Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/j5a67ySjThAK3cSkis_vi5k3qec.roa
File: j5a67ySjThAK3cSkis_vi5k3qec.roa (raw, json)
Hash identifier: lO7rtjk8uZKo1cQ2l937nOHr/2PqYKNfsJcWPSQ5c/s=
Subject key identifier: 8F:96:BA:EF:24:A3:4E:10:0A:DD:C4:A4:8A:CF:EF:8B:99:37:A9:E7
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 018CC492E37CB64A35E60336F9EB0EE20EFE
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/j5a67ySjThAK3cSkis_vi5k3qec.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 2001:2044::/32 maxlen: 32
2001:2040::/32 maxlen: 32
2001:2042::/31 maxlen: 31
2001:2001:9000::/40 maxlen: 40
2001:2001:4000::/36 maxlen: 36
2001:2090::/31 maxlen: 31
2001:2040::/27 maxlen: 27
2001:2000:9000::/40 maxlen: 40
2001:2000:4000::/40 maxlen: 40
2001:2000::/48 maxlen: 48
2001:2040:c010::/48 maxlen: 48
2001:2040:c010::/47 maxlen: 47
2001:2002::/32 maxlen: 32
2001:2040:c011::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e3:7c:b6:4a:35:e6:03:36:f9:eb:0e:e2:0e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f96baef24a34e100addc4a48acfef8b9937a9e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:e2:7d:26:e1:1c:77:96:a2:98:15:4d:fe:
b0:dd:e2:71:9b:e3:6a:a1:3c:aa:82:b3:5a:56:1d:
df:37:91:99:ca:7c:ec:fd:63:5d:a0:62:01:ec:1a:
b2:00:9e:9e:87:67:be:f3:57:61:07:f4:5b:dc:01:
f7:70:74:ff:1a:8c:92:4a:f5:a7:9a:94:46:2d:c9:
a8:f6:2b:9c:d0:f7:4a:b7:12:95:48:bf:32:e5:cb:
c3:cd:68:35:68:a1:b0:1d:39:50:c0:d2:21:e8:ee:
63:53:bc:4c:93:5a:0f:90:e2:f3:39:4b:80:41:85:
50:b2:82:e4:4f:62:95:6a:77:81:e1:70:80:88:1f:
c7:0c:dd:d6:da:09:91:f6:5a:dd:2a:da:a5:31:97:
7c:62:ee:68:a0:e5:ab:ab:07:56:13:6b:cc:cb:e5:
e4:2f:e0:3c:b1:4e:cc:f4:04:ba:c4:0e:33:d6:9c:
73:53:7d:9b:b9:ed:ad:19:c9:41:07:2c:24:21:c0:
87:fa:aa:ec:f7:18:43:a8:df:78:9f:7d:9c:96:af:
70:8c:e9:15:f9:e1:6e:ae:ed:36:dc:3f:65:b4:f0:
4c:ce:bd:11:42:b9:dc:c6:e0:2a:51:76:67:08:b9:
9e:96:79:7d:e8:74:55:7e:86:2f:8a:5e:43:62:a2:
67:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:96:BA:EF:24:A3:4E:10:0A:DD:C4:A4:8A:CF:EF:8B:99:37:A9:E7
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/j5a67ySjThAK3cSkis_vi5k3qec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000::/48
2001:2000:4000::/40
2001:2000:9000::/40
2001:2001:4000::/36
2001:2001:9000::/40
2001:2002::/32
2001:2040::/27
2001:2090::/31
Signature Algorithm: sha256WithRSAEncryption
0b:da:df:3d:a4:c9:4c:6c:03:d3:31:1d:4e:5a:94:63:f3:cc:
5e:96:a9:09:77:89:c1:d7:70:8d:5d:46:36:50:24:b8:db:57:
72:06:84:47:a2:d8:31:67:37:e5:3d:2a:20:bd:19:14:15:8a:
3b:d7:2b:a7:af:73:bf:4a:0c:c5:fb:6e:64:b4:09:5d:8e:12:
42:a7:5f:8d:a7:81:04:9a:fc:49:ef:9e:31:47:f6:75:0a:6e:
86:07:65:d1:da:11:a5:ac:9e:1f:61:bd:16:c4:ba:fc:7f:51:
5e:49:6b:97:15:d3:c8:f0:2e:50:d0:64:f1:9e:4c:3b:b9:6b:
4b:f4:ee:90:22:a7:6f:40:25:14:03:7d:f5:51:b3:4d:91:31:
36:3b:d9:79:af:22:3b:43:62:0f:06:68:63:56:d2:e9:7e:00:
bc:d0:eb:9e:d0:46:89:67:3f:73:6d:45:74:95:54:fd:e5:83:
c3:0f:c4:b5:3f:91:b7:a6:85:a9:de:d3:a9:e7:97:ab:f8:96:
99:4e:4e:c3:9f:f1:08:fc:99:61:9e:6d:c5:1b:df:03:8a:5e:
36:34:59:eb:81:d6:d6:2f:f3:51:f4:67:4c:2a:f4:e7:99:75:
d5:12:8c:1f:22:2a:2a:0f:fb:17:79:a1:f4:ce:ee:66:32:fe:
14:f3:da:74
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzEkuN8tko15gM2+esO4g7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk2YmFlZjI0YTM0ZTEwMGFkZGM0YTQ4YWNmZWY4Yjk5MzdhOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVjifSbhHHeWopgVTf6w3eJxm+Nq
oTyqgrNaVh3fN5GZynzs/WNdoGIB7BqyAJ6eh2e+81dhB/Rb3AH3cHT/GoySSvWn
mpRGLcmo9iuc0PdKtxKVSL8y5cvDzWg1aKGwHTlQwNIh6O5jU7xMk1oPkOLzOUuA
QYVQsoLkT2KVaneB4XCAiB/HDN3W2gmR9lrdKtqlMZd8Yu5ooOWrqwdWE2vMy+Xk
L+A8sU7M9AS6xA4z1pxzU32bue2tGclBBywkIcCH+qrs9xhDqN94n32clq9wjOkV
+eFuru023D9ltPBMzr0RQrncxuAqUXZnCLmelnl96HRVfoYvil5DYqJnowIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFI+Wuu8ko04QCt3EpIrP74uZN6nnMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvajVhNjd5U2pUaEFLM2NTa2lzX3ZpNWszcWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAAjA+AwcAIAEgAAAA
AwYAIAEgAEADBgAgASAAkAMGBCABIAFAAwYAIAEgAZADBQAgASACAwUFIAEgQAMF
ASABIJAwDQYJKoZIhvcNAQELBQADggEBAAva3z2kyUxsA9MxHU5alGPzzF6WqQl3
icHXcI1dRjZQJLjbV3IGhEei2DFnN+U9KiC9GRQVijvXK6evc79KDMX7bmS0CV2O
EkKnX42ngQSa/EnvnjFH9nUKboYHZdHaEaWsnh9hvRbEuvx/UV5Ja5cV08jwLlDQ
ZPGeTDu5a0v07pAip29AJRQDffVRs02RMTY72XmvIjtDYg8GaGNW0ul+ALzQ657Q
RolnP3NtRXSVVP3lg8MPxLU/kbemhane06nnl6v4lplOTsOf8Qj8mWGebcUb3wOK
XjY0WeuB1tYv81H0Z0wq9OeZddUSjB8iKioP+xd5ofTO7mYy/hTz2nQ=
-----END CERTIFICATE-----
Generated at Sun May 19 23:12:09 2024 by rpki-client on console-ams.rpki-client.org