Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/R8oOWs1ius38zX6yaMEKhz62-es.roa
File: R8oOWs1ius38zX6yaMEKhz62-es.roa (raw, json)
Hash identifier: 9pLMpjqGptVuPbfu7AbaNhe7Cy0xsT258RyDnjnIBcA=
Subject key identifier: 47:CA:0E:5A:CD:62:BA:CD:FC:CD:7E:B2:68:C1:0A:87:3E:B6:F9:EB
Certificate issuer: /CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Certificate serial: 018CC8DE9C01BCA49813D2DB5D01AFB586BD
Authority key identifier: 82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/R8oOWs1ius38zX6yaMEKhz62-es.roa
Signing time: Tue 02 Jan 2024 06:31:21 +0000
ROA not before: Tue 02 Jan 2024 06:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44286
IP address blocks: 2a02:2410::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.mft
rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:9c:01:bc:a4:98:13:d2:db:5d:01:af:b5:86:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Validity
Not Before: Jan 2 06:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47ca0e5acd62bacdfccd7eb268c10a873eb6f9eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b6:30:e5:56:1e:40:b6:c0:94:c3:cd:4c:87:
97:23:6c:78:58:d2:ba:0d:de:02:d6:72:00:c8:81:
0a:19:ec:96:31:45:30:62:7f:2a:10:c5:b5:a1:38:
8c:11:88:98:ce:6c:e1:5a:f8:e5:aa:25:db:b9:2d:
5c:03:10:da:01:97:23:03:e4:c8:f5:78:92:0d:48:
a0:cd:fc:5f:dc:1b:3b:ea:5a:7a:2c:d5:47:d8:f1:
d4:ec:55:ca:39:2c:39:a0:50:99:96:ef:48:5e:ec:
eb:87:06:e7:37:ad:4f:d4:9f:39:0b:26:fb:ec:48:
28:1b:b6:b9:fe:62:22:3b:0c:5c:18:93:d5:d2:76:
92:69:5e:13:7b:10:8a:84:7b:08:9b:02:a1:2c:14:
d0:ee:86:94:19:9a:dc:b1:25:af:dd:c3:0d:68:c5:
20:05:b9:3f:43:4a:67:41:15:1d:18:1d:9c:a1:6f:
e8:7e:dd:8f:99:db:97:2b:9f:c6:df:a8:5c:3b:9b:
42:6d:9f:f0:73:8b:41:f6:98:35:c2:1e:0f:ad:fc:
db:ab:98:35:ce:2d:2c:bf:43:6a:ff:de:81:a3:55:
38:d5:8c:88:04:75:98:ef:4b:fe:a7:93:fc:cd:0c:
3c:2d:ad:ef:3f:93:29:0d:0c:05:ba:72:cb:5b:04:
e2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:CA:0E:5A:CD:62:BA:CD:FC:CD:7E:B2:68:C1:0A:87:3E:B6:F9:EB
X509v3 Authority Key Identifier:
keyid:82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/R8oOWs1ius38zX6yaMEKhz62-es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2410::/32
Signature Algorithm: sha256WithRSAEncryption
60:60:90:3f:b9:a7:c4:03:41:9b:fb:dd:b4:f6:20:6f:59:e1:
52:3c:4a:3c:3d:3f:5c:93:d2:2b:64:8b:a9:ec:9f:45:f7:14:
6a:5d:6a:5e:2f:79:ae:73:28:e8:d0:95:c6:0e:79:cd:70:93:
74:8b:2d:62:d3:87:66:16:a1:36:85:88:92:9a:93:d1:95:07:
2c:89:5d:36:fe:65:a7:b2:f7:d3:15:90:76:6d:1d:2f:48:21:
5c:0c:e1:46:67:6a:6a:a9:16:34:f1:c8:60:4a:bf:6e:86:77:
36:51:7c:67:77:26:64:21:21:8b:c3:a0:8d:cd:b5:15:0a:45:
d3:f9:1f:00:26:97:8c:e2:ce:74:67:95:d4:7a:59:95:5a:ad:
84:33:c8:dc:27:ea:c1:b4:09:9c:0b:0c:f2:ce:a6:34:0e:40:
32:12:46:e9:e2:92:7e:f8:75:ab:f2:e6:4c:4b:54:32:1b:87:
47:a7:d0:d2:5e:67:81:0e:a6:a4:e3:70:1f:70:e1:ec:6b:09:
a8:08:e0:70:13:fa:9d:f0:26:4b:d1:ca:41:3e:20:12:b4:84:
b9:54:ba:97:ce:d9:3a:d8:e2:2e:53:0b:0a:78:cc:56:c3:73:
94:60:b6:8d:e8:ea:1f:5e:9b:dc:15:37:8e:f9:ef:21:88:7f:
d2:ef:aa:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI3pwBvKSYE9LbXQGvtYa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTM5NjgxYzVhYWVmYjM1ZTU0ZjRhZDhhZmE0MjhkNGZm
ZGUwNmEwHhcNMjQwMTAyMDYzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2NhMGU1YWNkNjJiYWNkZmNjZDdlYjI2OGMxMGE4NzNlYjZmOWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybYw5VYeQLbAlMPNTIeXI2x4WNK6
Dd4C1nIAyIEKGeyWMUUwYn8qEMW1oTiMEYiYzmzhWvjlqiXbuS1cAxDaAZcjA+TI
9XiSDUigzfxf3Bs76lp6LNVH2PHU7FXKOSw5oFCZlu9IXuzrhwbnN61P1J85Cyb7
7EgoG7a5/mIiOwxcGJPV0naSaV4TexCKhHsImwKhLBTQ7oaUGZrcsSWv3cMNaMUg
Bbk/Q0pnQRUdGB2coW/oft2PmduXK5/G36hcO5tCbZ/wc4tB9pg1wh4Prfzbq5g1
zi0sv0Nq/96Bo1U41YyIBHWY70v+p5P8zQw8La3vP5MpDQwFunLLWwTikQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEfKDlrNYrrN/M1+smjBCoc+tvnrMB8GA1UdIwQY
MBaAFILjloHFqu+zXlT0rYr6Qo1P/eBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgt
ZmFmZDE0OTZhZTU5LzEvUjhvT1dzMWl1czM4elg2eWFNRUtoejYyLWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgtZmFmZDE0OTZhZTU5
LzEvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIkEDAN
BgkqhkiG9w0BAQsFAAOCAQEAYGCQP7mnxANBm/vdtPYgb1nhUjxKPD0/XJPSK2SL
qeyfRfcUal1qXi95rnMo6NCVxg55zXCTdIstYtOHZhahNoWIkpqT0ZUHLIldNv5l
p7L30xWQdm0dL0ghXAzhRmdqaqkWNPHIYEq/boZ3NlF8Z3cmZCEhi8Ogjc21FQpF
0/kfACaXjOLOdGeV1HpZlVqthDPI3CfqwbQJnAsM8s6mNA5AMhJG6eKSfvh1q/Lm
TEtUMhuHR6fQ0l5ngQ6mpONwH3Dh7GsJqAjgcBP6nfAmS9HKQT4gErSEuVS6l87Z
OtjiLlMLCnjMVsNzlGC2jejqH16b3BU3jvnvIYh/0u+qpQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:11 2024 by rpki-client on console-ams.rpki-client.org