Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/r2fMVW-IDkAJ5LeDSFJjM_dq-c4.roa
File: r2fMVW-IDkAJ5LeDSFJjM_dq-c4.roa (raw, json)
Hash identifier: bS92CnkuxdwUJdm6yfdyJaUhVnsL6UHHMAgPPhGG0Pk=
Subject key identifier: AF:67:CC:55:6F:88:0E:40:09:E4:B7:83:48:52:63:33:F7:6A:F9:CE
Certificate issuer: /CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Certificate serial: 018F589A95CF144DD7F7AF3CD1B3DF5D9896
Authority key identifier: 93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/r2fMVW-IDkAJ5LeDSFJjM_dq-c4.roa
Signing time: Wed 08 May 2024 14:27:56 +0000
ROA not before: Wed 08 May 2024 14:27:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206834
IP address blocks: 2a01:bb20:2000::/36 maxlen: 36
2a01:bb20:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.mft
rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:9a:95:cf:14:4d:d7:f7:af:3c:d1:b3:df:5d:98:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93503061e1ae503ec63d970b30875dd93ffabbdf
Validity
Not Before: May 8 14:27:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af67cc556f880e4009e4b78348526333f76af9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9f:67:bf:57:34:5d:ed:11:2a:45:ff:68:ae:
c3:e0:a2:de:b2:da:e4:a2:5f:50:c9:37:a7:d5:b7:
88:bd:a0:1a:a9:71:0c:6d:2b:ed:da:9f:e1:15:e1:
78:49:21:7f:21:96:5b:c3:72:11:b1:6d:5d:2c:6d:
cc:50:18:89:f3:56:6d:d2:7f:dc:32:28:99:ec:21:
5d:58:51:56:76:2c:45:b2:4d:6b:f6:f8:9a:6b:5d:
9c:8c:b7:07:a7:58:6e:e7:d0:b4:b5:02:78:1d:ef:
8c:99:29:f7:67:e4:b6:2f:9d:d2:6c:7c:8b:24:74:
af:cb:0a:76:e4:49:de:0d:10:59:81:20:ff:eb:13:
ed:62:bc:53:c1:7b:6a:29:f5:e8:6b:3b:a6:ce:3b:
85:a4:7e:4c:48:63:96:07:7c:eb:0d:79:3d:ae:d1:
1d:94:07:84:ea:01:40:41:a4:c8:95:8f:8f:98:ec:
1d:4b:b4:51:03:da:f6:a9:43:c2:30:1d:ee:62:fc:
24:d6:8c:31:34:99:14:92:e2:f8:79:84:d6:60:6c:
7b:cf:f5:ee:61:a8:f2:c1:c4:41:a2:c0:9d:aa:5b:
9c:74:4e:e7:23:a4:e4:f2:e3:76:6d:67:83:53:3c:
28:52:f3:ce:06:56:38:f7:88:ec:33:e9:6e:d2:d8:
57:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:67:CC:55:6F:88:0E:40:09:E4:B7:83:48:52:63:33:F7:6A:F9:CE
X509v3 Authority Key Identifier:
keyid:93:50:30:61:E1:AE:50:3E:C6:3D:97:0B:30:87:5D:D9:3F:FA:BB:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1AwYeGuUD7GPZcLMIdd2T_6u98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/r2fMVW-IDkAJ5LeDSFJjM_dq-c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a76ac1-5f22-47d1-b8c1-c623ed8f2f28/1/k1AwYeGuUD7GPZcLMIdd2T_6u98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:bb20:2000::/35
Signature Algorithm: sha256WithRSAEncryption
a1:08:b3:87:28:61:15:b5:49:ac:f2:f3:73:1f:27:f6:75:aa:
11:36:56:7b:ee:6e:af:cb:35:c5:ad:76:e5:7e:09:90:f5:33:
19:39:a0:f7:02:de:f6:ad:1d:8c:ba:e0:e6:d2:04:18:9f:2f:
b3:15:01:f7:07:b5:35:5d:be:a5:62:5c:30:2a:84:97:de:47:
67:47:5b:a3:37:04:1e:b0:ef:2e:a1:fd:c4:04:0d:9e:c6:f1:
89:ce:45:5c:50:5e:3a:68:9c:09:cf:ca:ed:8b:ab:ea:01:6e:
5b:7c:c0:04:ee:59:fa:22:5d:e9:77:71:de:8d:d8:ea:91:4a:
d0:a6:95:55:28:cd:d6:bc:bf:e6:e9:dc:5d:db:b5:01:e6:3a:
c6:be:64:a0:10:11:40:75:89:3a:72:f5:56:29:80:d9:09:f7:
3a:6d:b9:93:2f:7d:ea:e8:97:c1:e2:d5:ac:2d:b3:dc:d6:9a:
19:08:f4:bf:76:a2:69:3c:0b:9c:65:03:76:74:cd:37:f0:ed:
b4:51:95:6c:ca:fd:42:5b:00:07:e6:2d:4e:cf:86:84:84:18:
4d:f8:11:78:38:1e:1c:c9:16:9c:99:52:48:37:fe:1c:d1:de:
46:4a:ab:32:e9:98:85:5d:f9:69:41:ae:dd:11:d9:41:6e:82:
23:06:4c:a8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY9YmpXPFE3X96880bPfXZiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTAzMDYxZTFhZTUwM2VjNjNkOTcwYjMwODc1ZGQ5M2Zm
YWJiZGYwHhcNMjQwNTA4MTQyNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY3Y2M1NTZmODgwZTQwMDllNGI3ODM0ODUyNjMzM2Y3NmFmOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr59nv1c0Xe0RKkX/aK7D4KLestrk
ol9QyTen1beIvaAaqXEMbSvt2p/hFeF4SSF/IZZbw3IRsW1dLG3MUBiJ81Zt0n/c
MiiZ7CFdWFFWdixFsk1r9viaa12cjLcHp1hu59C0tQJ4He+MmSn3Z+S2L53SbHyL
JHSvywp25EneDRBZgSD/6xPtYrxTwXtqKfXoazumzjuFpH5MSGOWB3zrDXk9rtEd
lAeE6gFAQaTIlY+PmOwdS7RRA9r2qUPCMB3uYvwk1owxNJkUkuL4eYTWYGx7z/Xu
YajywcRBosCdqlucdE7nI6Tk8uN2bWeDUzwoUvPOBlY494jsM+lu0thXWwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK9nzFVviA5ACeS3g0hSYzP3avnOMB8GA1UdIwQY
MBaAFJNQMGHhrlA+xj2XCzCHXdk/+rvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEt
YzYyM2VkOGYyZjI4LzEvcjJmTVZXLUlEa0FKNUxlRFNGSmpNX2RxLWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hNzZhYzEtNWYyMi00N2QxLWI4YzEtYzYyM2VkOGYyZjI4
LzEvazFBd1llR3VVRDdHUFpjTE1JZGQyVF82dTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKgG7ICAw
DQYJKoZIhvcNAQELBQADggEBAKEIs4coYRW1Sazy83MfJ/Z1qhE2Vnvubq/LNcWt
duV+CZD1Mxk5oPcC3vatHYy64ObSBBifL7MVAfcHtTVdvqViXDAqhJfeR2dHW6M3
BB6w7y6h/cQEDZ7G8YnORVxQXjponAnPyu2Lq+oBblt8wATuWfoiXel3cd6N2OqR
StCmlVUozda8v+bp3F3btQHmOsa+ZKAQEUB1iTpy9VYpgNkJ9zptuZMvferol8Hi
1awts9zWmhkI9L92omk8C5xlA3Z0zTfw7bRRlWzK/UJbAAfmLU7PhoSEGE34EXg4
HhzJFpyZUkg3/hzR3kZKqzLpmIVd+WlBrt0R2UFugiMGTKg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:27 2024 by rpki-client on console-fra.rpki-client.org