Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/9BduRvxIOR1yntTqUTSKgdJRK2M.roa
File: 9BduRvxIOR1yntTqUTSKgdJRK2M.roa (raw, json)
Hash identifier: EfRF6+zzvlAGWvxX42aJAES9FQvKNn+2H28kMrWEd3Y=
Subject key identifier: F4:17:6E:46:FC:48:39:1D:72:9E:D4:EA:51:34:8A:81:D2:51:2B:63
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018CCA2A5C0F397959766E3DC04CB4819B40
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/9BduRvxIOR1yntTqUTSKgdJRK2M.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211230
IP address blocks: 2a06:e881:79ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:5c:0f:39:79:59:76:6e:3d:c0:4c:b4:81:9b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4176e46fc48391d729ed4ea51348a81d2512b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c4:04:53:70:62:6e:70:a2:5c:35:ef:69:3b:
61:b9:a9:c7:81:7c:00:08:39:d4:60:54:84:bc:d3:
d2:b8:f0:97:d9:3b:47:78:dc:08:4d:5b:9c:38:d1:
62:63:ee:40:63:c1:f6:53:f9:d8:f1:3d:ac:1e:c0:
08:ab:bf:98:66:39:a4:56:53:81:c1:4b:95:22:40:
1d:1a:15:c7:61:7e:1b:c1:4e:30:33:bb:bb:13:83:
fc:b7:21:3d:f8:b4:95:aa:99:2b:a4:4e:a1:21:69:
82:29:32:9f:5b:ee:0e:35:45:2d:82:ca:67:c0:44:
32:ae:b0:a2:bc:85:72:c3:49:07:7a:45:fe:e5:b3:
0c:bb:4d:93:6f:90:2e:67:e7:36:7e:34:1e:ef:23:
fd:a0:f7:18:d3:d0:96:a1:19:06:1f:ef:e1:87:f9:
79:9e:0f:ff:fb:a2:ea:a0:eb:14:d5:7c:79:b1:62:
12:62:5b:8c:8f:b0:b3:3c:ae:3c:cf:9d:49:15:ac:
c4:2e:8d:a0:ea:83:2c:1d:b2:bc:99:79:e8:1c:ab:
3f:29:38:f2:5c:6e:c2:82:54:a8:b5:53:d6:14:b0:
ed:91:13:34:df:c6:ad:44:06:74:8a:c7:cf:27:f5:
a1:f4:69:be:71:82:3d:ad:fb:e9:84:16:af:12:91:
3e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:17:6E:46:FC:48:39:1D:72:9E:D4:EA:51:34:8A:81:D2:51:2B:63
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/9BduRvxIOR1yntTqUTSKgdJRK2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:79ff::/48
Signature Algorithm: sha256WithRSAEncryption
d6:a1:92:dd:b9:98:ad:3e:d8:46:79:08:53:ac:1e:14:c2:c4:
60:10:e6:5f:6e:5c:9f:1a:ab:94:3e:8a:88:ae:49:04:0a:03:
20:f5:a6:33:9d:bf:a5:57:7a:7e:09:d1:60:92:4c:e0:d1:79:
5e:ff:a9:70:f9:8a:1b:66:6f:02:38:cd:8d:8f:25:1c:ca:36:
ca:a3:37:94:2e:ff:66:23:e7:1b:a9:4c:82:26:fb:85:42:43:
78:41:0a:99:da:55:b6:32:56:46:a9:0b:1b:dd:6d:08:30:d6:
87:28:73:3a:fa:b7:1a:89:79:b4:f2:41:7d:72:b9:d4:d5:54:
d5:81:50:28:f8:e2:fe:ae:2a:f2:86:15:2e:22:43:33:6e:bf:
6d:bf:64:d8:29:91:7d:21:d0:22:30:16:ab:a8:4a:8b:a1:9b:
47:33:0e:73:a5:c0:64:47:25:11:e1:32:72:6d:5d:d7:07:bc:
30:f2:80:b1:21:5b:a8:8c:f6:7d:06:a0:54:0c:7a:73:ae:95:
83:ed:4c:24:de:07:bf:40:b9:9e:d7:12:5d:b7:3e:a2:3d:0c:
18:21:a4:c4:d9:ce:b5:f6:86:2d:a9:3e:35:fe:e2:e8:ab:93:
f6:d4:43:6d:32:6a:ff:65:08:7b:69:80:30:72:96:d5:f6:bc:
5d:3b:cc:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKlwPOXlZdm49wEy0gZtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE3NmU0NmZjNDgzOTFkNzI5ZWQ0ZWE1MTM0OGE4MWQyNTEyYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusQEU3BibnCiXDXvaTthuanHgXwA
CDnUYFSEvNPSuPCX2TtHeNwITVucONFiY+5AY8H2U/nY8T2sHsAIq7+YZjmkVlOB
wUuVIkAdGhXHYX4bwU4wM7u7E4P8tyE9+LSVqpkrpE6hIWmCKTKfW+4ONUUtgspn
wEQyrrCivIVyw0kHekX+5bMMu02Tb5AuZ+c2fjQe7yP9oPcY09CWoRkGH+/hh/l5
ng//+6LqoOsU1Xx5sWISYluMj7CzPK48z51JFazELo2g6oMsHbK8mXnoHKs/KTjy
XG7CglSotVPWFLDtkRM038atRAZ0isfPJ/Wh9Gm+cYI9rfvphBavEpE+OQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPQXbkb8SDkdcp7U6lE0ioHSUStjMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvOUJkdVJ2eElPUjF5bnRUcVVUU0tnZEpSSzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbogXn/
MA0GCSqGSIb3DQEBCwUAA4IBAQDWoZLduZitPthGeQhTrB4UwsRgEOZfblyfGquU
PoqIrkkECgMg9aYznb+lV3p+CdFgkkzg0Xle/6lw+YobZm8COM2NjyUcyjbKozeU
Lv9mI+cbqUyCJvuFQkN4QQqZ2lW2MlZGqQsb3W0IMNaHKHM6+rcaiXm08kF9crnU
1VTVgVAo+OL+riryhhUuIkMzbr9tv2TYKZF9IdAiMBarqEqLoZtHMw5zpcBkRyUR
4TJybV3XB7ww8oCxIVuojPZ9BqBUDHpzrpWD7Uwk3ge/QLme1xJdtz6iPQwYIaTE
2c619oYtqT41/uLoq5P21ENtMmr/ZQh7aYAwcpbV9rxdO8xj
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:01 2024 by rpki-client on console-ams.rpki-client.org