Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/VCoHFHO8DHHGD_D_0jbCSJglZCY.roa
File: VCoHFHO8DHHGD_D_0jbCSJglZCY.roa (raw, json)
Hash identifier: PSQ+FrVacCv9vCzaPCaUGraMP2BOdCM2pClgI8I5VrE=
Subject key identifier: 54:2A:07:14:73:BC:0C:71:C6:0F:F0:FF:D2:36:C2:48:98:25:64:26
Certificate issuer: /CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Certificate serial: 018CC6B78AD2FEAD5E71D7648A3BA51CAECD
Authority key identifier: A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/VCoHFHO8DHHGD_D_0jbCSJglZCY.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9201
IP address blocks: 2001:1405::/32 maxlen: 32
2001:1400:ffee::/48 maxlen: 48
2001:1407::/32 maxlen: 32
2001:1400::/29 maxlen: 29
2001:1401::/32 maxlen: 32
2001:1406::/32 maxlen: 32
2001:1404::/32 maxlen: 32
2001:1402::/32 maxlen: 32
2001:1403::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8a:d2:fe:ad:5e:71:d7:64:8a:3b:a5:1c:ae:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82c9bc2d2dacfd6f130d85a84fedeabf179a567
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=542a071473bc0c71c60ff0ffd236c24898256426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:64:d3:1b:94:36:d1:3f:ab:97:dc:25:04:
af:35:ae:e7:f9:53:a3:56:aa:0c:1f:d3:b2:8e:55:
df:cd:bf:ed:da:3e:5c:f0:d7:05:f6:b6:e0:2f:45:
5f:a1:3f:0a:a7:f7:dd:e6:e0:01:20:09:0e:8b:49:
a9:6b:2b:d0:2f:aa:ac:da:d6:82:e3:99:0b:03:55:
7d:b3:22:b0:5f:58:ec:b4:6a:0b:8c:c2:10:46:ba:
4c:16:e4:64:de:35:a6:ae:25:a2:88:e0:9e:74:53:
e9:12:cc:4d:44:5b:b8:44:67:0f:69:cc:15:6e:7d:
8d:0d:c4:0e:aa:83:34:a1:c1:48:3a:f3:2b:6a:d5:
3d:c0:24:52:f1:68:31:40:af:ce:ef:d7:cf:5d:0c:
1a:01:61:a8:b7:4e:84:8b:13:aa:c1:50:c5:2a:fc:
58:3a:bb:79:70:8b:02:c1:a8:d6:b1:0f:b1:6b:bd:
f3:9d:de:25:55:01:3f:73:53:5f:aa:bc:e8:75:b6:
cd:97:4c:b9:6b:06:92:af:00:f8:9d:81:29:cc:b3:
d6:f4:31:5d:57:09:bb:a0:41:f7:0e:a0:a7:ba:00:
b5:cd:4b:3e:c0:20:02:5e:d3:5f:ec:72:0e:2c:37:
07:49:a8:6a:86:39:5f:b5:51:0a:a2:9c:7d:18:5b:
11:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2A:07:14:73:BC:0C:71:C6:0F:F0:FF:D2:36:C2:48:98:25:64:26
X509v3 Authority Key Identifier:
keyid:A8:2C:9B:C2:D2:DA:CF:D6:F1:30:D8:5A:84:FE:DE:AB:F1:79:A5:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCybwtLaz9bxMNhahP7eq_F5pWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/VCoHFHO8DHHGD_D_0jbCSJglZCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b9185-40b5-490b-9af8-55c140c9f54f/1/qCybwtLaz9bxMNhahP7eq_F5pWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1400::/29
Signature Algorithm: sha256WithRSAEncryption
0f:ab:ab:76:9e:3e:8c:92:62:ec:5d:fe:76:69:df:f0:7e:2b:
52:c7:b2:62:eb:30:8f:37:b6:af:84:a7:ec:99:d8:67:fb:84:
19:1b:09:c7:2f:c0:be:ea:72:53:d6:b6:58:55:f3:28:4a:42:
b4:77:23:3d:3b:ba:74:4c:cb:52:db:44:c2:a7:5b:f6:61:46:
15:42:8e:cd:85:5b:af:80:aa:d6:c8:7e:e3:dd:ad:dd:02:b3:
85:86:c7:22:59:2b:da:83:70:48:19:98:93:7b:be:c6:d1:3b:
8c:18:69:0e:e8:72:78:db:3b:46:99:2a:fa:73:8b:35:86:4b:
35:ba:3c:2e:78:e5:d1:f8:00:92:da:43:90:2f:32:ee:a2:6a:
a3:a3:f2:36:45:c8:f1:4d:de:14:dd:5c:ac:f5:31:42:9a:17:
15:54:1b:ea:d9:a9:f7:e3:15:30:0c:c3:45:9b:32:a5:4e:b2:
0a:5d:74:8f:82:c8:d0:85:6b:03:21:17:98:cf:12:be:66:3b:
a3:b7:a9:f7:7a:07:2c:20:d3:3c:49:d2:ed:9c:17:03:86:79:
5d:57:e9:d7:42:4c:a2:40:73:ff:a2:61:40:58:08:19:10:5b:
b2:00:f7:dd:ad:2c:2d:93:fb:19:37:3a:0e:a2:f7:1c:59:96:
52:a4:25:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGt4rS/q1ecddkijulHK7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MmM5YmMyZDJkYWNmZDZmMTMwZDg1YTg0ZmVkZWFiZjE3
OWE1NjcwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJhMDcxNDczYmMwYzcxYzYwZmYwZmZkMjM2YzI0ODk4MjU2NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJtk0xuUNtE/q5fcJQSvNa7n+VOj
VqoMH9OyjlXfzb/t2j5c8NcF9rbgL0VfoT8Kp/fd5uABIAkOi0mpayvQL6qs2taC
45kLA1V9syKwX1jstGoLjMIQRrpMFuRk3jWmriWiiOCedFPpEsxNRFu4RGcPacwV
bn2NDcQOqoM0ocFIOvMratU9wCRS8WgxQK/O79fPXQwaAWGot06EixOqwVDFKvxY
Ort5cIsCwajWsQ+xa73znd4lVQE/c1NfqrzodbbNl0y5awaSrwD4nYEpzLPW9DFd
Vwm7oEH3DqCnugC1zUs+wCACXtNf7HIOLDcHSahqhjlftVEKopx9GFsR4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFQqBxRzvAxxxg/w/9I2wkiYJWQmMB8GA1UdIwQY
MBaAFKgsm8LS2s/W8TDYWoT+3qvxeaVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgt
NTVjMTQwYzlmNTRmLzEvVkNvSEZITzhESEhHRF9EXzBqYkNTSmdsWkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYjkxODUtNDBiNS00OTBiLTlhZjgtNTVjMTQwYzlmNTRm
LzEvcUN5Ynd0TGF6OWJ4TU5oYWhQN2VxX0Y1cFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAEUADAN
BgkqhkiG9w0BAQsFAAOCAQEAD6urdp4+jJJi7F3+dmnf8H4rUseyYuswjze2r4Sn
7JnYZ/uEGRsJxy/AvupyU9a2WFXzKEpCtHcjPTu6dEzLUttEwqdb9mFGFUKOzYVb
r4Cq1sh+492t3QKzhYbHIlkr2oNwSBmYk3u+xtE7jBhpDuhyeNs7Rpkq+nOLNYZL
Nbo8Lnjl0fgAktpDkC8y7qJqo6PyNkXI8U3eFN1crPUxQpoXFVQb6tmp9+MVMAzD
RZsypU6yCl10j4LI0IVrAyEXmM8SvmY7o7ep93oHLCDTPEnS7ZwXA4Z5XVfp10JM
okBz/6JhQFgIGRBbsgD33a0sLZP7GTc6DqL3HFmWUqQlZw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:15:20 2024 by rpki-client on console-fra.rpki-client.org