Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/o25xEG7aL65n1z8XBE99M3Bf-_g.roa
File: o25xEG7aL65n1z8XBE99M3Bf-_g.roa (raw, json)
Hash identifier: ohNGWjjtm1xdjaCPM1oQwUFOJ4eJ49JtocASO0nJkfM=
Subject key identifier: A3:6E:71:10:6E:DA:2F:AE:67:D7:3F:17:04:4F:7D:33:70:5F:FB:F8
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018CC3488EB89B368239549F1FB795C4B494
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/o25xEG7aL65n1z8XBE99M3Bf-_g.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:fd80:a03::/48 maxlen: 48
2a0e:fd80:a04::/48 maxlen: 48
2a0e:fd80:a05::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8e:b8:9b:36:82:39:54:9f:1f:b7:95:c4:b4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a36e71106eda2fae67d73f17044f7d33705ffbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2d:e5:e9:1c:83:c6:ad:76:71:46:19:bc:98:
b8:b6:a5:d3:20:7a:b5:c3:9c:7b:1b:73:14:10:de:
1b:33:f9:a9:30:9e:80:3d:98:c0:b9:09:48:01:b7:
62:e4:02:0b:31:6e:c4:9c:a0:f8:4e:e9:2c:23:4d:
88:6d:e7:ac:34:76:08:7b:5e:a7:3d:ce:c7:5f:55:
e8:d4:65:89:04:5e:31:88:2f:82:0f:77:90:b8:06:
2a:5e:10:1b:ef:50:6b:3e:fc:6c:61:1b:55:c5:46:
00:16:af:ab:1d:75:fc:00:ad:56:8b:c7:b9:1a:71:
b4:db:05:ae:6e:1c:67:28:82:9f:08:ea:b8:5e:31:
9c:8b:70:95:6c:a4:69:bc:04:b4:86:db:3e:4c:32:
39:4c:1a:7a:03:b8:b3:83:b2:49:41:bf:e1:d6:4d:
07:2f:22:f8:73:15:36:93:25:17:d1:14:d0:43:85:
d2:6c:cc:f4:65:4c:79:56:22:25:c1:d9:7e:91:8b:
fa:31:c3:50:37:73:aa:e7:ee:d1:f6:a0:e1:7f:78:
f0:33:91:11:de:0f:f9:ba:de:65:b2:3f:15:ba:c6:
06:59:3f:e9:98:4d:88:2e:5b:f6:89:7d:3b:f3:4d:
07:c1:5a:d6:19:f1:85:6b:37:68:70:9f:b6:a6:b4:
2d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6E:71:10:6E:DA:2F:AE:67:D7:3F:17:04:4F:7D:33:70:5F:FB:F8
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/o25xEG7aL65n1z8XBE99M3Bf-_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd80:a03::-2a0e:fd80:a05:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:ea:37:1b:2d:6d:7c:6b:7c:35:83:2e:3f:64:db:53:39:4b:
07:e9:cc:21:b3:18:88:0c:1b:17:d8:1b:90:1b:b9:93:ad:9f:
8c:a0:53:c6:ee:e7:70:f1:26:bb:b7:e7:2e:7a:92:31:e4:8f:
ad:2b:2d:0a:32:e9:69:38:8e:cf:03:51:e4:59:5d:ee:e8:29:
95:34:6f:a3:b6:8b:65:bb:18:e9:80:fb:7a:e2:36:96:d4:cc:
78:97:42:51:5b:06:74:82:44:ea:61:44:01:39:a1:4c:1b:54:
c8:00:40:b4:b8:28:e7:8e:8b:63:de:8a:5a:50:3b:6e:e7:bd:
b1:2c:5c:51:93:16:df:cf:0d:b4:93:71:1f:49:10:a8:fd:eb:
14:cb:b2:5e:3c:e3:a8:ba:4d:f0:cf:d6:63:de:ee:05:f4:55:
28:06:f2:32:a5:4c:6d:bb:fa:43:74:34:26:f1:31:01:77:95:
47:0f:68:9c:a5:8f:f7:33:a6:12:55:36:cf:66:1f:ac:c0:31:
e4:ed:e0:74:e2:b0:f4:72:6a:70:f1:4d:74:dc:69:2f:2c:01:
68:06:46:34:86:4f:90:9a:7f:72:d9:8e:f6:11:b1:fd:3f:6c:
0a:33:56:07:0e:83:fb:ea:d3:1d:05:ec:d5:0a:0f:2a:30:b7:
e1:11:dd:d0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDSI64mzaCOVSfH7eVxLSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzZlNzExMDZlZGEyZmFlNjdkNzNmMTcwNDRmN2QzMzcwNWZmYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi3l6RyDxq12cUYZvJi4tqXTIHq1
w5x7G3MUEN4bM/mpMJ6APZjAuQlIAbdi5AILMW7EnKD4TuksI02IbeesNHYIe16n
Pc7HX1Xo1GWJBF4xiC+CD3eQuAYqXhAb71BrPvxsYRtVxUYAFq+rHXX8AK1Wi8e5
GnG02wWubhxnKIKfCOq4XjGci3CVbKRpvAS0hts+TDI5TBp6A7izg7JJQb/h1k0H
LyL4cxU2kyUX0RTQQ4XSbMz0ZUx5ViIlwdl+kYv6McNQN3Oq5+7R9qDhf3jwM5ER
3g/5ut5lsj8VusYGWT/pmE2ILlv2iX07800HwVrWGfGFazdocJ+2prQtCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKNucRBu2i+uZ9c/FwRPfTNwX/v4MB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvbzI1eEVHN2FMNjVuMXo4WEJFOTlNM0JmLV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDv2A
CgMDBwEqDv2ACgQwDQYJKoZIhvcNAQELBQADggEBAHTqNxstbXxrfDWDLj9k21M5
SwfpzCGzGIgMGxfYG5AbuZOtn4ygU8bu53DxJru35y56kjHkj60rLQoy6Wk4js8D
UeRZXe7oKZU0b6O2i2W7GOmA+3riNpbUzHiXQlFbBnSCROphRAE5oUwbVMgAQLS4
KOeOi2PeilpQO27nvbEsXFGTFt/PDbSTcR9JEKj96xTLsl4846i6TfDP1mPe7gX0
VSgG8jKlTG27+kN0NCbxMQF3lUcPaJylj/czphJVNs9mH6zAMeTt4HTisPRyanDx
TXTcaS8sAWgGRjSGT5Caf3LZjvYRsf0/bAozVgcOg/vq0x0F7NUKDyowt+ER3dA=
-----END CERTIFICATE-----
Generated at Thu May 2 15:41:20 2024 by rpki-client on console-fra.rpki-client.org