Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/1-HL-OdOeoc0m0SATYXxQK6IgqQc.roa
File: 1-HL-OdOeoc0m0SATYXxQK6IgqQc.roa (raw, json)
Hash identifier: 7YFOgkqgjrMbvbKd11ARpbaiU+siCmXEjyRumeoxFjg=
Subject key identifier: F8:72:FE:39:D3:9E:A1:CD:26:D1:20:13:61:7C:50:2B:A2:20:A9:07
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 018CC80166F4F680C2807DFEF1BC6D8A9642
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/1-HL-OdOeoc0m0SATYXxQK6IgqQc.roa
Signing time: Tue 02 Jan 2024 02:29:44 +0000
ROA not before: Tue 02 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207200
IP address blocks: 2a0e:1cc0:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:66:f4:f6:80:c2:80:7d:fe:f1:bc:6d:8a:96:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 2 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f872fe39d39ea1cd26d12013617c502ba220a907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b1:6f:c6:52:d8:87:dc:05:a7:e3:df:ee:15:
0d:15:6e:6c:04:a6:1c:57:26:ba:b1:0a:b8:14:0b:
6b:d8:42:cf:31:99:98:d6:5f:bb:41:11:21:de:2f:
73:f5:78:01:60:22:ea:b4:b4:a3:a6:ab:a1:49:80:
ae:f9:61:51:38:7a:38:54:36:a2:8e:45:f8:b9:3b:
d8:dc:d9:93:4f:e6:81:57:ca:9a:73:f1:85:ec:08:
9e:b8:20:d6:d0:eb:ee:2f:40:77:f0:28:ae:d9:80:
b7:7f:15:c3:f1:5c:3d:95:b8:21:5e:f2:15:5b:03:
17:61:35:89:db:8b:08:7d:a1:79:5f:6b:83:8e:94:
97:45:1d:e2:08:e1:46:92:c2:fa:27:20:c4:bc:5c:
64:9d:14:f6:9e:16:51:11:31:8c:cc:ee:d2:0d:eb:
26:13:ef:5b:e7:b2:55:66:74:f1:70:14:c3:ce:ed:
51:76:9d:5f:16:48:b4:e5:d5:4a:2f:a8:ac:a1:86:
cf:50:59:ef:c6:51:20:f7:7c:a6:ca:41:58:b5:d1:
4b:31:69:f8:ee:17:5a:4e:51:45:a0:f7:17:c9:46:
f8:9a:a2:40:ae:ab:6f:17:21:c1:44:5a:b0:23:48:
25:84:51:28:66:d5:a2:ca:3c:21:80:ba:4d:d8:a1:
40:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:72:FE:39:D3:9E:A1:CD:26:D1:20:13:61:7C:50:2B:A2:20:A9:07
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/1-HL-OdOeoc0m0SATYXxQK6IgqQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1cc0:8::/48
Signature Algorithm: sha256WithRSAEncryption
0d:53:0d:3a:87:d3:af:5f:b7:32:83:cf:88:23:82:ea:e9:6a:
ba:af:99:30:1a:d2:86:e6:58:80:36:8a:93:3d:0c:c0:15:c3:
1c:15:ff:b8:43:80:6c:a0:3e:f5:cc:fe:d3:1b:77:07:8c:86:
6b:88:69:1d:9d:a7:49:9c:af:8d:a0:fc:be:41:66:df:fb:68:
11:9a:b5:a0:0b:86:c6:00:2a:db:8d:c6:7e:97:14:96:57:bc:
57:9f:3f:db:f6:5f:89:49:ee:1a:2c:e5:b5:aa:05:f3:92:30:
3e:47:8f:29:78:05:14:0e:b6:f7:87:bb:5b:3c:94:9a:2e:39:
2d:79:57:55:d8:17:73:9e:eb:69:ea:5a:c9:df:97:7b:c3:6c:
8e:a5:59:9b:fc:e2:37:3d:41:89:38:ab:7a:93:78:9f:bd:c9:
2d:dd:55:e2:12:6c:ca:fa:7d:4e:ab:6f:9f:5e:16:09:07:26:
31:06:7b:93:9a:e0:76:d4:f9:a0:b4:a1:50:49:96:b5:cf:ba:
e7:b2:5b:ca:07:89:4f:e6:a2:e8:1b:c5:7b:66:31:bc:cd:f8:
ec:b8:96:39:d2:2d:e9:0d:91:2b:ba:fe:c3:22:af:9f:10:98:
58:73:49:c7:a5:ee:46:fe:7f:64:58:ee:12:b7:c1:b3:e4:9a:
52:5f:4f:e0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzIAWb09oDCgH3+8bxtipZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjQwMTAyMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODcyZmUzOWQzOWVhMWNkMjZkMTIwMTM2MTdjNTAyYmEyMjBhOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLFvxlLYh9wFp+Pf7hUNFW5sBKYc
Vya6sQq4FAtr2ELPMZmY1l+7QREh3i9z9XgBYCLqtLSjpquhSYCu+WFROHo4VDai
jkX4uTvY3NmTT+aBV8qac/GF7AieuCDW0OvuL0B38Ciu2YC3fxXD8Vw9lbghXvIV
WwMXYTWJ24sIfaF5X2uDjpSXRR3iCOFGksL6JyDEvFxknRT2nhZRETGMzO7SDesm
E+9b57JVZnTxcBTDzu1Rdp1fFki05dVKL6isoYbPUFnvxlEg93ymykFYtdFLMWn4
7hdaTlFFoPcXyUb4mqJArqtvFyHBRFqwI0glhFEoZtWiyjwhgLpN2KFAZwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPhy/jnTnqHNJtEgE2F8UCuiIKkHMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvMS1ITC1PZE9lb2MwbTBTQVRZWHhRSzZJZ3FRYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvMWJiNGRkLWU5YzQtNGQzZC05YTNiLTExNTlkYmZiZWQ1
NC8xLzdqRTJmZmJSaGhCeHlTdXVjbVVqTW05RnVpby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOHMAA
CDANBgkqhkiG9w0BAQsFAAOCAQEADVMNOofTr1+3MoPPiCOC6ulquq+ZMBrShuZY
gDaKkz0MwBXDHBX/uEOAbKA+9cz+0xt3B4yGa4hpHZ2nSZyvjaD8vkFm3/toEZq1
oAuGxgAq243GfpcUlle8V58/2/ZfiUnuGizltaoF85IwPkePKXgFFA6294e7WzyU
mi45LXlXVdgXc57raepayd+Xe8NsjqVZm/ziNz1BiTirepN4n73JLd1V4hJsyvp9
Tqtvn14WCQcmMQZ7k5rgdtT5oLShUEmWtc+657JbygeJT+ai6BvFe2YxvM347LiW
OdIt6Q2RK7r+wyKvnxCYWHNJx6XuRv5/ZFjuErfBs+SaUl9P4A==
-----END CERTIFICATE-----
Generated at Fri May 24 15:45:49 2024 by rpki-client on console-ams.rpki-client.org