Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/SKQYn6zcLKtVkOEW1raCXlNPWQw.roa
File: SKQYn6zcLKtVkOEW1raCXlNPWQw.roa (raw, json)
Hash identifier: AGdQS/LYIJ7XhowWkYs2mtf7WAjbdmz4Cl/NyVvNjHM=
Subject key identifier: 48:A4:18:9F:AC:DC:2C:AB:55:90:E1:16:D6:B6:82:5E:53:4F:59:0C
Certificate issuer: /CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb
Certificate serial: 018CC86F062E616928DE7F89DED6552BE59A
Authority key identifier: 14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/SKQYn6zcLKtVkOEW1raCXlNPWQw.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208169
IP address blocks: 2001:678:e3c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.mft
rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:06:2e:61:69:28:de:7f:89:de:d6:55:2b:e5:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48a4189facdc2cab5590e116d6b6825e534f590c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:37:2e:08:47:d2:95:b5:8a:98:78:f2:68:44:
98:cd:de:27:93:b7:26:56:a6:c4:b5:45:a7:76:c6:
b4:f8:62:19:57:43:2c:be:e1:de:2b:05:59:d7:46:
e8:c1:d2:78:14:3c:be:dc:e5:53:7f:fa:f6:ee:d9:
ad:99:a0:e2:95:e4:ec:85:a1:5c:bc:c6:fe:b6:a7:
3b:56:8b:fa:9e:96:83:96:71:dd:b2:5e:2d:e9:6b:
ad:55:b2:b7:4f:38:14:df:e6:6e:d4:c6:2c:42:7e:
e7:c8:b3:21:dd:73:55:1e:31:f9:6d:2c:af:72:f8:
7d:29:64:10:36:db:3b:56:78:33:7d:6e:2a:3f:f3:
02:0c:e9:4f:e2:4a:a8:45:f9:1a:ac:98:db:e2:20:
43:76:ca:cc:b6:d2:2d:30:4b:3d:1c:ae:e8:43:a1:
39:97:3f:23:0b:11:c6:a0:a6:1a:37:c4:83:ae:e5:
24:0e:89:8f:76:4d:24:14:e9:5b:86:ba:12:84:16:
a7:f9:4c:30:43:3b:57:45:87:6e:e9:dc:98:9a:27:
1e:42:f8:21:9d:39:6c:90:86:27:65:73:4a:06:66:
7f:cc:15:c5:2a:a7:c3:90:cc:4f:63:3c:60:ca:e3:
43:aa:90:8c:db:7a:28:15:65:e1:70:e4:76:c0:d8:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A4:18:9F:AC:DC:2C:AB:55:90:E1:16:D6:B6:82:5E:53:4F:59:0C
X509v3 Authority Key Identifier:
keyid:14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/SKQYn6zcLKtVkOEW1raCXlNPWQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e3c::/48
Signature Algorithm: sha256WithRSAEncryption
12:20:cc:11:de:f1:68:bb:15:2d:2d:ef:9f:ff:c1:94:01:37:
bd:e7:04:c6:f1:6d:8b:81:5b:47:44:71:7d:09:9c:f6:42:f0:
d3:81:b9:ae:c2:20:c5:42:ae:30:ec:36:31:f9:db:0a:58:a8:
9d:f0:6d:ad:82:41:5e:f5:f2:a6:b1:62:16:68:81:96:04:7b:
45:de:23:e0:9b:4c:b7:ae:e8:65:ee:37:e5:80:43:13:7b:7a:
07:b4:56:bd:12:9e:6f:67:87:71:76:71:2a:3b:ac:2c:e8:23:
56:51:9f:11:2f:d4:34:28:b4:25:14:b2:de:c8:28:80:ec:59:
ab:7f:bb:93:94:72:4f:d1:b9:02:b4:73:5a:59:0e:00:1f:88:
78:de:46:ee:90:c7:2a:61:e8:8a:e3:7e:da:c9:6c:60:3f:8a:
8f:1e:bd:03:d1:52:c1:89:0e:8f:35:dd:99:07:59:ea:93:e9:
fb:3f:a7:a7:8a:70:3c:bf:fc:02:bd:44:40:5c:94:06:1b:1b:
74:b2:fd:14:d4:ba:d7:e6:a2:e8:c4:bd:e4:0d:1a:a0:70:1d:
e9:a0:92:ce:29:b8:46:68:b7:c4:5e:ff:50:7e:4d:13:44:27:
0b:81:9a:3c:f5:c5:1e:19:9a:ab:b6:c0:66:3f:d0:23:3e:74:
5b:c6:d8:8f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIbwYuYWko3n+J3tZVK+WaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YTQ3ODBmNWNkMDdlOTQ4YmU2ZmE0YjQ5MjVhNzMxMzkw
NmQ1ZWIwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGE0MTg5ZmFjZGMyY2FiNTU5MGUxMTZkNmI2ODI1ZTUzNGY1OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljcuCEfSlbWKmHjyaESYzd4nk7cm
VqbEtUWndsa0+GIZV0MsvuHeKwVZ10bowdJ4FDy+3OVTf/r27tmtmaDileTshaFc
vMb+tqc7Vov6npaDlnHdsl4t6WutVbK3TzgU3+Zu1MYsQn7nyLMh3XNVHjH5bSyv
cvh9KWQQNts7VngzfW4qP/MCDOlP4kqoRfkarJjb4iBDdsrMttItMEs9HK7oQ6E5
lz8jCxHGoKYaN8SDruUkDomPdk0kFOlbhroShBan+UwwQztXRYdu6dyYmiceQvgh
nTlskIYnZXNKBmZ/zBXFKqfDkMxPYzxgyuNDqpCM23ooFWXhcOR2wNjkdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEikGJ+s3CyrVZDhFta2gl5TT1kMMB8GA1UdIwQY
MBaAFBSkeA9c0H6Ui+b6S0klpzE5BtXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRktSNEQxelFmcFNMNXZwTFNTV25NVGtHMWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80MmNkYWItMjAyOS00NjI0LTlmNGIt
OTkzMjM2ODYyMTZkLzEvU0tRWW42emNMS3RWa09FVzFyYUNYbE5QV1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80MmNkYWItMjAyOS00NjI0LTlmNGItOTkzMjM2ODYyMTZk
LzEvRktSNEQxelFmcFNMNXZwTFNTV25NVGtHMWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA48
MA0GCSqGSIb3DQEBCwUAA4IBAQASIMwR3vFouxUtLe+f/8GUATe95wTG8W2LgVtH
RHF9CZz2QvDTgbmuwiDFQq4w7DYx+dsKWKid8G2tgkFe9fKmsWIWaIGWBHtF3iPg
m0y3ruhl7jflgEMTe3oHtFa9Ep5vZ4dxdnEqO6ws6CNWUZ8RL9Q0KLQlFLLeyCiA
7Fmrf7uTlHJP0bkCtHNaWQ4AH4h43kbukMcqYeiK437ayWxgP4qPHr0D0VLBiQ6P
Nd2ZB1nqk+n7P6eninA8v/wCvURAXJQGGxt0sv0U1LrX5qLoxL3kDRqgcB3poJLO
KbhGaLfEXv9Qfk0TRCcLgZo89cUeGZqrtsBmP9AjPnRbxtiP
-----END CERTIFICATE-----
Generated at Fri May 17 18:41:41 2024 by rpki-client on console-ams.rpki-client.org