Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/oOLMjRI7b1YSUgio02v27UwTDEc.roa
File: oOLMjRI7b1YSUgio02v27UwTDEc.roa (raw, json)
Hash identifier: YWdztiCM6CEDcHiVCQvvaCdEpxNxUu3xIkYxc/pV79A=
Subject key identifier: A0:E2:CC:8D:12:3B:6F:56:12:52:08:A8:D3:6B:F6:ED:4C:13:0C:47
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 018CC56E22EFBE2AAD7E5ADE380D212F7DCF
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/oOLMjRI7b1YSUgio02v27UwTDEc.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1921
IP address blocks: 2a04:2b00:14dd::/48 maxlen: 48
2a04:2b00:14ee::/48 maxlen: 48
2a04:2b00:14cc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.mft
rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:22:ef:be:2a:ad:7e:5a:de:38:0d:21:2f:7d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0e2cc8d123b6f56125208a8d36bf6ed4c130c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:79:08:c4:5f:5b:3c:05:23:8e:fd:81:8d:c4:
38:cc:e4:43:1b:8d:36:27:75:5e:4f:29:6f:c4:30:
c3:a5:c9:a5:79:91:50:50:96:9a:32:f3:fc:b9:45:
1c:a1:b2:4b:59:0f:26:56:6f:fc:8e:41:4e:71:f7:
ad:f8:64:f6:9c:b3:f0:38:c9:6b:b4:08:bc:c9:e4:
f6:05:fb:50:55:c5:6f:08:f7:41:ee:b5:19:84:90:
ac:c3:cf:b5:69:5f:47:d1:06:26:0e:ea:94:c7:40:
33:1e:e9:68:67:47:7b:9e:46:fe:ac:33:30:9c:e6:
ed:4d:96:ea:d4:ae:49:7c:90:83:ff:f6:25:5f:60:
fb:20:93:5d:25:36:82:0e:fc:15:b3:76:50:32:cb:
4d:34:de:88:fd:dc:58:77:1c:9b:a8:ff:8d:35:ad:
c9:32:ed:f3:6d:aa:e9:31:1c:38:f5:a9:7e:d2:da:
f5:59:c0:37:e3:55:7d:d8:2a:b5:d1:7f:ee:f1:5b:
99:5e:3f:10:92:a4:e7:3e:4d:f8:27:fa:57:89:df:
2e:e1:33:d9:7b:75:54:96:6d:c8:6c:4f:e1:b4:e7:
ac:fe:e0:dc:9f:10:31:09:13:c1:eb:14:de:44:e0:
6c:9e:a3:90:19:75:f8:5b:9e:3e:a8:3f:8c:72:09:
e9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E2:CC:8D:12:3B:6F:56:12:52:08:A8:D3:6B:F6:ED:4C:13:0C:47
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/oOLMjRI7b1YSUgio02v27UwTDEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:14cc::/48
2a04:2b00:14dd::/48
2a04:2b00:14ee::/48
Signature Algorithm: sha256WithRSAEncryption
75:79:dd:b4:12:45:fa:4d:35:00:88:6f:5d:5d:72:00:6e:16:
61:e0:2e:8e:0f:c0:f5:65:0f:ae:ed:c5:11:b2:c3:9e:51:57:
eb:f9:78:38:15:73:39:00:be:ab:20:df:d9:66:d4:77:cd:b1:
34:56:be:b7:47:c5:e2:a9:8d:3f:98:17:46:c5:e8:36:75:f5:
42:85:f6:a9:77:9b:be:50:89:47:f1:94:8c:a6:ab:e6:25:03:
f4:b0:66:17:e0:e8:71:af:77:8b:61:77:28:82:b8:3f:a5:54:
9a:fc:79:93:fc:00:c3:72:23:b7:f5:a4:03:70:22:b4:59:88:
76:d6:6e:62:85:ec:e6:a5:94:91:9b:df:ef:ca:c1:ed:1e:34:
9c:40:98:8c:04:bc:7c:93:ad:0a:cb:55:55:82:cd:70:36:d0:
6e:03:02:ae:fd:9e:65:2c:4a:2d:ea:20:2a:3b:36:23:6f:6a:
2c:18:57:7f:fb:50:c5:38:f7:33:94:8e:2a:7c:e7:4a:d4:40:
e0:88:39:ff:93:22:c0:74:4f:9b:4b:fe:71:ca:76:61:03:d2:
83:74:af:c1:a2:d5:cf:f5:4a:80:7d:e1:04:1f:ab:de:a2:92:
56:e1:7f:66:2b:53:50:7d:39:3c:12:71:77:77:2c:fa:2f:b3:
a1:7e:b1:01
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbiLvviqtflreOA0hL33PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGUyY2M4ZDEyM2I2ZjU2MTI1MjA4YThkMzZiZjZlZDRjMTMwYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3kIxF9bPAUjjv2BjcQ4zORDG402
J3VeTylvxDDDpcmleZFQUJaaMvP8uUUcobJLWQ8mVm/8jkFOcfet+GT2nLPwOMlr
tAi8yeT2BftQVcVvCPdB7rUZhJCsw8+1aV9H0QYmDuqUx0AzHuloZ0d7nkb+rDMw
nObtTZbq1K5JfJCD//YlX2D7IJNdJTaCDvwVs3ZQMstNNN6I/dxYdxybqP+NNa3J
Mu3zbarpMRw49al+0tr1WcA341V92Cq10X/u8VuZXj8QkqTnPk34J/pXid8u4TPZ
e3VUlm3IbE/htOes/uDcnxAxCRPB6xTeROBsnqOQGXX4W54+qD+Mcgnp2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKDizI0SO29WElIIqNNr9u1MEwxHMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvb09MTWpSSTdiMVlTVWdpbzAydjI3VXdUREVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgQrABTM
AwcAKgQrABTdAwcAKgQrABTuMA0GCSqGSIb3DQEBCwUAA4IBAQB1ed20EkX6TTUA
iG9dXXIAbhZh4C6OD8D1ZQ+u7cURssOeUVfr+Xg4FXM5AL6rIN/ZZtR3zbE0Vr63
R8XiqY0/mBdGxeg2dfVChfapd5u+UIlH8ZSMpqvmJQP0sGYX4Ohxr3eLYXcogrg/
pVSa/HmT/ADDciO39aQDcCK0WYh21m5ihezmpZSRm9/vysHtHjScQJiMBLx8k60K
y1VVgs1wNtBuAwKu/Z5lLEot6iAqOzYjb2osGFd/+1DFOPczlI4qfOdK1EDgiDn/
kyLAdE+bS/5xynZhA9KDdK/BotXP9UqAfeEEH6veopJW4X9mK1NQfTk8EnF3dyz6
L7OhfrEB
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:49 2024 by rpki-client on console-fra.rpki-client.org