Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/R2W8Nq6246WMpjEyUKm_NsQAx6k.roa
File: R2W8Nq6246WMpjEyUKm_NsQAx6k.roa (raw, json)
Hash identifier: Vp/uLLgwcLbp7RDu9MXrJ+hFhcQuNqcxTWIXP0ukL5k=
Subject key identifier: 47:65:BC:36:AE:B6:E3:A5:8C:A6:31:32:50:A9:BF:36:C4:00:C7:A9
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 018CC801538FB18C71582F1EECA645DB0EEF
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/R2W8Nq6246WMpjEyUKm_NsQAx6k.roa
Signing time: Tue 02 Jan 2024 02:29:39 +0000
ROA not before: Tue 02 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8990
IP address blocks: 2a01:7d80:a000::/35 maxlen: 35
2a01:7d80:2000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:53:8f:b1:8c:71:58:2f:1e:ec:a6:45:db:0e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Jan 2 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4765bc36aeb6e3a58ca6313250a9bf36c400c7a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:61:be:77:9f:65:c8:69:c2:76:69:d3:52:dd:
ef:8b:dc:f7:8b:cc:c2:4b:0f:61:ae:f1:7c:5d:ca:
d9:4f:f4:9d:76:23:3d:2a:6b:41:7e:6d:30:80:d4:
5f:97:25:25:f6:7c:62:20:25:ef:4d:08:22:ae:09:
fc:d3:09:ff:17:8e:13:b1:8b:89:1f:f0:f8:b6:90:
9a:4d:f8:10:59:97:58:2a:cf:4f:a3:2b:0b:55:60:
da:0e:5b:09:eb:aa:fa:9d:f1:94:50:60:5b:31:72:
ff:fc:76:30:ae:37:bc:7d:a7:c0:e0:1c:c9:f0:99:
b4:7e:31:4e:8c:27:a6:b2:9b:3d:f4:0b:60:e9:05:
70:85:1c:09:8f:32:de:28:fa:75:34:ba:82:fa:67:
1b:15:46:a1:b2:1f:b7:fd:8c:b1:1d:e2:2f:8c:94:
9c:f8:dd:38:f3:67:28:48:0c:bd:31:b7:ad:18:73:
eb:4a:0b:13:3b:68:fd:3d:0d:cb:f2:dc:1b:70:6b:
b7:8d:13:c0:9f:9a:bf:68:1f:d1:2c:ac:0b:77:f1:
cb:6e:e6:da:bf:35:b2:c3:db:40:f9:e5:00:c8:d3:
92:e9:01:b8:a7:22:21:a0:aa:1e:95:38:e6:c0:0d:
e9:10:54:1d:7e:b6:57:6e:12:54:ae:a7:12:9b:93:
1c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:65:BC:36:AE:B6:E3:A5:8C:A6:31:32:50:A9:BF:36:C4:00:C7:A9
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/R2W8Nq6246WMpjEyUKm_NsQAx6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:7d80:2000::/35
2a01:7d80:a000::/35
Signature Algorithm: sha256WithRSAEncryption
0a:1c:74:83:7e:05:3e:9a:8a:4a:39:83:00:e3:0c:ed:ff:37:
4f:a9:d3:38:50:b1:5b:27:48:c7:ab:34:c0:39:65:05:a5:d2:
21:8f:d6:b1:f9:ce:20:97:24:d7:4c:cf:8b:7f:54:78:32:76:
80:db:f3:25:33:84:c9:9b:cd:45:09:94:0f:d2:d6:38:90:b2:
59:1b:35:fb:cc:f3:ed:87:db:7d:f4:97:20:66:d4:8c:28:f2:
f8:a3:a1:99:5f:9a:eb:05:a9:55:f6:9c:b2:1d:8a:51:90:94:
bf:25:ac:36:5f:12:16:f5:89:40:e9:2a:ed:03:a6:83:d8:dc:
fe:93:0b:9a:d7:1c:5c:21:9d:0d:cf:f0:e0:ed:91:e9:71:90:
65:93:36:9c:b1:3d:f1:eb:f1:59:67:db:21:ba:2a:8e:d9:7c:
a2:10:0e:77:6a:51:8d:88:69:d4:f7:54:f5:f1:93:20:02:c8:
94:de:ac:b6:a2:0d:6e:74:10:7f:14:91:08:e6:09:f5:d1:26:
a0:e4:e0:7e:f4:00:d6:83:b8:32:29:98:06:f1:86:a9:25:04:
2c:fa:40:45:ef:fd:ba:94:f2:eb:47:99:51:5b:2b:ec:ea:b7:
87:4a:d4:60:36:04:34:49:a1:08:09:5b:e9:c6:a2:56:74:39:
dc:55:99:e7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzIAVOPsYxxWC8e7KZF2w7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjQwMTAyMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY1YmMzNmFlYjZlM2E1OGNhNjMxMzI1MGE5YmYzNmM0MDBjN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmG+d59lyGnCdmnTUt3vi9z3i8zC
Sw9hrvF8XcrZT/SddiM9KmtBfm0wgNRflyUl9nxiICXvTQgirgn80wn/F44TsYuJ
H/D4tpCaTfgQWZdYKs9PoysLVWDaDlsJ66r6nfGUUGBbMXL//HYwrje8fafA4BzJ
8Jm0fjFOjCemsps99Atg6QVwhRwJjzLeKPp1NLqC+mcbFUahsh+3/YyxHeIvjJSc
+N0482coSAy9MbetGHPrSgsTO2j9PQ3L8twbcGu3jRPAn5q/aB/RLKwLd/HLbuba
vzWyw9tA+eUAyNOS6QG4pyIhoKoelTjmwA3pEFQdfrZXbhJUrqcSm5MckwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEdlvDautuOljKYxMlCpvzbEAMepMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvUjJXOE5xNjI0NldNcGpFeVVLbV9Oc1FBeDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYFKgF9gCAD
BgUqAX2AoDANBgkqhkiG9w0BAQsFAAOCAQEAChx0g34FPpqKSjmDAOMM7f83T6nT
OFCxWydIx6s0wDllBaXSIY/WsfnOIJck10zPi39UeDJ2gNvzJTOEyZvNRQmUD9LW
OJCyWRs1+8zz7YfbffSXIGbUjCjy+KOhmV+a6wWpVfacsh2KUZCUvyWsNl8SFvWJ
QOkq7QOmg9jc/pMLmtccXCGdDc/w4O2R6XGQZZM2nLE98evxWWfbIboqjtl8ohAO
d2pRjYhp1PdU9fGTIALIlN6stqINbnQQfxSRCOYJ9dEmoOTgfvQA1oO4MimYBvGG
qSUELPpARe/9upTy60eZUVsr7Oq3h0rUYDYENEmhCAlb6caiVnQ53FWZ5w==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:43 2024 by rpki-client on console-ams.rpki-client.org