Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/ddaqNnwzkA1UVhffHrdWE-QahMA.roa
File: ddaqNnwzkA1UVhffHrdWE-QahMA.roa (raw, json)
Hash identifier: q8d1zIYgc9JeMgQqho+q2BFsy8ShX6RWpD5+PpGwVqA=
Subject key identifier: 75:D6:AA:36:7C:33:90:0D:54:56:17:DF:1E:B7:56:13:E4:1A:84:C0
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 018CC94CC5F6B4A8C6F17E38E047790B5E28
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/ddaqNnwzkA1UVhffHrdWE-QahMA.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50113
IP address blocks: 2a07:57c0::/32 maxlen: 32
2a07:9b83::/32 maxlen: 32
2a0a:981::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c5:f6:b4:a8:c6:f1:7e:38:e0:47:79:0b:5e:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75d6aa367c33900d545617df1eb75613e41a84c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:27:7e:0c:18:eb:a6:a8:29:52:dc:72:78:59:
9e:2b:e2:74:17:68:88:9c:89:d6:fa:32:b3:03:42:
e5:50:fc:06:9e:11:7b:46:46:ce:58:98:82:c4:db:
7d:60:93:cd:a2:1d:bd:7e:aa:d4:93:fd:48:7c:42:
65:b7:4e:e0:55:31:e9:0e:94:d9:7f:23:68:4a:1e:
24:4e:29:23:b9:46:f9:cb:cc:18:48:7e:21:fd:3f:
3c:f1:01:c2:34:93:18:0b:e6:45:a3:27:d9:74:25:
11:a3:9c:0b:67:59:48:04:02:3b:96:e4:fd:e5:bf:
9c:9e:2b:de:d5:6b:ce:39:3e:fd:17:2d:a8:f9:d1:
fe:0f:67:e1:e6:92:18:50:71:52:4f:cd:1e:4f:ac:
e1:bb:de:83:58:ad:48:98:6a:a9:1c:4d:5d:54:94:
e6:5b:a6:ca:47:06:25:c6:60:13:27:95:73:60:3b:
79:60:52:fd:c9:be:bc:4d:21:6e:07:a2:58:d7:2c:
23:18:bc:a6:db:43:a6:97:71:9d:ab:4b:67:b9:61:
30:4a:3c:87:0b:cb:03:e5:03:12:10:52:60:52:0e:
d4:14:05:d5:30:f8:06:d5:0b:20:35:d2:c1:fc:d6:
2c:04:88:a0:9c:65:bf:3f:0a:e7:f1:12:4c:d8:ee:
e3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D6:AA:36:7C:33:90:0D:54:56:17:DF:1E:B7:56:13:E4:1A:84:C0
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/ddaqNnwzkA1UVhffHrdWE-QahMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:57c0::/32
2a07:9b83::/32
2a0a:981::/32
Signature Algorithm: sha256WithRSAEncryption
2a:aa:bd:ef:5e:65:87:da:40:97:e5:90:25:fb:54:69:9f:1c:
37:b6:36:82:d6:7e:bb:07:e2:d2:55:6f:15:29:31:5c:25:7c:
56:8c:c1:75:82:03:3b:c9:1a:8b:61:54:28:e5:84:f1:27:cf:
21:57:a2:4c:99:be:5e:ef:ac:e8:6d:94:26:bb:1c:49:e5:aa:
51:ae:53:d8:80:72:70:45:a2:54:b3:bd:29:b1:9e:2a:c7:e3:
cf:1e:4f:c6:ca:13:22:a1:22:0a:48:de:48:44:c5:57:e1:1f:
df:5b:a9:1e:6a:8c:12:59:15:8f:3b:9a:5d:7e:33:ef:f3:1d:
46:a3:c6:61:09:0c:43:42:48:c1:25:47:59:8a:b3:67:a0:dc:
42:43:8f:f4:a1:7c:16:78:00:aa:f3:5b:83:28:02:17:01:4f:
0e:08:44:72:8b:2d:53:b4:a5:5e:fb:1b:b6:b4:ef:41:b8:4f:
9c:1c:8a:f7:77:9d:c6:d2:89:d4:d8:89:f2:e5:d2:a7:f7:92:
4d:54:b5:ce:9e:5e:b8:9d:21:b0:92:2d:4b:d8:6a:31:e5:d2:
db:b8:91:05:43:45:4b:07:c8:16:50:1d:f8:53:37:d9:da:40:
26:03:da:b2:c5:29:3f:b8:65:60:fc:43:ef:89:97:f9:41:f6:
ce:87:83:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTMX2tKjG8X444Ed5C14oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQ2YWEzNjdjMzM5MDBkNTQ1NjE3ZGYxZWI3NTYxM2U0MWE4NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSd+DBjrpqgpUtxyeFmeK+J0F2iI
nInW+jKzA0LlUPwGnhF7RkbOWJiCxNt9YJPNoh29fqrUk/1IfEJlt07gVTHpDpTZ
fyNoSh4kTikjuUb5y8wYSH4h/T888QHCNJMYC+ZFoyfZdCURo5wLZ1lIBAI7luT9
5b+cnive1WvOOT79Fy2o+dH+D2fh5pIYUHFST80eT6zhu96DWK1ImGqpHE1dVJTm
W6bKRwYlxmATJ5VzYDt5YFL9yb68TSFuB6JY1ywjGLym20Oml3Gdq0tnuWEwSjyH
C8sD5QMSEFJgUg7UFAXVMPgG1QsgNdLB/NYsBIignGW/Pwrn8RJM2O7jhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHXWqjZ8M5ANVFYX3x63VhPkGoTAMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvZGRhcU5ud3prQTFVVmhmZkhyZFdFLVFhaE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgdXwAMF
ACoHm4MDBQAqCgmBMA0GCSqGSIb3DQEBCwUAA4IBAQAqqr3vXmWH2kCX5ZAl+1Rp
nxw3tjaC1n67B+LSVW8VKTFcJXxWjMF1ggM7yRqLYVQo5YTxJ88hV6JMmb5e76zo
bZQmuxxJ5apRrlPYgHJwRaJUs70psZ4qx+PPHk/GyhMioSIKSN5IRMVX4R/fW6ke
aowSWRWPO5pdfjPv8x1Go8ZhCQxDQkjBJUdZirNnoNxCQ4/0oXwWeACq81uDKAIX
AU8OCERyiy1TtKVe+xu2tO9BuE+cHIr3d53G0onU2Iny5dKn95JNVLXOnl64nSGw
ki1L2Gox5dLbuJEFQ0VLB8gWUB34UzfZ2kAmA9qyxSk/uGVg/EPviZf5QfbOh4Op
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:08 2024 by rpki-client on console-ams.rpki-client.org