Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa
File: dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa (raw, json)
Hash identifier: /UoYW2ZRPLcJVYhJYvH5c/cKH9ILKkQKTgdgtxOZUyk=
Subject key identifier: 75:F0:ED:D4:CB:52:03:AD:E9:32:9F:52:41:71:73:CC:E9:42:4F:D4
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D91C1CA7F77F0EB9174D4A374266
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa
Signing time: Tue 02 Jan 2024 02:30:13 +0000
ROA not before: Tue 02 Jan 2024 02:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43992
IP address blocks: 2a09:7:2001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d9:1c:1c:a7:f7:7f:0e:b9:17:4d:4a:37:42:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75f0edd4cb5203ade9329f52417173cce9424fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e2:00:b7:ec:ed:ad:1e:f5:1b:0c:43:1a:23:
70:f9:a7:d7:b8:0e:23:01:d6:49:6b:28:37:42:61:
f8:9f:a4:67:fd:e9:bb:ea:2a:17:95:6a:44:94:7c:
2b:e6:07:27:d5:c1:da:ba:ad:72:db:cd:a7:3e:6a:
45:79:32:51:e6:2a:6d:be:68:95:17:24:17:46:36:
56:bc:96:2f:9c:eb:19:c6:4c:e8:b2:b8:40:1b:63:
2c:af:a8:e8:41:2e:87:47:65:5d:88:f8:e9:40:b5:
1d:19:c8:ab:c2:e2:4d:47:ad:1e:4b:b2:8f:db:dd:
35:ab:56:ac:d8:c0:b4:c7:5d:2c:d3:c8:d5:71:d3:
74:44:f7:04:00:23:05:c4:14:1a:2e:d5:d8:90:94:
94:f4:96:f0:a8:46:5d:4a:a1:7c:66:77:cf:03:12:
18:d7:a8:a4:b5:61:5a:51:f9:5a:b4:d8:94:76:19:
13:8e:d5:96:c8:f1:db:d4:35:b4:f3:d9:08:85:69:
7d:b6:40:70:a2:d7:84:49:af:f6:0d:13:6c:dd:e3:
c6:2e:20:f0:15:38:8c:26:66:f5:3e:04:49:42:eb:
bc:14:7b:70:ee:96:04:6d:1c:51:8a:83:05:c7:71:
ed:43:ef:2f:46:3d:8f:00:39:6c:5e:ff:48:2e:ac:
52:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F0:ED:D4:CB:52:03:AD:E9:32:9F:52:41:71:73:CC:E9:42:4F:D4
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfDt1MtSA63pMp9SQXFzzOlCT9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7:2001::/48
Signature Algorithm: sha256WithRSAEncryption
36:c3:96:7a:4c:4a:29:06:d2:bb:9c:b7:6c:76:f5:50:eb:05:
28:ee:27:51:f7:52:f2:05:5e:b9:19:6a:a4:e8:77:14:5a:e1:
84:5a:7a:9a:20:33:eb:8a:69:58:78:60:bd:c4:63:ef:d9:46:
87:98:22:4c:9f:f8:b6:01:4a:20:f9:1d:70:be:e6:0b:37:31:
b0:dc:93:b3:c9:2e:4f:5b:b8:b2:71:00:0b:3f:70:ed:13:b7:
d4:06:1d:14:aa:87:e0:c8:95:45:1e:2d:da:1b:83:b1:33:11:
d3:64:b2:3c:fd:06:e9:f7:7f:5c:d4:56:b0:09:26:a3:cb:8c:
32:7d:ce:d3:62:fd:51:5e:fe:b5:30:52:4d:ca:79:8d:b0:20:
dd:0d:39:69:75:90:c9:38:65:da:4b:93:80:1a:82:e4:b3:75:
0d:05:df:e2:31:9c:09:88:15:80:91:00:fe:b0:7b:1d:a1:b9:
41:3a:a8:09:e4:f9:df:89:e1:16:2a:ac:66:75:da:d0:06:84:
a2:5d:2d:39:74:b8:f0:96:ac:8b:6b:9c:5d:90:6e:86:46:59:
1b:2f:db:81:f4:62:73:db:a1:1f:3c:4a:d2:23:28:d2:3d:fa:
d8:c5:b3:19:17:94:01:36:da:82:78:85:ee:ba:68:c0:66:40:
00:cf:53:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAdkcHKf3fw65F01KN0JmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWYwZWRkNGNiNTIwM2FkZTkzMjlmNTI0MTcxNzNjY2U5NDI0ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1OIAt+ztrR71GwxDGiNw+afXuA4j
AdZJayg3QmH4n6Rn/em76ioXlWpElHwr5gcn1cHauq1y282nPmpFeTJR5iptvmiV
FyQXRjZWvJYvnOsZxkzosrhAG2Msr6joQS6HR2VdiPjpQLUdGcirwuJNR60eS7KP
2901q1as2MC0x10s08jVcdN0RPcEACMFxBQaLtXYkJSU9JbwqEZdSqF8ZnfPAxIY
16iktWFaUflatNiUdhkTjtWWyPHb1DW089kIhWl9tkBwoteESa/2DRNs3ePGLiDw
FTiMJmb1PgRJQuu8FHtw7pYEbRxRioMFx3HtQ+8vRj2PADlsXv9ILqxS2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHXw7dTLUgOt6TKfUkFxc8zpQk/UMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZGZEdDFNdFNBNjNwTXA5U1FYRnp6T2xDVDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkAByAB
MA0GCSqGSIb3DQEBCwUAA4IBAQA2w5Z6TEopBtK7nLdsdvVQ6wUo7idR91LyBV65
GWqk6HcUWuGEWnqaIDPrimlYeGC9xGPv2UaHmCJMn/i2AUog+R1wvuYLNzGw3JOz
yS5PW7iycQALP3DtE7fUBh0UqofgyJVFHi3aG4OxMxHTZLI8/Qbp939c1FawCSaj
y4wyfc7TYv1RXv61MFJNynmNsCDdDTlpdZDJOGXaS5OAGoLks3UNBd/iMZwJiBWA
kQD+sHsdoblBOqgJ5PnfieEWKqxmddrQBoSiXS05dLjwlqyLa5xdkG6GRlkbL9uB
9GJz26EfPErSIyjSPfrYxbMZF5QBNtqCeIXuumjAZkAAz1Nr
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:55:50 2024 by rpki-client on console-ams.rpki-client.org