Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/Vxff7_lS78TQOmOx6LoVIz8ubdQ.roa
File: Vxff7_lS78TQOmOx6LoVIz8ubdQ.roa (raw, json)
Hash identifier: crLe0SNzPisbNYTAOnznLPKN/adNgkZjN1Y/zog9k3Q=
Subject key identifier: 57:17:DF:EF:F9:52:EF:C4:D0:3A:63:B1:E8:BA:15:23:3F:2E:6D:D4
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 018CC72577E886D7CA42BC0E8B4BEFB20005
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/Vxff7_lS78TQOmOx6LoVIz8ubdQ.roa
Signing time: Mon 01 Jan 2024 22:29:30 +0000
ROA not before: Mon 01 Jan 2024 22:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29670
IP address blocks: 2001:bf6::/32 maxlen: 48
2001:bf0:c000::/35 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.mft
rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:77:e8:86:d7:ca:42:bc:0e:8b:4b:ef:b2:00:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 22:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5717dfeff952efc4d03a63b1e8ba15233f2e6dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:30:61:14:d6:77:dd:f0:02:53:8f:00:b4:
63:9a:ff:3d:c5:e8:11:91:5f:31:4d:06:0e:c7:13:
12:fd:a7:e5:ae:11:36:83:02:f2:d9:54:3b:ad:c2:
92:96:aa:c1:42:9e:e7:44:4a:ae:57:38:b5:37:c5:
fb:69:9d:81:68:7a:60:1a:4f:7b:df:02:a4:fc:db:
c3:57:f1:63:72:88:58:29:27:69:66:58:1e:83:90:
5c:63:62:9e:97:a0:c2:73:43:1c:3a:a8:a4:d5:e5:
90:5e:c6:fb:6a:f4:5c:c1:5c:0a:29:21:5c:f3:64:
10:4b:53:46:eb:e4:7b:03:6c:29:aa:59:e3:2b:7a:
80:05:a6:a9:10:4d:c8:55:00:8e:39:c8:c0:1a:33:
c3:0f:14:f9:fb:d8:9b:4b:74:e2:db:18:6b:3a:20:
d4:80:09:9b:e2:14:9b:e3:38:f4:2f:5a:22:6b:6f:
00:17:2a:08:c4:b3:21:80:58:b9:80:66:a8:07:84:
98:f2:ba:fd:c1:13:2d:d6:55:87:52:0f:60:c7:00:
91:05:6f:9e:9b:a0:97:6f:4b:ce:22:16:84:d5:10:
51:b2:2a:ae:4f:f2:a5:ae:da:4a:73:c3:07:07:ce:
7c:68:88:6e:9b:31:67:84:46:4c:66:38:bb:3f:75:
47:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:17:DF:EF:F9:52:EF:C4:D0:3A:63:B1:E8:BA:15:23:3F:2E:6D:D4
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/Vxff7_lS78TQOmOx6LoVIz8ubdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf0:c000::/35
2001:bf6::/32
Signature Algorithm: sha256WithRSAEncryption
22:a9:90:94:9b:36:08:60:3f:a9:ec:47:54:ca:4b:b6:19:77:
34:ca:27:bc:22:de:66:1b:6c:de:f1:6d:33:58:3f:11:aa:71:
46:5a:72:87:f0:a3:e3:83:34:6c:d0:5b:f4:d6:86:25:e2:1f:
2a:e8:8d:b9:83:24:39:7e:54:ff:a9:bc:c4:2e:2f:1e:20:63:
a5:d8:e2:61:09:17:cd:70:aa:53:62:cf:9b:43:92:5c:1b:1e:
c3:b4:ed:7e:c7:d4:a1:df:08:1a:93:ea:94:7f:53:4b:a2:71:
59:5d:1e:6b:01:9d:49:ae:86:2b:0c:43:7a:bb:4c:57:e5:60:
fe:35:24:69:20:40:91:f3:bb:f4:11:59:47:e7:28:e2:22:f7:
20:3c:f5:6a:b7:1e:dd:7b:bb:83:fb:f6:9d:a0:19:b2:86:80:
75:4f:51:95:61:7b:28:9b:7c:25:43:d1:4f:f9:02:b3:03:a7:
5c:91:0d:30:c9:ad:7c:5d:9c:6a:f6:5b:9e:da:70:82:dd:8e:
39:ea:97:a9:0c:d0:01:02:aa:6b:5f:47:24:58:f4:16:52:80:
5b:75:d3:72:e6:7d:71:e5:7c:d8:1f:f4:f4:a1:90:c2:e2:35:
32:ca:93:1d:35:73:64:27:5d:c0:36:00:ec:51:3f:52:cf:e7:
f6:3b:aa:02
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYzHJXfohtfKQrwOi0vvsgAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzE3ZGZlZmY5NTJlZmM0ZDAzYTYzYjFlOGJhMTUyMzNmMmU2ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTMwYRTWd93wAlOPALRjmv89xegR
kV8xTQYOxxMS/aflrhE2gwLy2VQ7rcKSlqrBQp7nREquVzi1N8X7aZ2BaHpgGk97
3wKk/NvDV/FjcohYKSdpZlgeg5BcY2Kel6DCc0McOqik1eWQXsb7avRcwVwKKSFc
82QQS1NG6+R7A2wpqlnjK3qABaapEE3IVQCOOcjAGjPDDxT5+9ibS3Ti2xhrOiDU
gAmb4hSb4zj0L1oia28AFyoIxLMhgFi5gGaoB4SY8rr9wRMt1lWHUg9gxwCRBW+e
m6CXb0vOIhaE1RBRsiquT/KlrtpKc8MHB858aIhumzFnhEZMZji7P3VH5wIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFFcX3+/5Uu/E0Dpjsei6FSM/Lm3UMB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvVnhmZjdfbFM3OFRRT21PeDZMb1ZJejh1YmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYFIAEL8MAD
BQAgAQv2MA0GCSqGSIb3DQEBCwUAA4IBAQAiqZCUmzYIYD+p7EdUyku2GXc0yie8
It5mG2ze8W0zWD8RqnFGWnKH8KPjgzRs0Fv01oYl4h8q6I25gyQ5flT/qbzELi8e
IGOl2OJhCRfNcKpTYs+bQ5JcGx7DtO1+x9Sh3wgak+qUf1NLonFZXR5rAZ1JroYr
DEN6u0xX5WD+NSRpIECR87v0EVlH5yjiIvcgPPVqtx7de7uD+/adoBmyhoB1T1GV
YXsom3wlQ9FP+QKzA6dckQ0wya18XZxq9lue2nCC3Y456pepDNABAqprX0ckWPQW
UoBbddNy5n1x5XzYH/T0oZDC4jUyypMdNXNkJ13ANgDsUT9Sz+f2O6oC
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:42 2024 by rpki-client on console-fra.rpki-client.org