Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/cJuNi8K4sf1w1EAPmqDomjSgOOM.roa
File: cJuNi8K4sf1w1EAPmqDomjSgOOM.roa (raw, json)
Hash identifier: x36DzgzWAcl9qpW4ldWRdgao2htuy6KmN0AFJxznOSY=
Subject key identifier: 70:9B:8D:8B:C2:B8:B1:FD:70:D4:40:0F:9A:A0:E8:9A:34:A0:38:E3
Certificate issuer: /CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Certificate serial: 018EBAAEAFA5C9971661AF54F8EC74BEC986
Authority key identifier: C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/cJuNi8K4sf1w1EAPmqDomjSgOOM.roa
Signing time: Sun 07 Apr 2024 22:29:54 +0000
ROA not before: Sun 07 Apr 2024 22:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62155
IP address blocks: 2a04:a680::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ba:ae:af:a5:c9:97:16:61:af:54:f8:ec:74:be:c9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Validity
Not Before: Apr 7 22:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=709b8d8bc2b8b1fd70d4400f9aa0e89a34a038e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d6:03:98:fe:35:ed:e8:76:eb:27:c6:1f:c5:
51:61:5b:1c:be:13:1f:22:8f:2f:8f:3a:5e:3d:40:
ac:a0:b4:22:d0:fb:9b:16:40:24:d6:2d:2a:35:f7:
ed:ad:99:4d:21:6d:cd:32:59:71:c3:f8:7e:2e:79:
2e:3e:6e:1a:8a:76:d6:ec:ba:8c:87:85:5e:55:34:
83:c0:ac:df:37:ff:c2:87:80:13:0e:30:c0:4e:3e:
8a:55:af:4d:45:b2:76:2e:b1:70:62:61:8c:fb:d5:
90:cc:fd:16:78:04:e4:21:6b:5d:e1:0a:33:90:46:
95:14:58:60:99:df:8d:94:a8:c8:4f:0e:87:2c:82:
57:84:ea:e9:71:75:a0:6d:28:7b:7b:3f:09:b7:b8:
e0:87:a6:fa:89:19:b5:80:73:d8:cb:5a:f2:16:1e:
8b:2d:d0:f6:e9:94:39:79:ba:53:ee:9b:79:03:7d:
c5:43:1a:67:72:22:c8:c0:25:12:42:01:67:ff:ef:
e1:07:da:cb:00:40:32:9f:51:ef:e6:ef:75:b1:b6:
bd:ce:aa:a7:42:ca:fe:39:36:11:36:38:01:40:f9:
94:26:a5:4e:d1:43:3e:e0:cf:8d:3d:fe:af:6a:50:
c6:2c:8c:c9:89:bf:21:5c:4a:c7:ae:4c:22:4b:2f:
30:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9B:8D:8B:C2:B8:B1:FD:70:D4:40:0F:9A:A0:E8:9A:34:A0:38:E3
X509v3 Authority Key Identifier:
keyid:C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/cJuNi8K4sf1w1EAPmqDomjSgOOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a680::/30
Signature Algorithm: sha256WithRSAEncryption
17:7c:68:7e:67:c1:32:d1:27:97:20:65:6b:42:a8:78:45:52:
94:7a:6e:55:64:6f:23:75:47:75:5c:4a:62:1e:26:87:8d:86:
d8:eb:75:aa:ba:41:0a:07:13:73:95:b5:fd:8f:92:f4:90:83:
1f:7e:f0:62:4f:34:46:28:a5:e4:48:40:00:8f:a3:3e:fe:65:
9d:04:f4:22:21:f6:d5:64:a3:21:b8:3c:9e:3a:6a:21:a4:23:
a5:a7:64:24:b4:be:d7:9a:9c:23:e8:d6:40:28:42:76:79:cb:
c9:56:40:e4:25:67:b9:21:0b:0a:76:03:9e:9d:96:47:94:a7:
ff:b8:d4:15:7d:a7:8c:bb:1b:48:73:3c:c2:f6:b1:d2:9e:6b:
23:38:bf:b4:d5:fe:a9:cc:ae:42:4a:36:e8:2d:4c:bb:60:c7:
b4:b8:2b:4a:5e:38:5e:ce:75:f0:f0:9d:6c:da:4e:be:f6:e0:
13:0c:99:08:4f:74:d0:ca:a3:90:cc:64:52:39:05:8f:9d:33:
85:27:af:f4:92:b9:98:8f:67:37:ee:4b:97:40:50:d3:14:a1:
db:00:52:16:3e:bf:27:1e:90:ce:1f:69:11:06:bc:2e:b2:ca:
bc:b3:44:ac:06:5c:5d:8b:2c:70:5d:11:4e:63:a4:ba:0b:09:
26:3e:58:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY66rq+lyZcWYa9U+Ox0vsmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDE3MzhiYWFiOTg4YjFkNjg2OTNiYjA1ZTI5YmZiYjRm
MGY2NzEwHhcNMjQwNDA3MjIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDliOGQ4YmMyYjhiMWZkNzBkNDQwMGY5YWEwZTg5YTM0YTAzOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9YDmP417eh26yfGH8VRYVscvhMf
Io8vjzpePUCsoLQi0PubFkAk1i0qNfftrZlNIW3NMllxw/h+LnkuPm4ainbW7LqM
h4VeVTSDwKzfN//Ch4ATDjDATj6KVa9NRbJ2LrFwYmGM+9WQzP0WeATkIWtd4Qoz
kEaVFFhgmd+NlKjITw6HLIJXhOrpcXWgbSh7ez8Jt7jgh6b6iRm1gHPYy1ryFh6L
LdD26ZQ5ebpT7pt5A33FQxpnciLIwCUSQgFn/+/hB9rLAEAyn1Hv5u91sba9zqqn
Qsr+OTYRNjgBQPmUJqVO0UM+4M+NPf6valDGLIzJib8hXErHrkwiSy8whwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHCbjYvCuLH9cNRAD5qg6Jo0oDjjMB8GA1UdIwQY
MBaAFMRBc4uquYix1oaTuwXim/u08PZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUt
NGM5OGQ5YTUxNDA1LzEvY0p1Tmk4SzRzZjF3MUVBUG1xRG9talNnT09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUtNGM5OGQ5YTUxNDA1
LzEveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgSmgDAN
BgkqhkiG9w0BAQsFAAOCAQEAF3xofmfBMtEnlyBla0KoeEVSlHpuVWRvI3VHdVxK
Yh4mh42G2Ot1qrpBCgcTc5W1/Y+S9JCDH37wYk80Riil5EhAAI+jPv5lnQT0IiH2
1WSjIbg8njpqIaQjpadkJLS+15qcI+jWQChCdnnLyVZA5CVnuSELCnYDnp2WR5Sn
/7jUFX2njLsbSHM8wvax0p5rIzi/tNX+qcyuQko26C1Mu2DHtLgrSl44Xs518PCd
bNpOvvbgEwyZCE900MqjkMxkUjkFj50zhSev9JK5mI9nN+5Ll0BQ0xSh2wBSFj6/
Jx6Qzh9pEQa8LrLKvLNErAZcXYsscF0RTmOkugsJJj5Ymg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:05:00 2024 by rpki-client on console-ams.rpki-client.org