:ac:9a:d1:7f:
f5:89:82:04:41:a5:11:37:b8:b2:bc:59:ad:06:4e:
1e:1f:f8:65:f1:14:88:67:96:24:73:09:62:d0:43:
74:af:9e:ca:7a:78:48:7c:38:70:92:0f:84:bf:05:
8f:c9:84:d2:da:98:e3:bb:9e:62:5c:57:fa:a5:dc:
46:4b:d5:be:17:cf:30:84:78:d0:38:53:e0:12:c6:
7e:b4:f5:ef:9f:67:6f:89:a6:b8:c8:b3:8f:c0:59:
26:4e:9a:55:f2:9a:c5:39:98:d5:08:9d:4f:30:19:
88:0d:e4:4d:47:1f:8d:9d:30:4b:ca:5c:93:9f:03:
db:dc:92:d2:22:25:8e:0c:59:05:f1:a9:66:b5:c2:
9b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:98:B0:54:C9:24:8D:A5:75:A1:F0:7B:BA:E8:5B:A4:19:AA:8A:D9
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/dZiwVMkkjaV1ofB7uuhbpBmqitk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1107:10::/44
Signature Algorithm: sha256WithRSAEncryption
a7:32:e6:21:7c:36:45:1e:2c:01:83:c7:db:ae:a5:45:ea:d8:
3d:fa:6a:f9:67:f8:c2:73:27:97:be:13:90:b1:5e:9f:e0:c5:
72:da:77:44:8b:2c:19:e9:22:6d:9c:fa:31:0b:c2:1e:80:7d:
62:41:ba:2f:60:7b:15:bb:26:53:5d:b4:cc:33:0e:87:62:69:
ff:f6:cd:52:fb:82:d4:5a:b4:23:ff:46:6a:f5:00:17:ad:91:
eb:c6:e9:80:85:ff:68:b3:b7:14:7b:9f:ce:3a:cd:83:8c:6a:
9a:24:75:74:59:0a:55:92:3b:d6:5b:6b:51:2c:a2:01:a6:a0:
7a:a2:47:2d:b7:f1:bc:a9:4d:64:49:f5:d8:1e:b8:dc:e9:cc:
d0:6c:e4:5d:12:e0:14:30:2e:e8:43:9a:5b:c1:93:80:11:e1:
f0:aa:eb:31:b8:c0:2f:8b:81:e0:32:65:18:67:8c:da:3f:44:
8c:ed:dd:dd:61:fc:d6:ac:3c:4a:5c:87:02:ec:3a:26:eb:b3:
75:f0:c0:97:2c:ef:8d:81:f4:dd:e8:ad:bf:79:4b:e2:e1:a0:
de:08:b5:c6:3b:82:cf:2b:16:8c:14:3a:6e:41:0d:ff:a5:f3:
30:ed:15:66:6d:5a:9d:21:48:2d:29:b2:fe:02:f3:61:5b:15:
3b:9e:b9:80
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJxZryjrU+z5je+bdJm97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk4YjA1NGM5MjQ4ZGE1NzVhMWYwN2JiYWU4NWJhNDE5YWE4YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJSAxYmN2r7bX4nrQwa74LDvycZv
k/NnS83cWnrOu1iMju5NZcqzbcFODg2k35thogUaNPECRVYOXzEK8A2jL5OwAvgV
S0QKdQ+uYG+3QItLhrut33iaWyudlQEpCG4CmIYoAwR3u6x2wtHynFH6C/ryB6ya
0X/1iYIEQaURN7iyvFmtBk4eH/hl8RSIZ5Ykcwli0EN0r57KenhIfDhwkg+EvwWP
yYTS2pjju55iXFf6pdxGS9W+F88whHjQOFPgEsZ+tPXvn2dviaa4yLOPwFkmTppV
8prFOZjVCJ1PMBmIDeRNRx+NnTBLylyTnwPb3JLSIiWODFkF8almtcKbNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHWYsFTJJI2ldaHwe7roW6QZqorZMB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvZFppd1ZNa2tqYVYxb2ZCN3V1aGJwQm1xaXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg4RBwAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCnMuYhfDZFHiwBg8fbrqVF6tg9+mr5Z/jCcyeX
vhOQsV6f4MVy2ndEiywZ6SJtnPoxC8IegH1iQbovYHsVuyZTXbTMMw6HYmn/9s1S
+4LUWrQj/0Zq9QAXrZHrxumAhf9os7cUe5/OOs2DjGqaJHV0WQpVkjvWW2tRLKIB
pqB6okctt/G8qU1kSfXYHrjc6czQbORdEuAUMC7oQ5pbwZOAEeHwqusxuMAvi4Hg
MmUYZ4zaP0SM7d3dYfzWrDxKXIcC7Dom67N18MCXLO+NgfTd6K2/eUvi4aDeCLXG
O4LPKxaMFDpuQQ3/pfMw7RVmbVqdIUgtKbL+AvNhWxU7nrmA
-----END CERTIFICATE-----
Generated at Tue Nov 26 08:35:03 2024 by rpki-client on console-ams.rpki-client.org