Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/0ODk8P2R9JubMCPN-TovAaZGvu8.roa
File: 0ODk8P2R9JubMCPN-TovAaZGvu8.roa (raw, json)
Hash identifier: Qe40JmcntrFWs4nrdS/6UEw5VlO4rVVOpsvuszbbbP0=
Subject key identifier: D0:E0:E4:F0:FD:91:F4:9B:9B:30:23:CD:F9:3A:2F:01:A6:46:BE:EF
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 018CC3B6A67987D660E72A2F117C3A617EB1
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/0ODk8P2R9JubMCPN-TovAaZGvu8.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47152
IP address blocks: 2a10:ba87:fef0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a6:79:87:d6:60:e7:2a:2f:11:7c:3a:61:7e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0e0e4f0fd91f49b9b3023cdf93a2f01a646beef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3c:40:f3:74:79:17:8f:0c:fd:30:a3:6d:69:
61:ff:8d:d7:6d:e0:35:74:86:e1:66:86:d8:be:0b:
ad:04:c1:7a:69:3d:0e:1b:6b:aa:86:b0:25:da:3e:
3c:0c:2c:9d:58:e0:aa:8a:5b:26:b5:56:3a:b0:82:
cb:37:49:fe:80:b6:e2:94:dd:3c:0e:ff:60:16:05:
78:d7:9e:b6:5a:2c:7d:d5:35:43:ff:0b:3a:35:29:
04:65:32:a7:3d:22:06:45:c4:75:e0:22:5e:21:f5:
1a:86:cf:07:82:a5:07:2e:4c:55:f4:c7:11:59:d1:
80:f0:6b:e4:97:fb:93:42:bf:9a:fc:d1:60:4d:d7:
2a:20:73:3e:58:01:5c:8e:0e:75:b1:9d:e4:67:84:
eb:bb:5e:4f:bb:dc:cf:7f:46:ba:89:b2:2e:ff:45:
50:24:cc:93:f7:38:cf:40:3b:cc:93:d4:50:98:f2:
90:46:fe:72:22:7b:76:75:65:4e:cd:fa:35:c9:ab:
78:f2:cc:45:dc:14:cc:35:94:ae:39:51:59:f0:09:
fb:10:9e:26:1a:3c:91:a3:b9:db:0b:9d:81:91:af:
ea:d8:40:78:20:21:df:2e:d2:e0:61:38:e9:17:ef:
1c:c0:00:a3:2a:bb:da:68:f9:54:6e:29:79:c8:d5:
72:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E0:E4:F0:FD:91:F4:9B:9B:30:23:CD:F9:3A:2F:01:A6:46:BE:EF
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/0ODk8P2R9JubMCPN-TovAaZGvu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba87:fef0::/44
Signature Algorithm: sha256WithRSAEncryption
57:8b:a8:f3:90:d2:13:4f:03:69:91:7e:61:30:8c:db:b8:98:
83:dd:82:26:3f:76:5f:17:6e:e4:60:a9:c1:da:2c:62:86:d2:
b5:a2:b5:ae:7d:0f:6f:31:f1:ba:93:01:85:b8:63:e0:de:17:
94:a0:1e:c4:61:a7:6f:1b:73:98:f4:2a:4d:fa:8c:01:af:73:
5c:6d:24:00:8c:a4:52:2c:bc:b8:07:0d:95:0c:ae:7e:f6:f3:
c0:74:9d:92:a5:31:dc:b4:e7:6b:df:3d:5f:43:a4:d1:5b:6f:
77:ae:7a:f9:81:82:33:fc:0a:84:ac:f3:6b:26:95:fa:1e:a2:
c1:97:53:6b:b0:b0:e1:31:09:48:1c:2b:00:12:19:69:58:aa:
70:33:e4:75:2e:3f:f6:36:66:67:27:13:eb:5f:12:22:a4:82:
90:a9:e7:e2:ca:01:4c:da:90:bd:e5:c3:48:dd:ca:4c:20:2c:
05:ed:37:55:2c:1e:ef:d3:9b:d5:43:39:1e:1b:43:cf:75:ae:
b2:e2:e2:6d:e7:0e:26:df:5d:60:bd:41:f5:2d:bb:5e:1d:8e:
cd:63:58:68:0b:78:01:ef:e0:0c:be:a9:9e:06:42:1b:76:dd:
a3:ed:d3:49:9a:05:2c:80:c1:67:9d:b0:58:de:3e:f9:ed:9f:
44:90:74:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtqZ5h9Zg5yovEXw6YX6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGUwZTRmMGZkOTFmNDliOWIzMDIzY2RmOTNhMmYwMWE2NDZiZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDxA83R5F48M/TCjbWlh/43XbeA1
dIbhZobYvgutBMF6aT0OG2uqhrAl2j48DCydWOCqilsmtVY6sILLN0n+gLbilN08
Dv9gFgV41562Wix91TVD/ws6NSkEZTKnPSIGRcR14CJeIfUahs8HgqUHLkxV9McR
WdGA8Gvkl/uTQr+a/NFgTdcqIHM+WAFcjg51sZ3kZ4Tru15Pu9zPf0a6ibIu/0VQ
JMyT9zjPQDvMk9RQmPKQRv5yInt2dWVOzfo1yat48sxF3BTMNZSuOVFZ8An7EJ4m
GjyRo7nbC52Bka/q2EB4ICHfLtLgYTjpF+8cwACjKrvaaPlUbil5yNVywQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNDg5PD9kfSbmzAjzfk6LwGmRr7vMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvME9EazhQMlI5SnViTUNQTi1Ub3ZBYVpHdnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhC6h/7w
MA0GCSqGSIb3DQEBCwUAA4IBAQBXi6jzkNITTwNpkX5hMIzbuJiD3YImP3ZfF27k
YKnB2ixihtK1orWufQ9vMfG6kwGFuGPg3heUoB7EYadvG3OY9CpN+owBr3NcbSQA
jKRSLLy4Bw2VDK5+9vPAdJ2SpTHctOdr3z1fQ6TRW293rnr5gYIz/AqErPNrJpX6
HqLBl1NrsLDhMQlIHCsAEhlpWKpwM+R1Lj/2NmZnJxPrXxIipIKQqefiygFM2pC9
5cNI3cpMICwF7TdVLB7v05vVQzkeG0PPda6y4uJt5w4m311gvUH1LbteHY7NY1ho
C3gB7+AMvqmeBkIbdt2j7dNJmgUsgMFnnbBY3j757Z9EkHQy
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:07:17 2024 by rpki-client on console-fra.rpki-client.org