Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/bj44nlZhloUAP5VesW5nkIXNFvA.roa
File: bj44nlZhloUAP5VesW5nkIXNFvA.roa (raw, json)
Hash identifier: f/w6ahihQriya27fV5StcRGT5neW3HlszZhYB5POiIE=
Subject key identifier: 6E:3E:38:9E:56:61:96:85:00:3F:95:5E:B1:6E:67:90:85:CD:16:F0
Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Certificate serial: 018CC348FD18616B69022D36043D8BEBD719
Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/bj44nlZhloUAP5VesW5nkIXNFvA.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212149
IP address blocks: 2a0f:8646:b00b::/48 maxlen: 48
2a0f:8644:b00b::/48 maxlen: 48
2a0f:8642:b00b::/48 maxlen: 48
2a0f:8640:b00b::/48 maxlen: 48
2a0f:8643:b00b::/48 maxlen: 48
2a0f:8645:b00b::/48 maxlen: 48
2a0f:8647:b00b::/48 maxlen: 48
2a0f:8641:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fd:18:61:6b:69:02:2d:36:04:3d:8b:eb:d7:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e3e389e56619685003f955eb16e679085cd16f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:98:50:5d:7d:9f:3f:f8:15:dc:f0:84:69:52:
4e:38:97:4f:01:fb:b0:c9:6d:71:a8:cf:15:1a:f1:
10:17:b7:08:19:4f:b3:98:0a:49:ac:a0:78:15:03:
44:14:84:eb:35:49:66:f0:b2:a6:5e:76:7d:b1:19:
11:99:2f:c4:9b:87:05:6a:91:8a:40:31:bd:35:9c:
3f:44:86:df:96:8b:10:9d:18:97:b8:b9:f6:f0:b5:
5e:f2:c3:fc:8f:0e:8a:46:ab:2a:4f:b7:ce:2a:4a:
3e:3c:45:5c:4b:f9:9e:36:70:52:3d:9e:88:1d:ef:
90:c9:b1:2d:67:86:58:71:1f:99:d8:3c:26:de:c5:
7b:00:ea:3b:f7:22:ae:c9:f9:1b:b0:22:98:51:75:
07:f3:ff:9a:94:08:02:21:98:63:06:24:91:44:01:
0b:d8:d3:d4:87:60:69:90:cf:5a:cb:64:8c:c5:b3:
be:84:35:9f:85:ae:da:0b:8e:98:64:4b:7c:7a:f4:
37:2d:2c:f1:00:48:47:5c:7c:4b:db:fe:d3:d7:5f:
2f:f4:42:7e:4b:d0:7d:ff:33:b4:69:e9:9a:b5:21:
a3:14:87:77:2f:79:c8:81:ca:b3:47:df:72:b1:00:
bc:81:8c:41:7d:c5:ae:28:b3:51:ce:0d:80:bc:d2:
16:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3E:38:9E:56:61:96:85:00:3F:95:5E:B1:6E:67:90:85:CD:16:F0
X509v3 Authority Key Identifier:
keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/bj44nlZhloUAP5VesW5nkIXNFvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:8640:b00b::/48
2a0f:8641:b00b::/48
2a0f:8642:b00b::/48
2a0f:8643:b00b::/48
2a0f:8644:b00b::/48
2a0f:8645:b00b::/48
2a0f:8646:b00b::/48
2a0f:8647:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
7a:e1:1a:2d:25:23:9e:0f:69:1f:12:39:16:fb:ff:85:a1:21:
50:d0:85:30:f0:3c:0e:89:6c:08:54:65:5c:1c:85:a3:2f:00:
8b:b1:c8:a0:91:5f:87:d7:f2:58:fa:b2:7b:5a:2f:10:79:ab:
21:c4:e9:54:75:b0:43:4a:ac:37:3c:56:be:84:21:48:af:1c:
8c:32:36:ff:cc:5d:4f:70:b9:80:46:ce:f1:2f:c1:e3:09:6a:
88:bf:9f:52:9a:7f:12:92:05:c8:c8:84:18:c0:99:e6:fb:89:
19:e5:68:ef:11:65:53:74:59:60:6f:be:b9:a8:0d:bd:94:41:
e1:b1:00:9b:ca:6d:a7:97:f6:dd:a2:3f:f5:f7:8b:58:eb:fc:
62:5e:2a:60:65:f6:b5:12:7c:43:2b:83:07:c5:95:98:f7:8b:
5d:da:b3:06:4a:03:5a:31:ac:be:f3:36:a5:4c:36:8a:bb:40:
19:0e:84:45:8f:c9:bd:c4:5b:7d:41:c9:b3:08:d1:44:31:ac:
e0:2b:10:bd:8e:f4:ef:1c:5f:cb:3e:24:11:be:ec:9d:19:03:
39:cb:e1:e6:41:18:3a:73:c5:c7:66:f1:a8:95:ec:fb:2c:b5:
c3:39:9f:04:7d:53:50:8a:23:3c:f6:46:e2:1b:ba:29:77:65:
31:3f:f5:e2
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzDSP0YYWtpAi02BD2L69cZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViY2Q0MGQxMGI1NmYzYjUzMmZhMGRmZDAxZDgxN2VmOTNk
YTFhMzQwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNlMzg5ZTU2NjE5Njg1MDAzZjk1NWViMTZlNjc5MDg1Y2QxNmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5hQXX2fP/gV3PCEaVJOOJdPAfuw
yW1xqM8VGvEQF7cIGU+zmApJrKB4FQNEFITrNUlm8LKmXnZ9sRkRmS/Em4cFapGK
QDG9NZw/RIbflosQnRiXuLn28LVe8sP8jw6KRqsqT7fOKko+PEVcS/meNnBSPZ6I
He+QybEtZ4ZYcR+Z2Dwm3sV7AOo79yKuyfkbsCKYUXUH8/+alAgCIZhjBiSRRAEL
2NPUh2BpkM9ay2SMxbO+hDWfha7aC46YZEt8evQ3LSzxAEhHXHxL2/7T118v9EJ+
S9B9/zO0aematSGjFId3L3nIgcqzR99ysQC8gYxBfcWuKLNRzg2AvNIWHQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFG4+OJ5WYZaFAD+VXrFuZ5CFzRbwMB8GA1UdIwQY
MBaAFFvNQNELVvO1MvoN/QHYF++T2ho0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzIt
YTJjZTFjYzhiODdmLzEvYmo0NG5sWmhsb1VBUDVWZXNXNW5rSVhORnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzItYTJjZTFjYzhiODdm
LzEvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAAjBIAwcAKg+GQLAL
AwcAKg+GQbALAwcAKg+GQrALAwcAKg+GQ7ALAwcAKg+GRLALAwcAKg+GRbALAwcA
Kg+GRrALAwcAKg+GR7ALMA0GCSqGSIb3DQEBCwUAA4IBAQB64RotJSOeD2kfEjkW
+/+FoSFQ0IUw8DwOiWwIVGVcHIWjLwCLscigkV+H1/JY+rJ7Wi8QeashxOlUdbBD
Sqw3PFa+hCFIrxyMMjb/zF1PcLmARs7xL8HjCWqIv59Smn8SkgXIyIQYwJnm+4kZ
5WjvEWVTdFlgb765qA29lEHhsQCbym2nl/bdoj/194tY6/xiXipgZfa1EnxDK4MH
xZWY94td2rMGSgNaMay+8zalTDaKu0AZDoRFj8m9xFt9QcmzCNFEMazgKxC9jvTv
HF/LPiQRvuydGQM5y+HmQRg6c8XHZvGolez7LLXDOZ8EfVNQiiM89kbiG7opd2Ux
P/Xi
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:53 2024 by rpki-client on console-fra.rpki-client.org