Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/vKQuv-nXnqudrHQjBePtBEdooN4.roa
File: vKQuv-nXnqudrHQjBePtBEdooN4.roa (raw, json)
Hash identifier: U4SzS8gj9ZBFKJ2WdtgYDn8cryP7fY5+ap88XxuLbWE=
Subject key identifier: BC:A4:2E:BF:E9:D7:9E:AB:9D:AC:74:23:05:E3:ED:04:47:68:A0:DE
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 018CC3B6DF8DAF07B03C5635CB4CF33C6B93
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/vKQuv-nXnqudrHQjBePtBEdooN4.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11588
IP address blocks: 2001:4de0:4202::/47 maxlen: 47
2001:4de0:2400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:df:8d:af:07:b0:3c:56:35:cb:4c:f3:3c:6b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bca42ebfe9d79eab9dac742305e3ed044768a0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:79:91:f5:5b:e5:a6:23:ce:96:c8:3a:17:06:
90:ef:61:68:6e:9f:6f:38:93:13:8b:9c:9b:24:ff:
c8:78:00:b2:2e:42:ed:a4:f5:98:20:5c:ce:ef:26:
db:af:22:c5:5a:b9:c9:5e:70:ad:e3:ec:6b:85:c6:
13:af:f6:06:13:10:07:a6:df:f6:22:91:d2:11:97:
e2:89:13:b8:c3:66:bd:4d:a3:57:a7:23:f4:62:d7:
44:82:6c:99:8d:38:f6:4e:25:56:49:8e:33:0d:21:
91:f1:0b:46:b2:c6:0d:23:98:32:7a:1b:b6:94:76:
29:53:d8:b5:6f:35:64:b2:fc:53:4f:82:98:cc:88:
97:b6:29:a7:1f:55:82:1c:72:fe:34:1d:0c:77:eb:
4b:73:e3:2a:aa:74:d2:b9:6e:14:86:2d:cb:7d:87:
d7:c6:e1:ae:91:bc:0e:bc:83:69:85:68:a7:34:fd:
c6:b7:75:32:a3:97:cf:84:24:b4:5d:5b:92:03:9a:
e2:28:2e:8f:11:8d:ec:87:1f:20:9e:30:9e:6f:13:
29:f9:80:7c:1b:91:41:9a:90:28:b0:9f:08:6f:b7:
ca:94:2d:d4:d2:ef:55:18:87:83:94:3e:2b:03:8d:
22:cf:2c:7a:35:93:3d:c7:7d:d1:27:23:e6:7b:15:
3f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A4:2E:BF:E9:D7:9E:AB:9D:AC:74:23:05:E3:ED:04:47:68:A0:DE
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/vKQuv-nXnqudrHQjBePtBEdooN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4de0:2400::/40
2001:4de0:4202::/47
Signature Algorithm: sha256WithRSAEncryption
5f:85:05:ab:4a:91:d2:05:1a:8a:c8:74:23:d8:a8:29:0f:dc:
87:f6:35:51:e4:98:d5:bc:6c:76:de:a6:b3:7d:b6:d6:6d:d8:
1a:21:e6:86:ed:6c:fb:d8:35:8a:78:1a:12:8b:0f:0a:c6:cf:
44:ba:fd:b5:a8:3b:27:89:64:b8:76:5e:16:e4:95:a2:53:ce:
20:24:cf:45:96:dc:08:64:e5:3f:89:ad:14:af:3a:93:31:bb:
d6:33:a4:38:a0:20:72:19:26:3e:72:c5:1a:3d:47:a3:95:16:
2b:c6:e9:f7:93:87:25:b3:20:ac:ff:9d:fa:c5:1d:f1:76:41:
4a:3d:65:33:83:cb:48:bd:7d:4b:16:56:94:d8:f3:d4:ad:2a:
7c:61:cb:3d:72:07:96:79:78:06:8d:61:cc:95:22:89:39:93:
5c:8e:b7:77:02:5f:9f:18:7f:2a:33:ba:97:26:9e:8b:3b:c4:
8c:97:9c:1b:83:26:91:94:8a:f9:36:19:8d:29:4f:03:16:2f:
b1:90:fe:53:2d:6e:47:63:35:92:6a:23:08:2f:4e:31:f5:0f:
21:e6:f5:86:13:5b:93:fe:d8:39:3f:fe:ca:eb:9b:16:ba:7d:
08:08:73:38:93:96:97:6e:0a:63:fc:4c:91:5d:6c:77:bc:fd:
52:98:eb:ef
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzDtt+NrwewPFY1y0zzPGuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2E0MmViZmU5ZDc5ZWFiOWRhYzc0MjMwNWUzZWQwNDQ3NjhhMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3mR9VvlpiPOlsg6FwaQ72Fobp9v
OJMTi5ybJP/IeACyLkLtpPWYIFzO7ybbryLFWrnJXnCt4+xrhcYTr/YGExAHpt/2
IpHSEZfiiRO4w2a9TaNXpyP0YtdEgmyZjTj2TiVWSY4zDSGR8QtGssYNI5gyehu2
lHYpU9i1bzVksvxTT4KYzIiXtimnH1WCHHL+NB0Md+tLc+MqqnTSuW4Uhi3LfYfX
xuGukbwOvINphWinNP3Gt3Uyo5fPhCS0XVuSA5riKC6PEY3shx8gnjCebxMp+YB8
G5FBmpAosJ8Ib7fKlC3U0u9VGIeDlD4rA40izyx6NZM9x33RJyPmexU/mQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFLykLr/p156rnax0IwXj7QRHaKDeMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvdktRdXYtblhucXVkckhRakJlUHRCRWRvb040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAIAFN4CQD
BwEgAU3gQgIwDQYJKoZIhvcNAQELBQADggEBAF+FBatKkdIFGorIdCPYqCkP3If2
NVHkmNW8bHbeprN9ttZt2Boh5obtbPvYNYp4GhKLDwrGz0S6/bWoOyeJZLh2Xhbk
laJTziAkz0WW3Ahk5T+JrRSvOpMxu9YzpDigIHIZJj5yxRo9R6OVFivG6feThyWz
IKz/nfrFHfF2QUo9ZTODy0i9fUsWVpTY89StKnxhyz1yB5Z5eAaNYcyVIok5k1yO
t3cCX58Yfyozupcmnos7xIyXnBuDJpGUivk2GY0pTwMWL7GQ/lMtbkdjNZJqIwgv
TjH1DyHm9YYTW5P+2Dk//srrmxa6fQgIcziTlpduCmP8TJFdbHe8/VKY6+8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:26 2024 by rpki-client on console-fra.rpki-client.org