Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/nTT__ogLWA4tZIC_2nUWxECfh-I.roa
File: nTT__ogLWA4tZIC_2nUWxECfh-I.roa (raw, json)
Hash identifier: 7+a3W/a6shcBPkpkp62MjvKZlkBBPOLgdKEPaGAgllY=
Subject key identifier: 9D:34:FF:FE:88:0B:58:0E:2D:64:80:BF:DA:75:16:C4:40:9F:87:E2
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 018CC80175BE87525268B8E2710D96A6274F
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/nTT__ogLWA4tZIC_2nUWxECfh-I.roa
Signing time: Tue 02 Jan 2024 02:29:48 +0000
ROA not before: Tue 02 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 2001:4c08:2006::/48 maxlen: 48
2001:4c08:201e::/48 maxlen: 48
2001:4c08:2007::/48 maxlen: 48
2001:4c08:2002::/48 maxlen: 48
2001:4c08:2012::/48 maxlen: 48
2001:4c08:2005::/48 maxlen: 48
2001:4c08:2018::/48 maxlen: 48
2001:4c08:2008::/48 maxlen: 48
2001:4c08:2020::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Sep 2024 16:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:75:be:87:52:52:68:b8:e2:71:0d:96:a6:27:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d34fffe880b580e2d6480bfda7516c4409f87e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:06:a6:2e:01:d7:00:c6:36:51:5d:d8:4d:0e:
48:3b:e9:2f:62:b2:67:cd:21:ea:7a:61:f0:34:d1:
b1:8e:1b:54:80:7b:95:36:8a:45:34:cc:27:5c:73:
04:e6:6b:e2:3f:d5:fe:9f:01:93:73:c5:3f:92:1c:
3d:34:72:00:30:60:82:ad:5d:27:98:35:8e:e9:74:
88:12:86:3e:8b:16:e3:a5:39:fc:3b:dc:53:e6:36:
02:c5:08:80:59:b9:6b:c8:c7:f3:c2:4f:89:e9:66:
65:ec:c7:26:23:f1:06:c3:4c:ba:c0:d6:79:b4:12:
b4:41:9c:19:43:3f:e7:ab:0a:f3:65:22:38:23:16:
24:46:42:f0:2f:a9:66:fd:ed:cb:e0:58:9d:ee:be:
2e:10:79:e6:2c:33:f2:6b:24:2d:b2:42:8d:49:18:
0c:2a:96:b5:5f:52:52:47:75:40:36:00:d0:18:3c:
15:87:62:70:6d:fe:40:55:b8:7d:6c:09:9b:75:30:
a5:e5:81:95:fc:66:90:8d:91:83:8d:de:4f:14:4d:
4c:c6:0a:4c:37:70:7d:72:4e:3a:22:1d:e2:37:6c:
6e:5a:f7:a2:56:48:88:a6:09:c5:0a:16:26:89:a8:
e0:4c:ef:d8:86:96:11:8a:5a:c4:ec:f7:df:34:57:
76:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:34:FF:FE:88:0B:58:0E:2D:64:80:BF:DA:75:16:C4:40:9F:87:E2
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/nTT__ogLWA4tZIC_2nUWxECfh-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4c08:2002::/48
2001:4c08:2005::-2001:4c08:2008:ffff:ffff:ffff:ffff:ffff
2001:4c08:2012::/48
2001:4c08:2018::/48
2001:4c08:201e::/48
2001:4c08:2020::/48
Signature Algorithm: sha256WithRSAEncryption
c5:16:91:58:16:34:f4:6c:4d:fc:e1:c5:0e:df:c8:21:42:41:
8e:7a:8e:7b:4d:d1:fa:fa:62:ca:ca:1c:7b:78:ed:84:0f:24:
a6:a4:58:70:ee:dc:12:c6:20:52:fa:95:bd:47:08:23:f5:d9:
52:a1:c3:c0:37:d4:28:b3:5f:97:eb:19:27:1b:92:d4:9d:c8:
c5:dd:b4:10:b1:65:64:c4:9b:da:91:9c:ef:88:cd:46:0e:cf:
ca:ad:a1:01:33:59:d1:a6:b4:ef:39:31:18:0a:72:be:3c:b2:
58:81:b8:26:9a:1b:9a:7d:36:5f:af:a3:5a:69:3c:d2:ab:26:
f5:f1:54:79:1b:cc:c4:a7:16:7a:1b:1e:3e:42:22:04:59:2a:
95:0f:34:a0:7f:1a:4e:f3:9e:12:5b:a4:cb:0f:05:98:ae:c9:
a3:c0:e6:5d:fa:c6:d1:9c:b0:18:c8:e7:04:fc:e3:b8:01:7f:
48:0c:54:e1:d1:a5:26:f2:15:e5:87:37:b6:a5:e0:28:6e:cc:
64:4f:7d:c6:95:84:ed:0d:57:d7:91:a4:a6:9d:ce:54:73:35:
5f:14:a1:3b:f7:70:c9:b7:6b:dd:5e:44:51:94:d0:b4:98:95:
55:20:ab:06:a6:1b:7c:06:e3:fe:58:63:65:5a:a9:47:8b:ec:
8a:eb:ed:3b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzIAXW+h1JSaLjicQ2WpidPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjQwMTAyMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM0ZmZmZTg4MGI1ODBlMmQ2NDgwYmZkYTc1MTZjNDQwOWY4N2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQamLgHXAMY2UV3YTQ5IO+kvYrJn
zSHqemHwNNGxjhtUgHuVNopFNMwnXHME5mviP9X+nwGTc8U/khw9NHIAMGCCrV0n
mDWO6XSIEoY+ixbjpTn8O9xT5jYCxQiAWblryMfzwk+J6WZl7McmI/EGw0y6wNZ5
tBK0QZwZQz/nqwrzZSI4IxYkRkLwL6lm/e3L4Fid7r4uEHnmLDPyayQtskKNSRgM
Kpa1X1JSR3VANgDQGDwVh2Jwbf5AVbh9bAmbdTCl5YGV/GaQjZGDjd5PFE1MxgpM
N3B9ck46Ih3iN2xuWveiVkiIpgnFChYmiajgTO/YhpYRilrE7PffNFd2zQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJ00//6IC1gOLWSAv9p1FsRAn4fiMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvblRUX19vZ0xXQTR0WklDXzJuVVd4RUNmaC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAIAFMCCAC
MBIDBwAgAUwIIAUDBwAgAUwIIAgDBwAgAUwIIBIDBwAgAUwIIBgDBwAgAUwIIB4D
BwAgAUwIICAwDQYJKoZIhvcNAQELBQADggEBAMUWkVgWNPRsTfzhxQ7fyCFCQY56
jntN0fr6YsrKHHt47YQPJKakWHDu3BLGIFL6lb1HCCP12VKhw8A31CizX5frGScb
ktSdyMXdtBCxZWTEm9qRnO+IzUYOz8qtoQEzWdGmtO85MRgKcr48sliBuCaaG5p9
Nl+vo1ppPNKrJvXxVHkbzMSnFnobHj5CIgRZKpUPNKB/Gk7znhJbpMsPBZiuyaPA
5l36xtGcsBjI5wT847gBf0gMVOHRpSbyFeWHN7al4ChuzGRPfcaVhO0NV9eRpKad
zlRzNV8UoTv3cMm3a91eRFGU0LSYlVUgqwamG3wG4/5YY2VaqUeL7Irr7Ts=
-----END CERTIFICATE-----
Generated at Tue Sep 17 20:41:03 2024 by rpki-client on console-ams.rpki-client.org