Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/SQmLAWvWqg2QdvVz9BythydvCno.roa
File: SQmLAWvWqg2QdvVz9BythydvCno.roa (raw, json)
Hash identifier: 0QWBg1nIS/9o6gtR4m5gISwsUmAYmuSf+ky2m8Fcd9g=
Subject key identifier: 49:09:8B:01:6B:D6:AA:0D:90:76:F5:73:F4:1C:AD:87:27:6F:0A:7A
Certificate issuer: /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial: 018DA30309CCBB80E6C13E56DFE3758F3AE9
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/SQmLAWvWqg2QdvVz9BythydvCno.roa
Signing time: Tue 13 Feb 2024 15:08:21 +0000
ROA not before: Tue 13 Feb 2024 15:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204033
IP address blocks: 2a13:3d00:abc::/48 maxlen: 48
2a13:3d00:fff0::/48 maxlen: 48
2a13:3d00:fff1::/48 maxlen: 48
2a13:3d00:fff2::/48 maxlen: 48
2a13:3d00:fff3::/48 maxlen: 48
2a13:3d00:fff4::/48 maxlen: 48
2a13:3d00:fff5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a3:03:09:cc:bb:80:e6:c1:3e:56:df:e3:75:8f:3a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Validity
Not Before: Feb 13 15:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49098b016bd6aa0d9076f573f41cad87276f0a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7d:d9:fe:54:04:98:35:dc:eb:d0:ea:bd:5b:
c8:18:30:e0:6f:17:8b:1b:46:5e:c3:f5:b0:61:a7:
ce:41:83:bf:a5:e2:58:84:96:f1:85:c9:df:83:ff:
79:9d:73:e6:2b:35:39:8d:e3:b2:fd:cd:cf:dd:b1:
03:c8:82:00:7f:1e:f1:83:4a:a1:16:1e:69:f3:65:
70:38:0f:0c:65:95:f0:f7:82:c9:57:ed:e4:5b:d4:
86:68:83:35:3b:b0:c7:29:5f:c7:be:8d:c3:0b:5d:
81:4e:0c:58:2b:95:e6:96:3a:52:ef:12:64:3f:03:
2f:1b:6f:d2:76:fe:ce:a6:46:f9:54:bb:87:c5:80:
c8:b3:b8:06:52:c8:c9:fc:61:ae:34:09:04:e2:54:
69:3b:c2:b4:98:86:6a:0b:63:0d:32:97:34:f9:39:
13:6c:f4:31:40:b2:54:a9:0d:fc:6b:c9:f0:49:d1:
01:f5:4f:4c:5d:05:a0:c4:9a:ee:78:ef:68:51:b0:
d7:79:26:27:91:c3:04:47:2a:7c:de:20:23:86:6e:
42:03:23:31:46:ca:23:d0:2b:02:18:76:8f:cf:46:
6f:48:95:fc:8e:88:7c:b1:8f:a1:86:56:f7:18:03:
52:a0:fb:09:be:dc:b7:cd:84:b4:b5:5a:4d:c0:97:
41:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:09:8B:01:6B:D6:AA:0D:90:76:F5:73:F4:1C:AD:87:27:6F:0A:7A
X509v3 Authority Key Identifier:
keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/SQmLAWvWqg2QdvVz9BythydvCno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3d00:abc::/48
2a13:3d00:fff0::-2a13:3d00:fff5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4b:62:50:b3:9b:05:d6:46:cc:aa:66:57:b0:8c:dc:17:d8:20:
eb:58:57:b5:4f:8a:39:e8:9e:18:42:3f:2c:c4:0f:d7:e5:92:
36:9b:b6:06:f0:47:c0:47:46:aa:ad:99:fc:ea:2b:db:a6:ee:
bd:3b:20:ae:44:f2:af:eb:4e:4f:d0:80:fd:e7:f8:cf:0d:c7:
b2:9e:99:2d:da:30:91:ed:af:66:9a:ae:f2:d0:aa:8d:9e:85:
2e:b7:ab:bb:13:5b:8c:c0:2d:41:41:4a:46:6e:9e:37:9f:7d:
e5:87:bf:2e:d9:5e:e5:5d:7e:73:c9:cf:f6:09:c7:d7:fa:0d:
fc:14:56:33:b0:8d:b1:d3:69:c3:b8:7c:55:9b:40:63:a4:8a:
2d:00:c2:b1:22:f8:89:af:a7:a4:83:a2:9e:72:89:7a:c2:37:
13:cd:1f:30:49:07:9f:e0:4e:d8:29:56:ce:80:eb:c7:0b:f3:
56:62:e1:a8:d3:34:d7:fc:20:45:45:6f:1c:4f:e5:da:ce:86:
6c:8d:63:74:61:0d:19:27:16:87:b7:6f:2d:e7:a5:25:25:6f:
12:af:6e:1b:92:e6:fd:b2:75:11:c8:0b:ba:22:cd:9f:3c:46:
a5:7e:10:ef:b7:23:b1:c6:06:38:bb:d1:04:43:a1:8a:b3:5a:
92:cf:5d:30
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY2jAwnMu4DmwT5W3+N1jzrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjQwMjEzMTUwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTA5OGIwMTZiZDZhYTBkOTA3NmY1NzNmNDFjYWQ4NzI3NmYwYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyH3Z/lQEmDXc69DqvVvIGDDgbxeL
G0Zew/WwYafOQYO/peJYhJbxhcnfg/95nXPmKzU5jeOy/c3P3bEDyIIAfx7xg0qh
Fh5p82VwOA8MZZXw94LJV+3kW9SGaIM1O7DHKV/Hvo3DC12BTgxYK5XmljpS7xJk
PwMvG2/Sdv7Opkb5VLuHxYDIs7gGUsjJ/GGuNAkE4lRpO8K0mIZqC2MNMpc0+TkT
bPQxQLJUqQ38a8nwSdEB9U9MXQWgxJrueO9oUbDXeSYnkcMERyp83iAjhm5CAyMx
Rsoj0CsCGHaPz0ZvSJX8joh8sY+hhlb3GANSoPsJvty3zYS0tVpNwJdBIwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEkJiwFr1qoNkHb1c/QcrYcnbwp6MB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEvU1FtTEFXdldxZzJRZHZWejlCeXRoeWR2Q25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKhM9AAq8
MBIDBwQqEz0A//ADBwEqEz0A//QwDQYJKoZIhvcNAQELBQADggEBAEtiULObBdZG
zKpmV7CM3BfYIOtYV7VPijnonhhCPyzED9flkjabtgbwR8BHRqqtmfzqK9um7r07
IK5E8q/rTk/QgP3n+M8Nx7KemS3aMJHtr2aarvLQqo2ehS63q7sTW4zALUFBSkZu
njeffeWHvy7ZXuVdfnPJz/YJx9f6DfwUVjOwjbHTacO4fFWbQGOkii0AwrEi+Imv
p6SDop5yiXrCNxPNHzBJB5/gTtgpVs6A68cL81Zi4ajTNNf8IEVFbxxP5drOhmyN
Y3RhDRknFoe3by3npSUlbxKvbhuS5v2ydRHIC7oizZ88RqV+EO+3I7HGBji70QRD
oYqzWpLPXTA=
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:50:00 2024 by rpki-client on console-fra.rpki-client.org