Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/LmQ5QFvr12louAOsisdeK0Wn8X8.roa
File: LmQ5QFvr12louAOsisdeK0Wn8X8.roa (raw, json)
Hash identifier: 0YvaypcJiCqC8Pr2sLafMCRqx1mRweLEsMkJOI/U6N4=
Subject key identifier: 2E:64:39:40:5B:EB:D7:69:68:B8:03:AC:8A:C7:5E:2B:45:A7:F1:7F
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018CC3488E1EAB0E07A04E33CB3611DC6C07
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/LmQ5QFvr12louAOsisdeK0Wn8X8.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0e:fd80:a03::/48 maxlen: 48
2a0e:fd80:a04::/48 maxlen: 48
2a0e:fd80:a05::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 16:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8e:1e:ab:0e:07:a0:4e:33:cb:36:11:dc:6c:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e6439405bebd76968b803ac8ac75e2b45a7f17f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:a8:c6:20:7f:c5:71:5a:db:f9:14:e4:14:
38:a2:39:53:1e:42:1d:c4:84:7e:92:6b:33:2e:00:
25:f4:30:f5:09:98:be:a5:a1:2d:aa:81:d7:ab:84:
18:69:cf:99:4f:fc:82:f2:44:b0:de:64:12:3c:1e:
4d:be:3f:92:de:5c:ee:22:00:2e:ad:81:79:4a:e6:
b4:65:86:c0:88:47:f5:3d:bb:bc:16:c7:44:bd:62:
2f:86:b4:ef:63:41:e2:d1:ef:f8:41:0a:2a:30:81:
02:d0:a7:ed:2c:9c:f3:68:b7:ce:09:00:64:32:d6:
b2:91:04:4a:01:9c:17:b1:eb:cc:41:81:b3:8d:ce:
46:a8:73:d7:76:09:1c:6c:af:36:df:9e:0e:a5:5a:
26:e5:78:e9:d0:5e:e0:ef:9d:c4:96:fa:78:3a:bb:
40:f8:2f:b5:17:4a:e9:32:cb:ae:a5:4c:8d:f6:33:
97:ce:4e:3d:4f:90:88:58:06:86:b3:c0:27:31:51:
e3:4e:09:34:ac:47:99:a2:b2:34:68:46:2d:c7:b6:
c1:4d:67:a0:83:29:91:46:5b:42:1b:37:21:f0:42:
b2:15:53:6a:32:b1:02:a1:73:b6:bd:e4:cb:f0:5d:
f5:ac:0d:b7:03:d8:70:68:44:1e:16:24:44:10:a5:
40:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:64:39:40:5B:EB:D7:69:68:B8:03:AC:8A:C7:5E:2B:45:A7:F1:7F
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/LmQ5QFvr12louAOsisdeK0Wn8X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd80:a03::-2a0e:fd80:a05:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6a:85:2e:18:23:1d:5e:27:9f:15:1c:e6:b6:3e:f6:42:71:62:
07:17:be:22:2b:d1:24:46:d5:f5:ca:2e:07:33:67:28:88:f8:
79:78:69:e9:0d:f3:eb:7b:a6:7d:d8:49:2c:75:0b:a1:f0:35:
36:7f:a0:af:ba:01:90:77:f6:d8:0e:3b:16:5d:8f:5b:7f:c3:
c5:d6:b1:7c:de:7e:6f:9e:0b:7b:9e:8a:b3:a6:08:33:7b:2c:
7b:09:2f:09:95:c4:f7:36:14:62:ce:c4:d7:16:e5:7f:ec:7c:
4c:2b:70:7e:07:af:f3:c4:60:79:63:5c:fd:87:a9:d3:35:0b:
2b:71:13:5d:db:64:a2:3c:be:f8:79:6b:18:5c:dc:71:e5:2b:
17:76:c9:da:97:1d:65:48:8a:70:75:aa:10:2a:94:a1:89:0b:
c1:1a:b8:01:aa:b9:0f:45:f7:a5:d7:e4:08:e0:a5:ea:00:a1:
64:e0:de:bf:1e:4a:31:83:a0:b6:96:19:17:56:3f:61:c2:63:
6e:1b:19:d8:b4:24:77:a5:9d:74:08:22:e7:13:55:91:f3:75:
ff:5d:76:ef:55:e2:b6:4b:6b:f8:94:d5:5b:ad:3c:4a:20:47:
bd:42:ba:d6:8e:8f:96:8b:19:ee:1f:c3:38:da:ec:f1:c4:e8:
53:de:4a:c5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDSI4eqw4HoE4zyzYR3GwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTY0Mzk0MDViZWJkNzY5NjhiODAzYWM4YWM3NWUyYjQ1YTdmMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutSoxiB/xXFa2/kU5BQ4ojlTHkId
xIR+kmszLgAl9DD1CZi+paEtqoHXq4QYac+ZT/yC8kSw3mQSPB5Nvj+S3lzuIgAu
rYF5Sua0ZYbAiEf1Pbu8FsdEvWIvhrTvY0Hi0e/4QQoqMIEC0KftLJzzaLfOCQBk
MtaykQRKAZwXsevMQYGzjc5GqHPXdgkcbK82354OpVom5Xjp0F7g753Elvp4OrtA
+C+1F0rpMsuupUyN9jOXzk49T5CIWAaGs8AnMVHjTgk0rEeZorI0aEYtx7bBTWeg
gymRRltCGzch8EKyFVNqMrECoXO2veTL8F31rA23A9hwaEQeFiREEKVA1QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC5kOUBb69dpaLgDrIrHXitFp/F/MB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvTG1RNVFGdnIxMmxvdUFPc2lzZGVLMFduOFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDv2A
CgMDBwEqDv2ACgQwDQYJKoZIhvcNAQELBQADggEBAGqFLhgjHV4nnxUc5rY+9kJx
YgcXviIr0SRG1fXKLgczZyiI+Hl4aekN8+t7pn3YSSx1C6HwNTZ/oK+6AZB39tgO
OxZdj1t/w8XWsXzefm+eC3ueirOmCDN7LHsJLwmVxPc2FGLOxNcW5X/sfEwrcH4H
r/PEYHljXP2HqdM1CytxE13bZKI8vvh5axhc3HHlKxd2ydqXHWVIinB1qhAqlKGJ
C8EauAGquQ9F96XX5AjgpeoAoWTg3r8eSjGDoLaWGRdWP2HCY24bGdi0JHelnXQI
IucTVZHzdf9ddu9V4rZLa/iU1VutPEogR71CutaOj5aLGe4fwzja7PHE6FPeSsU=
-----END CERTIFICATE-----
Generated at Thu May 2 02:07:02 2024 by rpki-client on console-fra.rpki-client.org