Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/QmsUG2Ll0EvXl12SyoldzO99v1w.roa
File: QmsUG2Ll0EvXl12SyoldzO99v1w.roa (raw, json)
Hash identifier: t7C7O/74CTgtHnHaRhdY8ZH5PFaKW1NE3ANl0z3pdL0=
Subject key identifier: 42:6B:14:1B:62:E5:D0:4B:D7:97:5D:92:CA:89:5D:CC:EF:7D:BF:5C
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018DB084FCCDC9A392291BC07F47CE67797A
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/QmsUG2Ll0EvXl12SyoldzO99v1w.roa
Signing time: Fri 16 Feb 2024 06:05:21 +0000
ROA not before: Fri 16 Feb 2024 06:05:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39686
IP address blocks: 2a07:3500:11e0::/48 maxlen: 48
2a07:3501:1050::/48 maxlen: 48
2a07:3501:1060::/48 maxlen: 48
2a07:3502:11c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b0:84:fc:cd:c9:a3:92:29:1b:c0:7f:47:ce:67:79:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 16 06:05:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=426b141b62e5d04bd7975d92ca895dccef7dbf5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:72:c6:5a:55:80:34:46:c5:db:ce:c6:3f:84:
d8:5c:2d:a4:f2:83:34:eb:da:bd:97:02:dd:b5:57:
7b:b2:6a:2b:98:1a:34:6b:17:68:83:36:48:e3:5d:
5d:33:87:96:db:31:02:77:c9:25:5b:52:ad:8c:5a:
31:cb:32:ac:d2:70:af:15:61:61:77:03:24:71:87:
f4:02:66:93:a2:fb:8d:6d:87:37:18:57:a3:bf:f7:
a0:1f:03:6b:1f:1f:ad:b0:10:87:56:96:53:e9:c7:
b1:6c:24:57:0d:04:3d:aa:8a:05:53:72:92:96:ad:
87:21:c9:62:19:8b:4c:14:40:7d:f8:95:15:6a:d2:
09:42:15:7f:73:9d:0e:41:ca:6e:df:b5:7d:6d:d8:
36:27:12:e9:c6:39:fe:60:42:d8:d8:6e:d5:db:18:
08:e8:80:81:11:b1:e6:0a:47:46:fe:4f:ac:be:29:
6f:d0:18:85:e9:e2:a0:b4:36:56:25:c4:94:73:5a:
36:de:b7:f2:0f:1b:ea:00:b4:3d:b4:79:6a:46:bc:
9d:c3:85:96:53:47:0e:28:ab:28:13:b4:8f:fd:9d:
9b:2e:0b:f0:71:dd:d5:cc:a7:61:35:ba:83:1f:d9:
c3:07:7b:27:25:cb:90:d3:ba:35:3a:2c:d1:db:83:
10:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6B:14:1B:62:E5:D0:4B:D7:97:5D:92:CA:89:5D:CC:EF:7D:BF:5C
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/QmsUG2Ll0EvXl12SyoldzO99v1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:11e0::/48
2a07:3501:1050::/48
2a07:3501:1060::/48
2a07:3502:11c0::/48
Signature Algorithm: sha256WithRSAEncryption
34:dd:f7:3a:dd:61:4c:ec:9e:1c:ac:d6:29:f4:4c:84:d3:66:
f0:86:9b:8c:82:c9:b7:57:7c:4f:a5:dc:e1:18:65:cf:e1:79:
3c:43:9f:2d:2d:a9:c4:7b:ae:1c:27:ef:06:9b:e5:8c:aa:02:
95:55:a3:01:56:91:a9:ad:da:be:da:00:c9:48:ea:06:a6:6c:
f9:60:6f:17:59:b1:f2:6e:e4:37:a6:bc:a6:a0:2a:19:59:e1:
ef:b7:83:f7:2e:08:bf:dc:bd:73:55:12:3e:6a:9c:e0:47:56:
9b:44:76:ba:39:1c:86:f9:27:36:a0:80:f7:45:93:32:ae:23:
30:ea:a3:3c:a6:1c:9e:5b:03:38:83:ab:4c:bf:c8:db:61:48:
67:a2:73:e4:f1:d4:a8:cb:24:bc:d5:0e:92:b3:de:22:92:2d:
f8:61:bd:30:66:75:b7:80:b9:5d:55:99:96:3e:54:96:2b:54:
e2:c1:3d:e5:93:d3:bd:6c:cf:8a:80:a7:a0:34:0e:ec:ce:a6:
47:4a:be:da:47:36:ed:c9:c7:d2:a8:36:96:2b:9c:2f:0f:a0:
8d:01:a3:23:be:db:f6:df:d1:58:cf:66:58:9e:47:61:2f:d2:
e9:31:90:13:6f:74:dd:96:94:ca:4f:11:b9:2e:63:f7:a2:e2:
12:b9:60:7f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2whPzNyaOSKRvAf0fOZ3l6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMjE2MDYwNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjZiMTQxYjYyZTVkMDRiZDc5NzVkOTJjYTg5NWRjY2VmN2RiZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXLGWlWANEbF287GP4TYXC2k8oM0
69q9lwLdtVd7smormBo0axdogzZI411dM4eW2zECd8klW1KtjFoxyzKs0nCvFWFh
dwMkcYf0AmaTovuNbYc3GFejv/egHwNrHx+tsBCHVpZT6cexbCRXDQQ9qooFU3KS
lq2HIcliGYtMFEB9+JUVatIJQhV/c50OQcpu37V9bdg2JxLpxjn+YELY2G7V2xgI
6ICBEbHmCkdG/k+svilv0BiF6eKgtDZWJcSUc1o23rfyDxvqALQ9tHlqRrydw4WW
U0cOKKsoE7SP/Z2bLgvwcd3VzKdhNbqDH9nDB3snJcuQ07o1OizR24MQbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEJrFBti5dBL15ddksqJXczvfb9cMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvUW1zVUcyTGwwRXZYbDEyU3lvbGR6Tzk5djF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgc1ABHg
AwcAKgc1ARBQAwcAKgc1ARBgAwcAKgc1AhHAMA0GCSqGSIb3DQEBCwUAA4IBAQA0
3fc63WFM7J4crNYp9EyE02bwhpuMgsm3V3xPpdzhGGXP4Xk8Q58tLanEe64cJ+8G
m+WMqgKVVaMBVpGprdq+2gDJSOoGpmz5YG8XWbHybuQ3prymoCoZWeHvt4P3Lgi/
3L1zVRI+apzgR1abRHa6ORyG+Sc2oID3RZMyriMw6qM8phyeWwM4g6tMv8jbYUhn
onPk8dSoyyS81Q6Ss94iki34Yb0wZnW3gLldVZmWPlSWK1TiwT3lk9O9bM+KgKeg
NA7szqZHSr7aRzbtycfSqDaWK5wvD6CNAaMjvtv239FYz2ZYnkdhL9LpMZATb3Td
lpTKTxG5LmP3ouISuWB/
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:50 2024 by rpki-client on console-ams.rpki-client.org