Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/oXgv0OEXVGK-IB5IknaTs8npcOI.roa
File: oXgv0OEXVGK-IB5IknaTs8npcOI.roa (raw, json)
Hash identifier: QJ3y7Ue6AmWpgxO9EV4H7tJudwyWHhGyNVbl0SkQTJU=
Subject key identifier: A1:78:2F:D0:E1:17:54:62:BE:20:1E:48:92:76:93:B3:C9:E9:70:E2
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE8189C60966F1E593FA13B09E8175
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/oXgv0OEXVGK-IB5IknaTs8npcOI.roa
Signing time: Tue 02 Jan 2024 06:31:14 +0000
ROA not before: Tue 02 Jan 2024 06:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34775
IP address blocks: 2a09:50c0::/48 maxlen: 48
2a09:97c0::/48 maxlen: 48
2a09:5140::/48 maxlen: 48
2a06:ba00::/48 maxlen: 48
2a09:9840::/48 maxlen: 48
2a09:12c0::/48 maxlen: 48
2a09:5240::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:81:89:c6:09:66:f1:e5:93:fa:13:b0:9e:81:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1782fd0e1175462be201e48927693b3c9e970e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d9:25:14:bf:ce:93:61:86:44:4c:c6:bf:55:
3d:db:5e:88:a7:6d:c2:5f:ab:c7:3b:53:17:ea:e0:
11:6d:e5:93:48:d0:84:fd:89:96:51:31:3e:f5:30:
42:53:f0:b9:7d:86:f5:9c:08:f4:30:3a:4d:d0:62:
65:bd:0c:94:c4:3e:e6:ac:e9:90:bb:63:4e:0c:71:
a3:d9:24:9d:65:d1:8f:8c:64:bd:f0:bc:4e:7d:9a:
2c:51:00:40:d1:12:43:1f:79:7f:93:3b:fb:9c:4b:
1e:4c:c7:ca:c7:08:19:4c:33:78:fb:06:b7:1b:ad:
61:b8:c2:42:af:ed:4d:a9:e3:42:94:a8:c8:0d:c5:
52:ce:62:a1:5a:42:8f:0d:b5:27:54:ff:09:dc:14:
c0:63:db:ce:4e:8d:f5:4a:04:fd:82:8d:f4:1d:14:
da:f3:89:5f:4c:1b:66:7c:17:d7:a7:3e:db:32:1c:
81:20:7d:9a:fe:c3:a1:41:1e:7e:ab:2c:55:53:de:
51:d4:8e:b3:5d:78:61:17:7e:96:35:af:45:b2:e2:
88:07:78:a3:88:85:d1:78:5c:69:c6:39:6d:89:7d:
c8:0d:7a:57:7f:1e:e8:61:69:d2:43:cd:df:38:c8:
58:34:cd:61:79:60:68:f5:55:16:36:37:48:73:98:
4b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:78:2F:D0:E1:17:54:62:BE:20:1E:48:92:76:93:B3:C9:E9:70:E2
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/oXgv0OEXVGK-IB5IknaTs8npcOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:ba00::/48
2a09:12c0::/48
2a09:50c0::/48
2a09:5140::/48
2a09:5240::/48
2a09:97c0::/48
2a09:9840::/48
Signature Algorithm: sha256WithRSAEncryption
31:01:61:1d:36:73:46:be:e7:a6:2c:fc:d7:16:11:27:d1:f8:
da:46:29:c4:48:6c:5e:d6:e1:1c:2a:32:36:f9:1d:d2:6e:8b:
16:d7:e5:25:20:f5:27:57:0a:56:b6:86:29:fd:b2:66:82:a3:
a3:0d:17:0c:bf:e1:0b:d5:84:4f:30:79:44:3b:7d:ea:38:bf:
45:0e:e4:60:7e:d5:37:2b:ea:99:05:2e:ba:93:e2:e5:c5:f7:
8e:54:21:17:57:de:7e:d6:73:16:6d:66:6b:17:21:61:6d:81:
da:82:61:0c:e9:f7:3e:2c:96:ea:55:23:28:ed:00:5e:2a:91:
fe:2a:e6:f6:e4:ca:aa:78:41:91:55:27:44:f6:dc:94:ee:34:
8b:83:0d:7b:f3:30:ae:05:d7:e7:a0:4b:23:69:ed:18:81:88:
93:33:37:23:4e:15:c1:34:df:3f:5e:95:d7:23:71:12:a5:db:
5c:27:92:3e:50:da:f5:d1:4a:31:aa:f6:ef:ce:37:60:39:6c:
52:16:b2:0e:3a:c0:2a:91:7e:cf:0e:1f:17:5d:17:d3:9e:27:
b2:bc:fd:28:b6:1b:6a:b0:0d:c5:04:6e:01:44:eb:e8:fa:d9:
41:d2:01:19:48:d4:8e:62:f6:13:e6:89:ab:4e:f3:e1:ef:33:
2e:50:36:3e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzI3oGJxglm8eWT+hOwnoF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTc4MmZkMGUxMTc1NDYyYmUyMDFlNDg5Mjc2OTNiM2M5ZTk3MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldklFL/Ok2GGREzGv1U9216Ip23C
X6vHO1MX6uARbeWTSNCE/YmWUTE+9TBCU/C5fYb1nAj0MDpN0GJlvQyUxD7mrOmQ
u2NODHGj2SSdZdGPjGS98LxOfZosUQBA0RJDH3l/kzv7nEseTMfKxwgZTDN4+wa3
G61huMJCr+1NqeNClKjIDcVSzmKhWkKPDbUnVP8J3BTAY9vOTo31SgT9go30HRTa
84lfTBtmfBfXpz7bMhyBIH2a/sOhQR5+qyxVU95R1I6zXXhhF36WNa9FsuKIB3ij
iIXReFxpxjltiX3IDXpXfx7oYWnSQ83fOMhYNM1heWBo9VUWNjdIc5hLUQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFKF4L9DhF1RiviAeSJJ2k7PJ6XDiMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvb1hndjBPRVhWR0stSUI1SWtuYVRzOG5wY09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKga6AAAA
AwcAKgkSwAAAAwcAKglQwAAAAwcAKglRQAAAAwcAKglSQAAAAwcAKgmXwAAAAwcA
KgmYQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAxAWEdNnNGvuemLPzXFhEn0fjaRinE
SGxe1uEcKjI2+R3SbosW1+UlIPUnVwpWtoYp/bJmgqOjDRcMv+EL1YRPMHlEO33q
OL9FDuRgftU3K+qZBS66k+LlxfeOVCEXV95+1nMWbWZrFyFhbYHagmEM6fc+LJbq
VSMo7QBeKpH+Kub25MqqeEGRVSdE9tyU7jSLgw178zCuBdfnoEsjae0YgYiTMzcj
ThXBNN8/XpXXI3ESpdtcJ5I+UNr10UoxqvbvzjdgOWxSFrIOOsAqkX7PDh8XXRfT
nieyvP0othtqsA3FBG4BROvo+tlB0gEZSNSOYvYT5omrTvPh7zMuUDY+
-----END CERTIFICATE-----
Generated at Wed May 8 16:51:44 2024 by rpki-client on console-fra.rpki-client.org