Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CoJznyR01IUsjFjvS1ZYp-jCUjM.roa
File: CoJznyR01IUsjFjvS1ZYp-jCUjM.roa (raw, json)
Hash identifier: GLN+U7TKnpwxuExY7QtKqZL4/S5S7JFdHQZX0PDvs/A=
Subject key identifier: 0A:82:73:9F:24:74:D4:85:2C:8C:58:EF:4B:56:58:A7:E8:C2:52:33
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018E9DF24A243DC2EB8D28860B70AB6A4F21
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CoJznyR01IUsjFjvS1ZYp-jCUjM.roa
Signing time: Tue 02 Apr 2024 08:34:45 +0000
ROA not before: Tue 02 Apr 2024 08:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 2a0d:1140::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a11:3500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:f2:4a:24:3d:c2:eb:8d:28:86:0b:70:ab:6a:4f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 2 08:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a82739f2474d4852c8c58ef4b5658a7e8c25233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1c:b4:32:fb:08:f0:2c:85:e8:b5:fa:d5:82:
92:ce:f3:8e:fe:15:0e:8a:b1:45:b3:62:f9:5f:5e:
3f:30:e2:df:fe:b7:43:f4:f1:5c:02:2e:a4:0e:01:
3a:8b:b0:57:5d:69:bc:04:48:e7:2b:81:c9:23:92:
fc:8b:c4:23:f4:c0:be:98:07:7b:9a:ca:fe:f9:ba:
13:0b:cd:f3:cf:d4:3c:05:17:b5:87:c7:5e:62:7d:
d9:4e:03:49:88:bc:c8:89:f3:39:94:49:99:a7:7a:
27:78:8f:dd:46:e8:f1:5e:7f:f2:56:46:f7:c1:fb:
5e:c5:33:b9:c1:3e:21:3b:4e:3f:03:4e:7e:c4:aa:
2a:17:ee:89:1f:8e:11:2a:cf:84:a1:a3:15:7a:3d:
12:af:a8:a9:7a:1e:5b:7b:f8:50:ea:c9:44:f2:5a:
66:74:b7:b0:c5:38:90:64:22:01:ab:0e:3f:90:b2:
21:96:4f:33:9b:3b:f2:da:38:54:ed:66:6c:f6:2a:
13:18:2b:62:61:b3:9a:3f:5d:1f:82:c5:3c:1c:aa:
6d:eb:06:aa:68:94:c3:bd:66:31:40:c7:85:0e:38:
36:a1:3c:bc:e5:51:d6:13:a2:ee:89:e6:8b:c0:43:
8f:13:d7:ef:84:c0:08:e3:ca:0b:f2:2c:48:e2:ad:
0a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:82:73:9F:24:74:D4:85:2C:8C:58:EF:4B:56:58:A7:E8:C2:52:33
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/CoJznyR01IUsjFjvS1ZYp-jCUjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1140::/29
2a0e:5800::/29
2a0f:2500::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
b8:d8:9a:6a:94:11:44:4e:27:9b:e7:1c:cd:91:ee:69:42:e9:
96:ac:66:9c:52:f9:0a:df:3f:11:56:71:28:aa:c2:31:5b:49:
c1:6b:9e:f0:a5:f6:33:32:d3:f1:16:88:16:85:ce:a3:4e:a1:
00:62:c9:74:26:23:bf:aa:ec:25:2c:28:ba:32:73:d2:70:49:
a4:9e:39:6d:60:68:01:40:92:1f:0b:54:8e:67:0d:ae:dc:87:
0b:df:fb:29:f7:4c:2f:82:a0:95:37:3a:1e:22:7a:9e:6e:a9:
e0:86:fa:2e:8a:51:44:cc:42:a5:da:2d:be:98:7d:5e:dc:84:
a1:b3:0e:59:04:3d:40:09:04:4a:b3:80:20:45:88:d3:5f:48:
02:05:b2:fc:97:a6:07:34:1a:64:f2:ca:f5:97:f2:f0:6a:68:
64:eb:ae:54:3c:69:f4:e1:4a:84:09:b0:4c:35:3b:ec:57:b3:
d2:e9:ac:8a:8d:9f:85:b3:c6:92:d9:43:7b:97:a4:25:a4:5b:
22:96:e6:63:23:04:90:94:33:02:d4:e2:13:e6:a3:8a:1d:4c:
da:73:c9:9c:52:c2:96:7e:7b:70:79:7e:b0:f8:47:29:68:b4:
3b:3a:9c:5e:99:3d:a7:47:b3:2a:fd:88:91:45:81:d8:e8:9c:
fc:42:8d:b1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY6d8kokPcLrjSiGC3Crak8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDAyMDgzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTgyNzM5ZjI0NzRkNDg1MmM4YzU4ZWY0YjU2NThhN2U4YzI1MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBy0MvsI8CyF6LX61YKSzvOO/hUO
irFFs2L5X14/MOLf/rdD9PFcAi6kDgE6i7BXXWm8BEjnK4HJI5L8i8Qj9MC+mAd7
msr++boTC83zz9Q8BRe1h8deYn3ZTgNJiLzIifM5lEmZp3oneI/dRujxXn/yVkb3
wftexTO5wT4hO04/A05+xKoqF+6JH44RKs+EoaMVej0Sr6ipeh5be/hQ6slE8lpm
dLewxTiQZCIBqw4/kLIhlk8zmzvy2jhU7WZs9ioTGCtiYbOaP10fgsU8HKpt6waq
aJTDvWYxQMeFDjg2oTy85VHWE6LuieaLwEOPE9fvhMAI48oL8ixI4q0KiQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAqCc58kdNSFLIxY70tWWKfowlIzMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ29Kem55UjAxSVVzakZqdlMxWllwLWpDVWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0RQAMF
AyoOWAADBQMqDyUAAwUDKhE1ADANBgkqhkiG9w0BAQsFAAOCAQEAuNiaapQRRE4n
m+cczZHuaULplqxmnFL5Ct8/EVZxKKrCMVtJwWue8KX2MzLT8RaIFoXOo06hAGLJ
dCYjv6rsJSwoujJz0nBJpJ45bWBoAUCSHwtUjmcNrtyHC9/7KfdML4KglTc6HiJ6
nm6p4Ib6LopRRMxCpdotvph9XtyEobMOWQQ9QAkESrOAIEWI019IAgWy/JemBzQa
ZPLK9Zfy8GpoZOuuVDxp9OFKhAmwTDU77Fez0umsio2fhbPGktlDe5ekJaRbIpbm
YyMEkJQzAtTiE+ajih1M2nPJnFLCln57cHl+sPhHKWi0OzqcXpk9p0ezKv2IkUWB
2Oic/EKNsQ==
-----END CERTIFICATE-----
Generated at Mon May 13 10:46:10 2024 by rpki-client on console-ams.rpki-client.org