Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/r9OYUHQEWvLvzoIOqiROVB7OYc4.roa
File: r9OYUHQEWvLvzoIOqiROVB7OYc4.roa (raw, json)
Hash identifier: u+1ndhXL9q4POWihwuLCfUWN8DsqTs4rGzXFbG1UymM=
Subject key identifier: AF:D3:98:50:74:04:5A:F2:EF:CE:82:0E:AA:24:4E:54:1E:CE:61:CE
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 018CC8DE8DEB0609E57DC3A198823CB12078
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/r9OYUHQEWvLvzoIOqiROVB7OYc4.roa
Signing time: Tue 02 Jan 2024 06:31:17 +0000
ROA not before: Tue 02 Jan 2024 06:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59550
IP address blocks: 2a00:1ca8:3f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:8d:eb:06:09:e5:7d:c3:a1:98:82:3c:b1:20:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 2 06:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afd3985074045af2efce820eaa244e541ece61ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:62:63:bb:cf:0a:8d:1b:a0:d3:4c:46:34:
cb:0c:3e:9d:f3:cf:2e:3e:85:3c:6d:64:58:ae:c8:
ef:05:eb:2b:6e:13:3b:e0:a2:9e:dc:ab:b6:53:ac:
3c:9a:19:56:b7:7c:d7:5a:56:63:ed:8f:5d:90:0a:
6c:50:4a:2b:80:d5:0e:99:ae:3d:60:66:32:e7:28:
7e:df:be:c8:d2:1b:75:5c:30:40:86:72:0e:cd:a8:
ea:be:39:23:03:17:91:cc:e2:44:8b:f3:3b:82:d9:
a5:6d:15:f1:4b:f9:5d:d2:10:06:c2:18:ef:45:6d:
b2:bb:83:a6:4e:80:be:d9:42:09:39:46:20:51:70:
67:a7:9e:13:94:d5:c2:38:b4:71:16:2e:7a:b1:d5:
b9:8a:d7:19:ff:00:3d:91:6d:25:4c:c9:37:e5:ac:
eb:1f:34:9e:33:61:ec:81:d0:c6:d8:0b:e6:e3:00:
24:72:f5:e8:c7:0a:4f:89:5b:ee:ec:71:aa:b7:d4:
36:0d:3a:cc:f3:78:35:fb:c9:6d:16:e3:31:f3:41:
ae:59:eb:05:bc:7f:0f:6c:b3:0e:e3:86:7f:0b:7a:
80:5a:3c:71:67:af:63:83:68:99:f1:4a:ba:fc:26:
ec:df:14:f9:b0:b6:01:77:8c:42:97:77:a7:21:50:
1e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D3:98:50:74:04:5A:F2:EF:CE:82:0E:AA:24:4E:54:1E:CE:61:CE
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/r9OYUHQEWvLvzoIOqiROVB7OYc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1ca8:3f::/48
Signature Algorithm: sha256WithRSAEncryption
57:a7:16:13:79:eb:71:7a:82:27:a5:bb:5b:9b:7a:21:b4:2c:
5e:ed:57:70:95:c6:c7:b9:d9:18:d1:92:fc:fc:3d:2e:01:99:
e4:14:69:37:07:41:b9:36:ef:aa:e6:b6:5f:05:2f:9d:a2:e8:
bb:d8:34:a9:03:c5:8b:fe:64:9e:c2:f2:b4:c6:ba:4c:5f:fa:
36:60:64:17:b4:29:18:c0:00:cf:6f:c8:27:22:9d:9f:dd:e9:
9e:35:c2:b1:5b:a3:5c:4e:a2:15:c2:63:55:99:30:dc:28:ad:
29:32:ab:e3:b1:ba:30:2c:e5:97:77:91:21:40:55:40:63:99:
dc:97:c8:d6:6f:18:84:3a:5d:7e:bc:af:90:2e:e5:ac:59:a3:
29:f3:d9:43:bb:6b:2d:8b:40:3c:bf:30:eb:26:03:06:99:ed:
61:f6:1b:ab:f1:05:8b:0c:b4:10:43:e1:a1:00:99:c0:eb:bf:
1c:a0:ab:be:6e:b4:52:f9:4c:91:40:cd:a0:78:23:f1:0f:ca:
cd:76:51:b2:6e:cf:ae:2f:dc:1e:bd:a1:d5:01:32:1b:1b:85:
8d:e9:ca:97:57:32:ff:df:78:90:e3:cd:8a:78:b0:fc:5b:af:
96:9f:d1:9f:e4:1d:b8:03:64:8e:f1:31:67:33:9f:e1:6f:9b:
6d:09:e7:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzI3o3rBgnlfcOhmII8sSB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjQwMTAyMDYzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmQzOTg1MDc0MDQ1YWYyZWZjZTgyMGVhYTI0NGU1NDFlY2U2MWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUBiY7vPCo0boNNMRjTLDD6d888u
PoU8bWRYrsjvBesrbhM74KKe3Ku2U6w8mhlWt3zXWlZj7Y9dkApsUEorgNUOma49
YGYy5yh+377I0ht1XDBAhnIOzajqvjkjAxeRzOJEi/M7gtmlbRXxS/ld0hAGwhjv
RW2yu4OmToC+2UIJOUYgUXBnp54TlNXCOLRxFi56sdW5itcZ/wA9kW0lTMk35azr
HzSeM2HsgdDG2Avm4wAkcvXoxwpPiVvu7HGqt9Q2DTrM83g1+8ltFuMx80GuWesF
vH8PbLMO44Z/C3qAWjxxZ69jg2iZ8Uq6/Cbs3xT5sLYBd4xCl3enIVAe5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK/TmFB0BFry786CDqokTlQezmHOMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvcjlPWVVIUUVXdkx2em9JT3FpUk9WQjdPWWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAcqAA/
MA0GCSqGSIb3DQEBCwUAA4IBAQBXpxYTeetxeoInpbtbm3ohtCxe7VdwlcbHudkY
0ZL8/D0uAZnkFGk3B0G5Nu+q5rZfBS+doui72DSpA8WL/mSewvK0xrpMX/o2YGQX
tCkYwADPb8gnIp2f3emeNcKxW6NcTqIVwmNVmTDcKK0pMqvjsbowLOWXd5EhQFVA
Y5ncl8jWbxiEOl1+vK+QLuWsWaMp89lDu2sti0A8vzDrJgMGme1h9hur8QWLDLQQ
Q+GhAJnA678coKu+brRS+UyRQM2geCPxD8rNdlGybs+uL9wevaHVATIbG4WN6cqX
VzL/33iQ482KeLD8W6+Wn9Gf5B24A2SO8TFnM5/hb5ttCecQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:24 2024 by rpki-client on console-fra.rpki-client.org