Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/ckwioh44ceUM5wSLZG1B7Q-i4G0.roa
File: ckwioh44ceUM5wSLZG1B7Q-i4G0.roa (raw, json)
Hash identifier: QKBgRLJMlZOG6wwzJf3Ysm8H333U5XOsNhnGfJRqn4A=
Subject key identifier: 72:4C:22:A2:1E:38:71:E5:0C:E7:04:8B:64:6D:41:ED:0F:A2:E0:6D
Certificate issuer: /CN=b0b56d10ccad9d69c01856be0afaa17ec682acbf
Certificate serial: 0191E6FBD32838CF69D99D6EA3686DBBDE8E
Authority key identifier: B0:B5:6D:10:CC:AD:9D:69:C0:18:56:BE:0A:FA:A1:7E:C6:82:AC:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/ckwioh44ceUM5wSLZG1B7Q-i4G0.roa
Signing time: Thu 12 Sep 2024 16:05:48 +0000
ROA not before: Thu 12 Sep 2024 16:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214304
IP address blocks: 2a01:f900:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:fb:d3:28:38:cf:69:d9:9d:6e:a3:68:6d:bb:de:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b56d10ccad9d69c01856be0afaa17ec682acbf
Validity
Not Before: Sep 12 16:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=724c22a21e3871e50ce7048b646d41ed0fa2e06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ca:68:25:85:3d:6f:a0:b0:b6:3f:db:ce:e6:
53:ec:33:f2:93:44:59:d8:e1:a2:07:11:0a:6d:84:
e6:02:cb:7d:dd:2a:a3:9a:10:d5:16:c1:4c:8c:63:
c3:50:f8:1f:73:0d:24:90:0e:d0:68:f8:84:d5:d8:
ee:4c:72:03:5c:ee:e2:78:0f:b7:56:91:09:fb:a8:
ba:ad:79:68:8b:ec:4b:1b:e2:2f:1c:5b:42:eb:69:
48:43:8d:c0:2b:76:42:c6:85:a9:96:2f:d2:81:3f:
19:7e:10:8a:49:33:59:5d:eb:a3:64:0f:bd:81:b1:
87:85:6a:d8:fa:26:d0:90:07:95:29:fe:13:38:14:
ad:f3:64:38:33:b4:46:87:f9:3a:8e:27:76:a7:97:
ac:06:0a:51:46:39:c9:8e:52:32:b5:a0:06:7a:db:
b6:35:2f:26:10:76:35:86:b8:39:c0:ef:f7:74:dc:
07:6b:2d:49:fb:23:08:6c:3a:be:04:f3:fe:a3:58:
ef:db:81:08:f1:40:10:5b:44:b0:07:1b:04:e8:7c:
5f:00:d8:75:fc:c5:bd:bb:d2:85:66:47:50:02:20:
1c:f8:76:fa:7e:4f:4c:02:ce:6f:41:92:97:60:09:
db:bb:c3:dd:c4:03:90:13:84:70:fd:67:89:1f:d1:
ce:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4C:22:A2:1E:38:71:E5:0C:E7:04:8B:64:6D:41:ED:0F:A2:E0:6D
X509v3 Authority Key Identifier:
keyid:B0:B5:6D:10:CC:AD:9D:69:C0:18:56:BE:0A:FA:A1:7E:C6:82:AC:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/ckwioh44ceUM5wSLZG1B7Q-i4G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f900:100::/48
Signature Algorithm: sha256WithRSAEncryption
7c:49:4c:79:36:62:ce:60:f8:83:17:50:31:e6:9d:cc:a8:7a:
67:f8:35:40:8c:05:33:82:3d:65:c9:05:b0:e4:4c:26:e1:bf:
b5:ee:a4:02:ac:fb:07:58:40:76:6d:47:39:1e:99:03:a3:28:
ca:e5:ee:15:c1:da:b0:bf:60:b3:68:ec:8b:df:d9:62:4c:f4:
dc:fb:79:fa:a0:ad:1f:b1:e3:45:67:b9:41:d0:a6:7a:13:e3:
cd:36:eb:83:b6:81:0b:5e:ef:0f:33:96:f5:63:10:5a:e3:94:
4a:ba:8c:0b:88:95:6b:e5:08:2e:3e:4f:77:04:c7:93:0b:a6:
3c:1a:ef:6f:d3:ff:44:c8:34:8c:f6:66:01:ba:54:7e:de:af:
a8:05:f4:3e:bd:7d:e8:4f:f4:ab:48:cb:51:fc:04:34:c0:ea:
4c:88:d6:73:ef:c9:21:8c:fa:e0:4f:35:17:fa:53:48:d6:36:
84:76:fc:f2:cd:ff:e5:b1:3a:07:75:05:2b:03:b6:ac:0e:e0:
04:40:e2:15:67:39:11:83:3c:80:a6:13:fa:77:75:15:c5:61:
f8:0c:57:8f:bc:16:0e:17:bb:88:24:af:cf:cf:78:b7:e0:b5:
88:5b:bb:8c:98:c0:0c:fa:40:0d:cd:0c:62:5e:45:66:02:d4:
4d:85:2f:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZHm+9MoOM9p2Z1uo2htu96OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjU2ZDEwY2NhZDlkNjljMDE4NTZiZTBhZmFhMTdlYzY4
MmFjYmYwHhcNMjQwOTEyMTYwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRjMjJhMjFlMzg3MWU1MGNlNzA0OGI2NDZkNDFlZDBmYTJlMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMpoJYU9b6Cwtj/bzuZT7DPyk0RZ
2OGiBxEKbYTmAst93SqjmhDVFsFMjGPDUPgfcw0kkA7QaPiE1djuTHIDXO7ieA+3
VpEJ+6i6rXloi+xLG+IvHFtC62lIQ43AK3ZCxoWpli/SgT8ZfhCKSTNZXeujZA+9
gbGHhWrY+ibQkAeVKf4TOBSt82Q4M7RGh/k6jid2p5esBgpRRjnJjlIytaAGetu2
NS8mEHY1hrg5wO/3dNwHay1J+yMIbDq+BPP+o1jv24EI8UAQW0SwBxsE6HxfANh1
/MW9u9KFZkdQAiAc+Hb6fk9MAs5vQZKXYAnbu8PdxAOQE4Rw/WeJH9HO7wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHJMIqIeOHHlDOcEi2RtQe0PouBtMB8GA1UdIwQY
MBaAFLC1bRDMrZ1pwBhWvgr6oX7Ggqy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xWdEVNeXRuV25BR0ZhLUN2cWhmc2FDckw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82OTQwOWUtMWVjNC00ODlkLWI2MWYt
YTE5Y2M4YTc2ZDA0LzEvY2t3aW9oNDRjZVVNNXdTTFpHMUI3US1pNEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82OTQwOWUtMWVjNC00ODlkLWI2MWYtYTE5Y2M4YTc2ZDA0
LzEvc0xWdEVNeXRuV25BR0ZhLUN2cWhmc2FDckw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgH5AAEA
MA0GCSqGSIb3DQEBCwUAA4IBAQB8SUx5NmLOYPiDF1Ax5p3MqHpn+DVAjAUzgj1l
yQWw5Ewm4b+17qQCrPsHWEB2bUc5HpkDoyjK5e4Vwdqwv2CzaOyL39liTPTc+3n6
oK0fseNFZ7lB0KZ6E+PNNuuDtoELXu8PM5b1YxBa45RKuowLiJVr5QguPk93BMeT
C6Y8Gu9v0/9EyDSM9mYBulR+3q+oBfQ+vX3oT/SrSMtR/AQ0wOpMiNZz78khjPrg
TzUX+lNI1jaEdvzyzf/lsToHdQUrA7asDuAEQOIVZzkRgzyAphP6d3UVxWH4DFeP
vBYOF7uIJK/Pz3i34LWIW7uMmMAM+kANzQxiXkVmAtRNhS/O
-----END CERTIFICATE-----
Generated at Tue Dec 10 23:07:59 2024 by rpki-client on console-ams.rpki-client.org