Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/qow4auxX9C-7UMr80RFbsckyYYU.roa
File: qow4auxX9C-7UMr80RFbsckyYYU.roa (raw, json)
Hash identifier: bnNxdSKkSL/jJQioIgSrpl61iNFGlSETHBvJR2N5eHY=
Subject key identifier: AA:8C:38:6A:EC:57:F4:2F:BB:50:CA:FC:D1:11:5B:B1:C9:32:61:85
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018CC64B5D2651DE803FFAF74F0EF355E069
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/qow4auxX9C-7UMr80RFbsckyYYU.roa
Signing time: Mon 01 Jan 2024 18:31:16 +0000
ROA not before: Mon 01 Jan 2024 18:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 2a0e:1b43::/32 maxlen: 32
2a0e:1b41::/32 maxlen: 32
2a0e:1b45::/32 maxlen: 32
2a0e:1b47::/32 maxlen: 32
2a0e:1b44::/32 maxlen: 32
2a0e:1b42::/32 maxlen: 32
2a0e:1b40::/32 maxlen: 32
2a0e:1b46::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5d:26:51:de:80:3f:fa:f7:4f:0e:f3:55:e0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 18:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa8c386aec57f42fbb50cafcd1115bb1c9326185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:02:89:cc:80:67:f5:1c:5a:ec:79:3c:c8:83:
65:6b:a0:ba:dd:68:58:da:7b:44:fb:76:af:d0:da:
05:ce:24:be:6a:ce:14:b5:31:46:98:d7:bb:4a:83:
aa:4a:a2:dd:15:75:42:97:06:7f:2f:44:76:4a:4e:
ee:47:da:48:69:57:b7:cf:9e:6f:ef:c0:5c:9d:8d:
32:cb:bf:9b:6a:5a:44:e8:ea:ea:2d:7d:21:5a:18:
f1:26:5c:be:81:77:a4:29:80:d1:b2:bc:ae:1e:ff:
bd:9c:d0:ac:e0:b5:7a:85:87:70:f1:de:77:86:94:
43:15:e3:4a:e4:cc:18:30:47:1c:25:e4:23:d5:1d:
1a:b8:58:bc:57:91:89:14:2e:87:28:9b:0b:75:5c:
86:83:a9:be:e9:75:3c:d8:3e:c6:69:c0:34:b2:dc:
65:a9:28:e9:c4:2c:a9:bd:9e:df:3a:f6:54:31:25:
cd:89:5b:71:be:bc:d3:6e:84:04:a4:2a:0a:2d:68:
7d:84:69:26:93:67:bd:e1:86:7e:fa:1b:67:d1:79:
65:a2:64:f5:06:18:5f:93:5b:6c:38:dd:55:de:f2:
68:a0:0b:79:9d:f5:c9:29:c6:e2:8f:18:30:3c:54:
6c:04:29:a4:87:ee:d7:f8:85:83:a5:8e:8f:ac:6c:
ab:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8C:38:6A:EC:57:F4:2F:BB:50:CA:FC:D1:11:5B:B1:C9:32:61:85
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/qow4auxX9C-7UMr80RFbsckyYYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1b40::/29
Signature Algorithm: sha256WithRSAEncryption
82:47:f0:1a:08:6b:8d:97:b1:44:07:7b:86:3a:a2:b6:d8:09:
4c:5a:ec:d2:9d:b7:84:15:88:62:2d:4b:79:fb:3b:17:c4:19:
4d:6d:fd:df:db:ce:98:32:f3:69:b7:e1:cd:e5:11:17:f4:af:
aa:8a:20:0b:c9:0a:1f:5f:52:c3:6e:f8:6c:17:14:b6:3b:d7:
f6:f6:39:98:2d:f0:76:75:87:09:26:46:be:71:5a:2f:8d:2c:
4e:cd:b2:b4:57:35:f5:bb:b7:ac:ac:1e:db:8a:66:73:2d:49:
7c:4c:dc:20:c5:5a:7d:a4:ec:2e:76:07:81:58:52:a7:56:e6:
d5:cd:07:8c:71:32:c2:64:fa:db:d4:43:8a:3f:77:d6:be:d4:
aa:b5:e3:55:fd:72:30:53:c8:f0:a9:cb:9e:88:f3:4d:92:ec:
db:0a:d1:5b:53:ac:71:50:18:4f:3d:5e:39:d0:3b:e7:bc:8e:
9e:f1:26:1d:ec:bb:1b:0c:26:64:4c:93:c7:46:fc:67:b6:7c:
01:2c:23:ac:71:3a:cd:51:62:87:4c:c5:f1:6a:50:9c:eb:70:
ed:bf:31:07:62:78:9a:31:3c:c7:2c:68:ac:90:72:2b:62:61:
a3:82:a5:8f:78:06:3f:a6:a5:21:92:89:52:12:d3:8f:42:07:
0b:f3:80:e0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGS10mUd6AP/r3Tw7zVeBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThjMzg2YWVjNTdmNDJmYmI1MGNhZmNkMTExNWJiMWM5MzI2MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwKJzIBn9Rxa7Hk8yINla6C63WhY
2ntE+3av0NoFziS+as4UtTFGmNe7SoOqSqLdFXVClwZ/L0R2Sk7uR9pIaVe3z55v
78BcnY0yy7+balpE6OrqLX0hWhjxJly+gXekKYDRsryuHv+9nNCs4LV6hYdw8d53
hpRDFeNK5MwYMEccJeQj1R0auFi8V5GJFC6HKJsLdVyGg6m+6XU82D7GacA0stxl
qSjpxCypvZ7fOvZUMSXNiVtxvrzTboQEpCoKLWh9hGkmk2e94YZ++htn0XllomT1
Bhhfk1tsON1V3vJooAt5nfXJKcbijxgwPFRsBCmkh+7X+IWDpY6PrGyrVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKqMOGrsV/Qvu1DK/NERW7HJMmGFMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvcW93NGF1eFg5Qy03VU1yODBSRmJzY2t5WVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4bQDAN
BgkqhkiG9w0BAQsFAAOCAQEAgkfwGghrjZexRAd7hjqittgJTFrs0p23hBWIYi1L
efs7F8QZTW3939vOmDLzabfhzeURF/SvqoogC8kKH19Sw274bBcUtjvX9vY5mC3w
dnWHCSZGvnFaL40sTs2ytFc19bu3rKwe24pmcy1JfEzcIMVafaTsLnYHgVhSp1bm
1c0HjHEywmT629RDij931r7UqrXjVf1yMFPI8KnLnojzTZLs2wrRW1OscVAYTz1e
OdA757yOnvEmHey7GwwmZEyTx0b8Z7Z8ASwjrHE6zVFih0zF8WpQnOtw7b8xB2J4
mjE8xyxorJByK2Jho4Klj3gGP6alIZKJUhLTj0IHC/OA4A==
-----END CERTIFICATE-----
Generated at Thu May 2 18:06:26 2024 by rpki-client on console-ams.rpki-client.org