Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/8qpOQEkld-OCE327WDPvfwz8NTc.roa
File: 8qpOQEkld-OCE327WDPvfwz8NTc.roa (raw, json)
Hash identifier: TbtnOjFPISiCKQ5Eo05EabfgkT3k9A2fhlIo4BBx5I0=
Subject key identifier: F2:AA:4E:40:49:25:77:E3:82:13:7D:BB:58:33:EF:7F:0C:FC:35:37
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 018CC493098AA7DE7008D7ED715FE62667B6
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/8qpOQEkld-OCE327WDPvfwz8NTc.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29330
IP address blocks: 2a01:190:15e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:09:8a:a7:de:70:08:d7:ed:71:5f:e6:26:67:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2aa4e40492577e382137dbb5833ef7f0cfc3537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:75:a8:11:5d:94:a5:f8:82:db:cc:7c:78:cb:
b3:b4:df:b7:1f:47:c4:13:cc:53:db:3f:98:92:00:
89:ac:a4:ce:35:6e:4a:8a:48:6c:08:b9:91:8e:38:
91:44:ae:45:db:36:7a:e1:da:8f:13:12:79:a8:ac:
a6:1f:9f:01:ea:d6:fb:fa:70:3a:29:5a:4f:e0:e8:
16:aa:24:91:99:26:26:57:07:3f:6c:f9:df:9c:27:
52:d4:39:c8:a2:98:1d:05:cb:ed:a6:e1:1b:dc:80:
06:d4:7c:00:7c:f9:0b:28:21:35:5f:55:41:3b:74:
e1:c8:b9:aa:18:a9:1f:d8:d4:96:a2:4c:f8:1e:a3:
50:db:7b:97:b3:80:06:84:d4:79:37:ac:42:39:7a:
da:73:d8:56:9e:df:11:17:2b:35:60:d0:1e:5d:6d:
62:83:f4:66:b6:57:31:a9:e9:42:67:a0:06:fe:62:
70:71:ab:f6:d9:4b:73:2c:5e:6f:be:8d:c5:bc:3c:
1e:02:21:53:55:c4:c7:43:89:6f:51:1f:e6:bd:ae:
49:21:69:da:16:a1:33:fa:9c:16:53:ed:66:63:27:
0f:d1:64:9c:73:56:71:b8:32:f3:ca:74:47:cf:96:
31:2e:4c:c3:1e:01:db:ac:08:9b:f6:b4:c0:be:65:
3f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AA:4E:40:49:25:77:E3:82:13:7D:BB:58:33:EF:7F:0C:FC:35:37
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/8qpOQEkld-OCE327WDPvfwz8NTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:190:15e8::/48
Signature Algorithm: sha256WithRSAEncryption
2b:42:a4:a8:eb:03:15:b5:7c:23:78:bc:13:6f:34:12:0e:02:
fe:10:71:f2:fd:26:62:46:d7:e4:dc:c6:70:ba:13:1d:a1:70:
99:61:a7:c9:d0:54:90:76:71:89:f2:8f:e5:2c:37:99:7f:b9:
83:58:27:9a:d5:53:56:01:b6:d4:76:50:98:19:a8:cf:75:f6:
11:a1:ca:b8:6c:39:f1:5f:7f:f8:e4:bc:9c:3c:64:65:45:28:
c7:68:6c:32:2a:e3:8b:ed:cc:33:eb:95:bd:93:05:2d:6e:d3:
b8:63:98:ae:c1:e4:4e:c6:1d:d8:43:38:18:da:d0:f7:b3:03:
1d:f9:53:fa:ca:a5:28:88:55:7c:7d:13:42:0b:0a:6a:ac:38:
5b:89:fe:c0:f7:e0:62:1f:58:07:3e:42:b2:f4:7d:3c:8f:db:
4c:e6:a1:c5:ff:e0:43:86:d3:8f:12:6e:14:0d:2d:b1:ff:47:
65:a4:cb:0f:21:6d:0a:a5:12:4c:42:f9:6c:35:8f:65:31:31:
1b:b1:cf:97:11:46:61:e6:98:3d:55:20:f4:5f:43:72:ff:3a:
c7:0f:84:ca:4e:c2:69:61:24:f4:64:eb:81:fe:40:7b:93:56:
ea:26:18:ac:66:65:ac:53:d3:06:5c:a6:59:64:d5:9c:65:53:
bc:97:91:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEkwmKp95wCNftcV/mJme2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFhNGU0MDQ5MjU3N2UzODIxMzdkYmI1ODMzZWY3ZjBjZmMzNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXWoEV2UpfiC28x8eMuztN+3H0fE
E8xT2z+YkgCJrKTONW5KikhsCLmRjjiRRK5F2zZ64dqPExJ5qKymH58B6tb7+nA6
KVpP4OgWqiSRmSYmVwc/bPnfnCdS1DnIopgdBcvtpuEb3IAG1HwAfPkLKCE1X1VB
O3ThyLmqGKkf2NSWokz4HqNQ23uXs4AGhNR5N6xCOXrac9hWnt8RFys1YNAeXW1i
g/RmtlcxqelCZ6AG/mJwcav22UtzLF5vvo3FvDweAiFTVcTHQ4lvUR/mva5JIWna
FqEz+pwWU+1mYycP0WScc1ZxuDLzynRHz5YxLkzDHgHbrAib9rTAvmU/QQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPKqTkBJJXfjghN9u1gz738M/DU3MB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvOHFwT1FFa2xkLU9DRTMyN1dEUHZmd3o4TlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEBkBXo
MA0GCSqGSIb3DQEBCwUAA4IBAQArQqSo6wMVtXwjeLwTbzQSDgL+EHHy/SZiRtfk
3MZwuhMdoXCZYafJ0FSQdnGJ8o/lLDeZf7mDWCea1VNWAbbUdlCYGajPdfYRocq4
bDnxX3/45LycPGRlRSjHaGwyKuOL7cwz65W9kwUtbtO4Y5iuweROxh3YQzgY2tD3
swMd+VP6yqUoiFV8fRNCCwpqrDhbif7A9+BiH1gHPkKy9H08j9tM5qHF/+BDhtOP
Em4UDS2x/0dlpMsPIW0KpRJMQvlsNY9lMTEbsc+XEUZh5pg9VSD0X0Ny/zrHD4TK
TsJpYST0ZOuB/kB7k1bqJhisZmWsU9MGXKZZZNWcZVO8l5FC
-----END CERTIFICATE-----
Generated at Sat May 25 11:59:45 2024 by rpki-client on console-ams.rpki-client.org