Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/0dKPtXLgk0EJHXjxNNyfSLAGdlI.roa
File: 0dKPtXLgk0EJHXjxNNyfSLAGdlI.roa (raw, json)
Hash identifier: 5OYx6TX8XUyXaI1ygArliOzInWMCBhwz0e3w2R5L50o=
Subject key identifier: D1:D2:8F:B5:72:E0:93:41:09:1D:78:F1:34:DC:9F:48:B0:06:76:52
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 018CC725782761E2CD08EDD900A03CB30981
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/0dKPtXLgk0EJHXjxNNyfSLAGdlI.roa
Signing time: Mon 01 Jan 2024 22:29:30 +0000
ROA not before: Mon 01 Jan 2024 22:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44194
IP address blocks: 2001:bf7:750::/44 maxlen: 48
2001:bf7::/32 maxlen: 48
2001:bf7:800::/42 maxlen: 48
2001:bf7:860::/44 maxlen: 48
2001:bf7:840::/43 maxlen: 48
2001:bf7:780::/43 maxlen: 48
2001:bf7:760::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.mft
rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:78:27:61:e2:cd:08:ed:d9:00:a0:3c:b3:09:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 22:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1d28fb572e09341091d78f134dc9f48b0067652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0e:81:29:a5:3a:02:3c:79:7e:5b:55:2a:85:
86:f5:3c:c7:2a:44:28:e3:aa:24:41:86:bb:11:a6:
04:aa:fe:f7:98:fd:9a:4f:78:91:4e:41:cb:37:8f:
0d:69:56:e3:6d:f2:76:84:1d:31:1e:d0:6d:73:06:
97:83:1a:db:67:49:dd:b5:0d:4f:7c:52:af:5d:c9:
87:fe:b7:78:ab:3a:34:4d:65:d5:bb:f4:3c:f6:4b:
0b:65:7e:d8:42:d0:00:33:2f:9f:12:a5:a9:9a:91:
68:b7:39:6a:8f:0d:35:03:31:4f:cb:2e:db:95:eb:
6f:23:0e:81:d9:e4:60:c7:84:46:5d:42:6c:7f:81:
5b:c3:1e:ea:a5:c1:d4:c0:06:3c:ee:36:11:c3:7b:
e6:72:74:42:da:5e:d7:25:1f:0e:61:60:48:1e:12:
0d:ce:26:52:53:51:79:03:89:64:99:27:64:b1:72:
f9:59:d8:fa:7b:fa:a3:1d:f7:a8:6b:79:1b:21:dc:
b8:d9:8f:7c:40:9c:a9:bf:7b:c3:8d:12:a1:fa:1c:
37:8e:4e:83:c5:8c:03:5d:4c:a9:cf:24:6f:4a:b3:
5b:c0:8d:27:0e:54:90:ed:8a:4c:20:a1:f1:bc:ed:
9f:eb:9c:42:1e:db:91:59:af:e3:c4:7a:c6:09:a6:
38:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D2:8F:B5:72:E0:93:41:09:1D:78:F1:34:DC:9F:48:B0:06:76:52
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/0dKPtXLgk0EJHXjxNNyfSLAGdlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7::/32
Signature Algorithm: sha256WithRSAEncryption
7e:e1:2a:10:7d:7f:fb:24:7c:4b:ad:4c:14:31:3f:6f:8b:3d:
c0:d5:b7:9e:9d:a4:98:d0:0a:e3:4a:c4:4e:b8:fe:5d:2e:e4:
4c:74:2a:4f:65:ce:cd:c9:94:6f:66:ba:30:86:1c:cc:17:bc:
47:ef:b2:bc:8b:de:01:1f:12:f5:2c:aa:e2:07:17:86:6a:c5:
d5:c7:48:83:b5:05:c2:f7:b5:5a:be:f4:90:dd:d9:39:9f:2b:
0d:7c:61:ff:01:7b:2e:7e:71:61:cc:88:33:63:b2:c9:b4:c9:
d3:7e:b6:eb:98:ab:4e:93:73:82:39:68:59:af:58:5c:14:aa:
d1:2a:e7:cf:e9:58:a4:a6:b1:7e:6f:33:fd:26:ef:c2:8d:aa:
9c:aa:f3:e3:c8:2c:36:b8:2a:6f:64:77:7e:45:59:38:16:f2:
4b:d9:28:78:05:7d:86:f8:40:ee:f5:9a:97:42:af:d8:8a:71:
0c:66:97:10:12:ad:26:6b:58:50:b7:a5:0d:f9:d0:5e:1f:fb:
2b:4c:02:48:49:09:a3:b7:a3:c3:6f:d6:1a:45:07:ac:ea:55:
82:d9:9c:31:f6:79:1b:40:5a:fa:61:42:3b:d9:37:6d:af:35:
bd:50:ba:b1:77:ae:11:6b:59:24:13:15:38:4c:8e:ef:fc:14:
d4:93:67:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJXgnYeLNCO3ZAKA8swmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQyOGZiNTcyZTA5MzQxMDkxZDc4ZjEzNGRjOWY0OGIwMDY3NjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ6BKaU6Ajx5fltVKoWG9TzHKkQo
46okQYa7EaYEqv73mP2aT3iRTkHLN48NaVbjbfJ2hB0xHtBtcwaXgxrbZ0ndtQ1P
fFKvXcmH/rd4qzo0TWXVu/Q89ksLZX7YQtAAMy+fEqWpmpFotzlqjw01AzFPyy7b
letvIw6B2eRgx4RGXUJsf4Fbwx7qpcHUwAY87jYRw3vmcnRC2l7XJR8OYWBIHhIN
ziZSU1F5A4lkmSdksXL5Wdj6e/qjHfeoa3kbIdy42Y98QJypv3vDjRKh+hw3jk6D
xYwDXUypzyRvSrNbwI0nDlSQ7YpMIKHxvO2f65xCHtuRWa/jxHrGCaY4jwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNHSj7Vy4JNBCR148TTcn0iwBnZSMB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvMGRLUHRYTGdrMEVKSFhqeE5OeWZTTEFHZGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAEL9zAN
BgkqhkiG9w0BAQsFAAOCAQEAfuEqEH1/+yR8S61MFDE/b4s9wNW3np2kmNAK40rE
Trj+XS7kTHQqT2XOzcmUb2a6MIYczBe8R++yvIveAR8S9Syq4gcXhmrF1cdIg7UF
wve1Wr70kN3ZOZ8rDXxh/wF7Ln5xYcyIM2OyybTJ036265irTpNzgjloWa9YXBSq
0Srnz+lYpKaxfm8z/Sbvwo2qnKrz48gsNrgqb2R3fkVZOBbyS9koeAV9hvhA7vWa
l0Kv2IpxDGaXEBKtJmtYULelDfnQXh/7K0wCSEkJo7ejw2/WGkUHrOpVgtmcMfZ5
G0Ba+mFCO9k3ba81vVC6sXeuEWtZJBMVOEyO7/wU1JNnVg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:35 2024 by rpki-client on console-fra.rpki-client.org