Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/COKAHsBgjp9wbh1fDj6OSaxwDxE.roa
File: COKAHsBgjp9wbh1fDj6OSaxwDxE.roa (raw, json)
Hash identifier: BEsClQe69SGBFXroPEd2/oHmVdMJDAVQSxmG2SKMAek=
Subject key identifier: 08:E2:80:1E:C0:60:8E:9F:70:6E:1D:5F:0E:3E:8E:49:AC:70:0F:11
Certificate issuer: /CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Certificate serial: 019353A12616429EA1ED26670B150BD1F7E7
Authority key identifier: F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/COKAHsBgjp9wbh1fDj6OSaxwDxE.roa
Signing time: Fri 22 Nov 2024 11:28:10 +0000
ROA not before: Fri 22 Nov 2024 11:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 2a0f:8442::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:a1:26:16:42:9e:a1:ed:26:67:0b:15:0b:d1:f7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6137c597d1e30cb75618e51f42b7f79ed5ffc88
Validity
Not Before: Nov 22 11:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08e2801ec0608e9f706e1d5f0e3e8e49ac700f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:98:09:ab:d2:7b:e0:0c:a5:7f:b7:f5:7d:44:
ea:9d:25:d6:3e:2a:4d:56:b1:6f:65:e6:75:56:98:
6c:72:cc:0b:51:78:c6:3b:4c:f7:d5:a6:03:0b:c2:
54:80:2e:0e:1c:16:5b:e3:65:dd:8b:f8:d6:73:51:
38:e1:53:41:c4:73:41:d9:37:ae:46:e3:df:3a:6b:
ad:d3:80:5b:ca:40:d4:4e:c6:1f:df:86:05:40:69:
7a:f8:b6:35:75:c4:82:0f:ec:92:73:ee:d9:2a:5f:
d5:75:7c:b4:46:33:1c:53:00:0c:d6:0b:82:ec:a3:
47:76:e3:68:3d:87:c9:c7:7f:3f:22:95:72:e2:5c:
71:b5:7c:8e:78:9d:f9:6c:21:75:99:4e:bc:c0:b2:
06:40:33:b5:ce:e3:7e:f8:58:52:54:e2:f6:74:ba:
95:ba:40:30:48:16:4b:ee:db:3a:8c:79:45:16:24:
05:b5:fb:5b:75:1b:21:19:04:39:8e:17:45:19:b4:
2f:ae:6c:6b:1a:9e:68:06:c1:25:5f:d3:9d:a6:e2:
f9:74:54:2c:93:a9:55:20:2c:0a:86:6b:ec:6d:27:
34:84:74:f1:9b:f6:4a:36:fb:c3:a3:29:44:44:4c:
43:fc:b5:7e:13:56:72:57:86:08:c8:39:23:6c:0e:
7c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E2:80:1E:C0:60:8E:9F:70:6E:1D:5F:0E:3E:8E:49:AC:70:0F:11
X509v3 Authority Key Identifier:
keyid:F6:13:7C:59:7D:1E:30:CB:75:61:8E:51:F4:2B:7F:79:ED:5F:FC:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/COKAHsBgjp9wbh1fDj6OSaxwDxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/0f1f9f-5a51-4bd6-bf30-39a24388a5e8/1/9hN8WX0eMMt1YY5R9Ct_ee1f_Ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:8442::/32
Signature Algorithm: sha256WithRSAEncryption
66:2a:50:7a:85:e5:96:5a:02:a8:59:db:16:97:09:27:dc:4e:
cb:91:d3:bd:0e:63:c3:c9:72:c8:ce:74:27:0a:2b:77:07:65:
6d:8a:4b:2d:24:78:3d:b0:c7:98:43:d5:67:41:8e:db:ee:fe:
d1:41:53:f3:16:c3:a7:f1:d2:2b:7f:9d:71:d4:57:2f:40:91:
f1:e3:c1:e8:9a:4e:04:2d:8f:53:8f:a4:85:40:c6:03:cf:c7:
00:25:8c:e7:93:d6:b5:e7:62:49:b2:2f:8e:92:d5:b5:73:c2:
fb:53:06:68:00:d8:93:e5:aa:8d:1a:13:f1:05:b1:3a:d0:52:
f7:cd:ff:c3:dc:55:09:25:02:91:11:7a:25:6a:14:28:55:b2:
ad:4a:2e:18:ff:ab:2c:0f:e5:67:0e:c8:9c:14:34:50:6d:ee:
39:f9:6c:36:79:44:11:65:db:ef:e0:1a:d0:90:08:1f:04:54:
68:df:cc:27:9a:d5:b9:30:1c:62:73:9b:12:cd:77:b6:1f:a0:
64:d4:c6:01:8e:66:52:c7:81:dd:4c:ae:98:0a:0c:8a:f0:df:
7a:74:30:d9:c8:61:ee:5d:93:77:91:b7:8c:88:f3:10:19:0c:
c5:04:3e:3e:da:a1:34:71:28:7e:db:95:5f:8b:08:83:49:a0:
06:a3:71:02
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNToSYWQp6h7SZnCxUL0ffnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MTM3YzU5N2QxZTMwY2I3NTYxOGU1MWY0MmI3Zjc5ZWQ1
ZmZjODgwHhcNMjQxMTIyMTEyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGUyODAxZWMwNjA4ZTlmNzA2ZTFkNWYwZTNlOGU0OWFjNzAwZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5gJq9J74Aylf7f1fUTqnSXWPipN
VrFvZeZ1VphscswLUXjGO0z31aYDC8JUgC4OHBZb42Xdi/jWc1E44VNBxHNB2Teu
RuPfOmut04BbykDUTsYf34YFQGl6+LY1dcSCD+ySc+7ZKl/VdXy0RjMcUwAM1guC
7KNHduNoPYfJx38/IpVy4lxxtXyOeJ35bCF1mU68wLIGQDO1zuN++FhSVOL2dLqV
ukAwSBZL7ts6jHlFFiQFtftbdRshGQQ5jhdFGbQvrmxrGp5oBsElX9OdpuL5dFQs
k6lVICwKhmvsbSc0hHTxm/ZKNvvDoylERExD/LV+E1ZyV4YIyDkjbA583wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAjigB7AYI6fcG4dXw4+jkmscA8RMB8GA1UdIwQY
MBaAFPYTfFl9HjDLdWGOUfQrf3ntX/yIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAt
MzlhMjQzODhhNWU4LzEvQ09LQUhzQmdqcDl3YmgxZkRqNk9TYXh3RHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8wZjFmOWYtNWE1MS00YmQ2LWJmMzAtMzlhMjQzODhhNWU4
LzEvOWhOOFdYMGVNTXQxWVk1UjlDdF9lZTFmX0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+EQjAN
BgkqhkiG9w0BAQsFAAOCAQEAZipQeoXllloCqFnbFpcJJ9xOy5HTvQ5jw8lyyM50
JwordwdlbYpLLSR4PbDHmEPVZ0GO2+7+0UFT8xbDp/HSK3+dcdRXL0CR8ePB6JpO
BC2PU4+khUDGA8/HACWM55PWtediSbIvjpLVtXPC+1MGaADYk+WqjRoT8QWxOtBS
983/w9xVCSUCkRF6JWoUKFWyrUouGP+rLA/lZw7InBQ0UG3uOflsNnlEEWXb7+Aa
0JAIHwRUaN/MJ5rVuTAcYnObEs13th+gZNTGAY5mUseB3UyumAoMivDfenQw2chh
7l2Td5G3jIjzEBkMxQQ+PtqhNHEoftuVX4sIg0mgBqNxAg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:44 2024 by rpki-client on console-fra.rpki-client.org