Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/8z5mvkmLKNR-1UrUl61FxXLrm3w.roa
File: 8z5mvkmLKNR-1UrUl61FxXLrm3w.roa (raw, json)
Hash identifier: 9vKlKvtKj8s1SrZJUKdFLiJuWFwFSyuqI3VWQYxC4yE=
Subject key identifier: F3:3E:66:BE:49:8B:28:D4:7E:D5:4A:D4:97:AD:45:C5:72:EB:9B:7C
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 018CC7257980123BC2D47620319EFC4AF069
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/8z5mvkmLKNR-1UrUl61FxXLrm3w.roa
Signing time: Mon 01 Jan 2024 22:29:31 +0000
ROA not before: Mon 01 Jan 2024 22:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208942
IP address blocks: 2001:bf7:fc00::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.mft
rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:79:80:12:3b:c2:d4:76:20:31:9e:fc:4a:f0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 22:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f33e66be498b28d47ed54ad497ad45c572eb9b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:21:a7:ac:cb:a5:c3:b9:b3:92:c1:e3:21:c7:
a7:30:77:2e:e3:ae:05:d7:9b:0b:be:c0:a8:f3:4a:
0c:5b:0e:6f:59:b4:9b:a7:18:10:57:eb:cc:a9:e8:
a3:51:8d:ad:63:f9:db:14:18:05:01:af:40:97:cb:
c6:4d:ae:7f:46:80:17:aa:ee:73:c6:ef:75:b3:9f:
33:fb:b2:bd:1f:c7:1e:62:0c:e7:b5:51:0d:8d:f0:
cc:e8:a6:49:c0:be:ee:e2:6e:a6:2f:2c:24:51:78:
a5:01:19:fd:ba:46:11:90:58:54:bb:06:50:22:11:
44:06:30:70:89:62:fd:fc:f0:64:ef:bd:aa:a2:f8:
7e:16:d4:de:28:e6:6a:d9:1b:fe:ba:82:ba:23:59:
7c:31:06:17:6c:fc:f2:d2:05:be:1d:2f:fb:59:72:
6c:7c:09:d6:31:cf:2c:7d:85:69:81:50:6c:fb:5d:
e0:9c:c2:6c:e4:7d:8c:c7:41:58:d7:4a:d5:80:23:
b3:c8:29:50:c8:ec:75:e8:0f:c0:f8:9f:b7:2f:fd:
fa:2c:e3:9d:ca:b9:7e:0f:15:92:91:8b:a8:97:e8:
a8:ab:73:69:c7:31:77:93:57:4c:a9:18:f3:31:ed:
f8:e0:dd:8f:0d:17:11:14:05:2c:0a:d7:1c:72:1c:
2a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3E:66:BE:49:8B:28:D4:7E:D5:4A:D4:97:AD:45:C5:72:EB:9B:7C
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/8z5mvkmLKNR-1UrUl61FxXLrm3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7:fc00::/44
Signature Algorithm: sha256WithRSAEncryption
6c:fc:87:a8:12:53:80:c9:84:af:75:c5:d8:c1:50:41:2d:b6:
78:84:05:c3:b0:db:56:f0:27:d1:fe:6e:9a:67:ef:0b:61:6e:
91:7d:f7:c9:fe:cd:95:00:7a:1c:10:a7:01:d3:c8:c5:b4:02:
13:6e:79:1a:60:f3:c0:e1:67:e1:b3:87:f4:0d:cf:d8:60:2c:
b0:3b:3c:ba:5e:a8:1f:fa:9e:35:d8:85:c8:5a:a7:9d:8c:1b:
4d:30:64:9f:e3:35:e6:95:b0:ad:97:e6:fa:91:92:56:e7:8c:
03:74:36:8a:a4:64:2f:59:fe:3c:4c:aa:22:30:c0:a3:73:03:
71:e2:fa:18:e1:4b:b6:4e:78:a1:7e:cc:a2:ed:1e:d0:53:86:
c9:e0:9a:00:f5:dc:46:3b:81:76:a7:31:5d:f9:f9:b5:6b:6f:
0f:23:45:2d:68:97:65:61:9f:96:f8:f7:98:28:2b:6b:72:37:
d2:91:50:02:df:92:8d:97:34:d1:b4:d1:8b:ce:21:eb:1b:97:
84:5a:32:64:50:dc:c4:2a:33:34:03:26:4c:f7:54:d1:f4:e8:
38:2a:35:ad:9b:3b:50:67:16:44:39:24:61:bb:71:39:d2:9d:
88:56:ed:5f:3a:67:6d:a3:3f:4a:22:53:21:fa:11:4f:b6:d3:
cb:b4:49:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJXmAEjvC1HYgMZ78SvBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNlNjZiZTQ5OGIyOGQ0N2VkNTRhZDQ5N2FkNDVjNTcyZWI5YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7CGnrMulw7mzksHjIcenMHcu464F
15sLvsCo80oMWw5vWbSbpxgQV+vMqeijUY2tY/nbFBgFAa9Al8vGTa5/RoAXqu5z
xu91s58z+7K9H8ceYgzntVENjfDM6KZJwL7u4m6mLywkUXilARn9ukYRkFhUuwZQ
IhFEBjBwiWL9/PBk772qovh+FtTeKOZq2Rv+uoK6I1l8MQYXbPzy0gW+HS/7WXJs
fAnWMc8sfYVpgVBs+13gnMJs5H2Mx0FY10rVgCOzyClQyOx16A/A+J+3L/36LOOd
yrl+DxWSkYuol+ioq3NpxzF3k1dMqRjzMe344N2PDRcRFAUsCtccchwqMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPM+Zr5JiyjUftVK1JetRcVy65t8MB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvOHo1bXZrbUxLTlItMVVyVWw2MUZ4WExybTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEIAEL9/wA
MA0GCSqGSIb3DQEBCwUAA4IBAQBs/IeoElOAyYSvdcXYwVBBLbZ4hAXDsNtW8CfR
/m6aZ+8LYW6RfffJ/s2VAHocEKcB08jFtAITbnkaYPPA4Wfhs4f0Dc/YYCywOzy6
Xqgf+p412IXIWqedjBtNMGSf4zXmlbCtl+b6kZJW54wDdDaKpGQvWf48TKoiMMCj
cwNx4voY4Uu2Tnihfsyi7R7QU4bJ4JoA9dxGO4F2pzFd+fm1a28PI0UtaJdlYZ+W
+PeYKCtrcjfSkVAC35KNlzTRtNGLziHrG5eEWjJkUNzEKjM0AyZM91TR9Og4KjWt
mztQZxZEOSRhu3E50p2IVu1fOmdtoz9KIlMh+hFPttPLtEmH
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:35:59 2024 by rpki-client on console-ams.rpki-client.org