Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/o_93VveXD5skInomD4a9k6-_q3c.roa
File: o_93VveXD5skInomD4a9k6-_q3c.roa (raw, json)
Hash identifier: 3jb6/W9aiWFeO5hWAkHcSNJ5cxlI8CbWx5M1CfBE2Ec=
Subject key identifier: A3:FF:77:56:F7:97:0F:9B:24:22:7A:26:0F:86:BD:93:AF:BF:AB:77
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 018CC3B6E0575B7811A21E929594BD826372
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/o_93VveXD5skInomD4a9k6-_q3c.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20446
IP address blocks: 2001:4de0:2310:1::/64 maxlen: 64
2001:4de0:ac12::/48 maxlen: 48
2001:4de0:ac18::/48 maxlen: 48
2001:4de0:ac10::/48 maxlen: 48
2001:4de0:ac19::/48 maxlen: 48
2001:4de0:ac11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e0:57:5b:78:11:a2:1e:92:95:94:bd:82:63:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3ff7756f7970f9b24227a260f86bd93afbfab77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:b7:a1:f8:5d:2b:fd:2b:00:97:d3:b0:98:
c4:bb:cd:06:e5:04:0d:52:46:fc:93:98:a8:df:09:
76:e2:c4:9a:2d:1b:ea:43:0c:7b:fa:96:53:51:e0:
aa:45:a9:66:a8:df:ed:11:7a:35:9e:9a:b6:3f:a6:
60:6e:af:b0:d8:e6:fa:78:fb:8f:8f:d9:d0:93:04:
45:f3:40:1f:59:c5:b4:06:6f:70:2c:de:f7:97:11:
40:91:89:48:f6:43:f9:ed:5c:71:6a:80:7b:7d:78:
a9:54:4c:e6:f1:cc:cb:b5:98:05:19:ce:dc:ac:8d:
6d:3d:b3:6c:09:ab:6e:5f:fa:7b:a2:a8:eb:fd:28:
58:26:ae:10:5f:91:1e:dd:24:7f:20:9a:50:c2:25:
7d:d7:be:66:38:eb:b0:dd:37:b7:86:fc:a7:24:e1:
ab:60:66:2a:81:27:90:12:d6:cf:97:f7:2d:2d:2f:
20:bb:c3:4f:11:f1:e7:ae:78:76:9b:82:c0:16:98:
e0:2a:f9:52:01:9e:93:86:19:74:e4:41:01:57:58:
80:26:b2:a8:73:6e:2f:52:c9:2d:87:b4:dc:37:0b:
dc:d6:c1:b8:d9:8c:59:d2:12:08:52:e1:40:bb:9d:
b5:7f:e0:36:3b:3d:c6:4f:ba:79:82:aa:9b:27:f8:
e9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FF:77:56:F7:97:0F:9B:24:22:7A:26:0F:86:BD:93:AF:BF:AB:77
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/o_93VveXD5skInomD4a9k6-_q3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4de0:2310:1::/64
2001:4de0:ac10::-2001:4de0:ac12:ffff:ffff:ffff:ffff:ffff
2001:4de0:ac18::/47
Signature Algorithm: sha256WithRSAEncryption
5d:6f:b8:08:04:01:62:f8:70:0c:d5:be:9e:28:4c:ab:c0:82:
c1:e3:7c:97:00:b6:be:e8:e6:68:bf:32:fd:65:40:53:0f:1b:
a5:c0:50:f2:dd:3c:32:40:84:f4:8b:d8:a6:28:d8:2e:dd:a5:
18:c8:9f:35:94:bb:47:f7:e8:3e:95:2f:29:51:49:57:41:7d:
84:7d:bb:20:2e:35:55:6e:eb:00:02:7b:3c:66:0a:f6:8b:45:
5a:c9:b0:23:fb:8a:cf:64:b7:8f:78:64:53:d6:e7:59:3f:5a:
4c:53:11:92:3f:c1:38:85:4e:57:43:bc:5c:a1:34:20:26:6c:
d6:7b:dc:15:8a:87:42:96:c0:ed:f2:7b:94:b2:07:c0:a4:3a:
7e:b9:d9:99:a6:dd:49:45:fd:f8:77:71:1e:4d:c0:b8:da:07:
e5:05:9f:0b:19:7d:73:9a:0b:ab:2d:dd:56:02:4c:6b:19:6c:
4a:1a:a0:86:80:08:94:24:bf:9b:8b:51:d2:44:28:70:ab:4a:
ad:9e:0c:f7:74:04:2b:8f:36:91:24:cf:52:37:a2:a6:ee:58:
3e:07:76:c8:0d:33:97:18:fa:61:37:e7:f2:f1:36:30:20:b1:
d4:f3:0f:29:90:9b:b0:1a:c0:9e:24:e6:17:d8:83:12:e8:0f:
51:12:2d:5c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzDtuBXW3gRoh6SlZS9gmNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ZmNzc1NmY3OTcwZjliMjQyMjdhMjYwZjg2YmQ5M2FmYmZhYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9K3ofhdK/0rAJfTsJjEu80G5QQN
Ukb8k5io3wl24sSaLRvqQwx7+pZTUeCqRalmqN/tEXo1npq2P6Zgbq+w2Ob6ePuP
j9nQkwRF80AfWcW0Bm9wLN73lxFAkYlI9kP57VxxaoB7fXipVEzm8czLtZgFGc7c
rI1tPbNsCatuX/p7oqjr/ShYJq4QX5Ee3SR/IJpQwiV9175mOOuw3Te3hvynJOGr
YGYqgSeQEtbPl/ctLS8gu8NPEfHnrnh2m4LAFpjgKvlSAZ6Thhl05EEBV1iAJrKo
c24vUskth7TcNwvc1sG42YxZ0hIIUuFAu521f+A2Oz3GT7p5gqqbJ/jpawIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKP/d1b3lw+bJCJ6Jg+GvZOvv6t3MB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvb185M1Z2ZVhENXNrSW5vbUQ0YTlrNi1fcTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwkAIAFN4CMQ
AAEwEgMHBCABTeCsEAMHACABTeCsEgMHASABTeCsGDANBgkqhkiG9w0BAQsFAAOC
AQEAXW+4CAQBYvhwDNW+nihMq8CCweN8lwC2vujmaL8y/WVAUw8bpcBQ8t08MkCE
9IvYpijYLt2lGMifNZS7R/foPpUvKVFJV0F9hH27IC41VW7rAAJ7PGYK9otFWsmw
I/uKz2S3j3hkU9bnWT9aTFMRkj/BOIVOV0O8XKE0ICZs1nvcFYqHQpbA7fJ7lLIH
wKQ6frnZmabdSUX9+HdxHk3AuNoH5QWfCxl9c5oLqy3dVgJMaxlsShqghoAIlCS/
m4tR0kQocKtKrZ4M93QEK482kSTPUjeipu5YPgd2yA0zlxj6YTfn8vE2MCCx1PMP
KZCbsBrAniTmF9iDEugPURItXA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:26 2024 by rpki-client on console-fra.rpki-client.org