Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/uGvhE5BCsgC4I20aOScKI7_p_0E.roa
File: uGvhE5BCsgC4I20aOScKI7_p_0E.roa (raw, json)
Hash identifier: Bn5g+NYuNXHiCGdmSnjhYpiRFIuKEeJY4+b0ZJMZBN4=
Subject key identifier: B8:6B:E1:13:90:42:B2:00:B8:23:6D:1A:39:27:0A:23:BF:E9:FF:41
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 018CC8016910039273876F14948C1310A6E6
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/uGvhE5BCsgC4I20aOScKI7_p_0E.roa
Signing time: Tue 02 Jan 2024 02:29:44 +0000
ROA not before: Tue 02 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2043
IP address blocks: 2001:67c:1d4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:69:10:03:92:73:87:6f:14:94:8c:13:10:a6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b86be1139042b200b8236d1a39270a23bfe9ff41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c2:5c:84:41:5c:58:fa:97:1d:18:9a:a9:2d:
81:36:74:8c:96:62:33:d1:ec:24:50:fc:4e:a4:d7:
bb:44:cd:2b:52:84:00:f3:dd:26:d0:22:ef:8e:cf:
e0:a1:c5:93:42:ab:44:86:bc:73:0b:27:b5:44:25:
2a:43:4c:39:54:18:13:7a:4f:e6:76:95:1c:95:64:
f9:2d:a0:06:3c:21:32:15:7d:44:46:27:61:36:20:
82:e8:d3:1f:4a:a1:4b:cf:d6:e6:a0:bd:5d:e5:20:
ea:5b:2a:25:54:82:a4:20:ec:45:43:a7:5c:c6:f3:
b3:b8:f7:c6:6d:ec:db:fd:62:a2:f6:d0:d9:e8:3f:
49:dd:fb:82:db:e4:a7:7f:85:c0:11:3f:87:56:22:
3c:11:d2:3e:76:61:3d:60:09:c7:80:95:c4:fa:7c:
9b:26:a5:8b:98:59:f9:6e:89:7d:a8:ab:60:fb:cc:
c9:ac:51:27:ed:a5:bd:6b:52:15:28:41:68:8d:bb:
4e:c8:b5:a9:51:c9:17:c0:24:de:71:8a:bc:ae:70:
8d:54:6b:6f:05:ae:91:c5:53:13:8e:7c:a3:0d:80:
8d:fd:9e:4a:23:19:17:c7:5f:b7:51:07:51:4a:6f:
5a:e8:a5:0d:cb:d2:0c:f2:4b:ba:61:04:e7:b9:cb:
dc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6B:E1:13:90:42:B2:00:B8:23:6D:1A:39:27:0A:23:BF:E9:FF:41
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/uGvhE5BCsgC4I20aOScKI7_p_0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1d4::/48
Signature Algorithm: sha256WithRSAEncryption
84:b1:ce:40:32:5c:d0:d2:b3:f0:74:15:ca:07:29:bd:30:9a:
bd:34:f6:94:ef:c2:d0:59:06:ac:2c:fc:ab:a7:39:49:00:0e:
8a:af:64:a2:bf:3d:16:b2:80:aa:d5:3e:7f:57:fd:d5:67:a9:
2f:4a:7f:5b:d0:c6:26:53:ac:aa:8f:b3:25:76:c9:3e:20:a5:
a2:d7:a1:bc:0a:38:91:85:93:08:d4:2b:21:3c:fe:cb:77:14:
37:ff:7c:2d:97:66:38:70:7e:85:8d:fc:2f:e1:da:da:47:94:
0d:03:c5:1b:88:2e:1f:ce:fd:e7:c1:e8:13:dc:34:71:eb:9c:
a8:92:2a:51:27:f3:49:76:6e:77:b8:5e:b6:50:a1:00:ec:8c:
20:18:82:8e:c1:20:4d:54:d2:2c:1a:47:4b:11:5d:b8:90:6a:
51:43:e8:32:df:03:5e:50:7d:f1:d0:e5:5a:49:9b:00:e6:14:
4c:7d:79:78:d5:c8:db:c2:49:5b:3e:79:b5:f7:6e:53:a3:09:
e1:50:f3:50:1d:bf:ed:78:a6:14:b6:ec:18:e9:a3:d8:5c:9a:
1b:ce:d0:fe:64:ad:8a:bf:7c:0d:db:bc:e1:28:c5:14:62:c6:
47:84:9e:96:b0:5a:4a:8e:9c:89:4b:d4:af:0b:c1:bc:1c:17:
a2:6a:5c:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAWkQA5Jzh28UlIwTEKbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjQwMTAyMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZiZTExMzkwNDJiMjAwYjgyMzZkMWEzOTI3MGEyM2JmZTlmZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcJchEFcWPqXHRiaqS2BNnSMlmIz
0ewkUPxOpNe7RM0rUoQA890m0CLvjs/gocWTQqtEhrxzCye1RCUqQ0w5VBgTek/m
dpUclWT5LaAGPCEyFX1ERidhNiCC6NMfSqFLz9bmoL1d5SDqWyolVIKkIOxFQ6dc
xvOzuPfGbezb/WKi9tDZ6D9J3fuC2+Snf4XAET+HViI8EdI+dmE9YAnHgJXE+nyb
JqWLmFn5bol9qKtg+8zJrFEn7aW9a1IVKEFojbtOyLWpUckXwCTecYq8rnCNVGtv
Ba6RxVMTjnyjDYCN/Z5KIxkXx1+3UQdRSm9a6KUNy9IM8ku6YQTnucvcnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLhr4ROQQrIAuCNtGjknCiO/6f9BMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvdUd2aEU1QkNzZ0M0STIwYU9TY0tJN19wXzBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAHU
MA0GCSqGSIb3DQEBCwUAA4IBAQCEsc5AMlzQ0rPwdBXKBym9MJq9NPaU78LQWQas
LPyrpzlJAA6Kr2Sivz0WsoCq1T5/V/3VZ6kvSn9b0MYmU6yqj7Mldsk+IKWi16G8
CjiRhZMI1CshPP7LdxQ3/3wtl2Y4cH6Fjfwv4draR5QNA8UbiC4fzv3nwegT3DRx
65yokipRJ/NJdm53uF62UKEA7IwgGIKOwSBNVNIsGkdLEV24kGpRQ+gy3wNeUH3x
0OVaSZsA5hRMfXl41cjbwklbPnm1925TownhUPNQHb/teKYUtuwY6aPYXJobztD+
ZK2Kv3wN27zhKMUUYsZHhJ6WsFpKjpyJS9SvC8G8HBeialyQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:07:05 2024 by rpki-client on console-fra.rpki-client.org