Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/FoQRgM8BnpzoZHF8ZymmbE_DzuI.roa
File: FoQRgM8BnpzoZHF8ZymmbE_DzuI.roa (raw, json)
Hash identifier: VtgFeGz98uhmpWtZ/9J00fC8b236yzM8nS+m1C/NI6A=
Subject key identifier: 16:84:11:80:CF:01:9E:9C:E8:64:71:7C:67:29:A6:6C:4F:C3:CE:E2
Certificate issuer: /CN=1e8c77336d66f7b0238e6c184c64fa4f24d09f01
Certificate serial: 018CC26CFCEEBD6881108D4532FDF3FB0AF3
Authority key identifier: 1E:8C:77:33:6D:66:F7:B0:23:8E:6C:18:4C:64:FA:4F:24:D0:9F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hox3M21m97AjjmwYTGT6TyTQnwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/FoQRgM8BnpzoZHF8ZymmbE_DzuI.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44973
IP address blocks: 2001:678:59c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/Hox3M21m97AjjmwYTGT6TyTQnwE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/Hox3M21m97AjjmwYTGT6TyTQnwE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hox3M21m97AjjmwYTGT6TyTQnwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fc:ee:bd:68:81:10:8d:45:32:fd:f3:fb:0a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e8c77336d66f7b0238e6c184c64fa4f24d09f01
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16841180cf019e9ce864717c6729a66c4fc3cee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d7:41:22:1d:b7:ff:5e:12:6a:bf:eb:0b:04:
d4:b0:88:6e:f2:e3:3b:ee:89:81:ab:fb:63:e7:ab:
c9:a6:5a:ce:c4:c3:5b:cf:6d:49:7a:60:ad:00:95:
da:06:b4:27:00:d3:02:18:23:d3:09:3d:4d:2e:d4:
3e:55:04:51:bf:09:cc:7f:47:53:2c:82:aa:74:58:
54:75:94:b9:65:f1:81:68:92:8e:33:58:f8:6e:72:
62:18:e3:65:25:60:e0:07:ac:25:1a:f8:76:b1:e1:
36:49:78:69:ca:ae:9f:b4:d7:9c:b5:78:18:a8:5e:
22:e0:43:62:fa:14:40:af:79:e5:0a:1a:72:1d:3d:
d1:ba:a9:ef:36:a3:f9:dc:51:9d:88:43:f0:4c:d3:
7a:63:96:c2:5a:93:76:dc:83:1d:4f:71:67:0b:2b:
50:8a:cd:83:20:59:7d:a6:5f:eb:07:58:3f:34:fe:
68:2e:bd:1f:d9:7c:e5:f9:8a:7d:de:2d:2a:ce:7a:
9e:f7:8b:01:19:05:ba:cf:ba:3c:64:f2:c9:f0:94:
9e:bd:9c:0c:21:aa:a8:5b:70:dd:21:90:96:82:57:
d7:28:02:dc:e4:3f:83:7c:e3:a7:1d:b0:92:bb:a8:
df:2b:b5:f0:8d:ca:25:ac:27:dd:2d:98:d5:06:bf:
43:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:84:11:80:CF:01:9E:9C:E8:64:71:7C:67:29:A6:6C:4F:C3:CE:E2
X509v3 Authority Key Identifier:
keyid:1E:8C:77:33:6D:66:F7:B0:23:8E:6C:18:4C:64:FA:4F:24:D0:9F:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hox3M21m97AjjmwYTGT6TyTQnwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/FoQRgM8BnpzoZHF8ZymmbE_DzuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7da79d-60f4-47a8-813a-99957df4997e/1/Hox3M21m97AjjmwYTGT6TyTQnwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:59c::/48
Signature Algorithm: sha256WithRSAEncryption
1d:4a:c2:2f:b0:52:6a:e4:de:78:19:37:ae:e0:5c:75:69:b8:
5c:7e:a3:07:f5:54:b6:9c:a1:ed:84:91:27:df:92:6f:be:fd:
34:65:1b:90:f8:ac:79:40:bb:11:27:2b:e0:b0:71:b8:e2:e4:
14:70:bb:c5:ea:13:0d:d9:2a:6d:9e:f2:e9:ed:7c:11:fb:a2:
e1:c4:fe:8d:c6:0d:fa:18:ef:d0:cf:90:bf:17:36:65:49:4a:
63:cb:97:17:4a:be:dd:49:82:a9:fa:79:ba:b4:00:54:20:23:
a0:f2:45:3c:ed:d5:3f:2a:86:fd:2c:86:18:78:e0:20:6c:e5:
2d:0a:a5:aa:9f:5d:e5:ef:ca:9c:b0:83:0f:bc:78:cf:bb:eb:
0b:29:74:05:d6:26:3f:75:1b:c1:f6:4e:0b:26:60:ab:e2:1c:
ce:64:6a:cb:d1:ef:f8:e2:fa:ac:ca:1f:3c:28:c6:79:18:9d:
f7:09:b8:2c:a5:3f:42:29:ba:b2:22:71:01:94:f5:9f:48:fb:
46:aa:58:67:65:7b:a4:8e:1b:61:5c:29:b3:48:1f:21:58:4c:
80:1c:6b:a5:d5:d9:d1:61:41:5c:42:5a:c6:04:02:82:eb:2d:
1e:e8:0a:8d:86:a0:f4:56:8f:2f:1c:c0:f7:b3:ee:41:3e:a0:
c4:74:7e:3c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbPzuvWiBEI1FMv3z+wrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOGM3NzMzNmQ2NmY3YjAyMzhlNmMxODRjNjRmYTRmMjRk
MDlmMDEwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg0MTE4MGNmMDE5ZTljZTg2NDcxN2M2NzI5YTY2YzRmYzNjZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNdBIh23/14Sar/rCwTUsIhu8uM7
7omBq/tj56vJplrOxMNbz21JemCtAJXaBrQnANMCGCPTCT1NLtQ+VQRRvwnMf0dT
LIKqdFhUdZS5ZfGBaJKOM1j4bnJiGONlJWDgB6wlGvh2seE2SXhpyq6ftNectXgY
qF4i4ENi+hRAr3nlChpyHT3RuqnvNqP53FGdiEPwTNN6Y5bCWpN23IMdT3FnCytQ
is2DIFl9pl/rB1g/NP5oLr0f2Xzl+Yp93i0qznqe94sBGQW6z7o8ZPLJ8JSevZwM
IaqoW3DdIZCWglfXKALc5D+DfOOnHbCSu6jfK7XwjcolrCfdLZjVBr9DNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBaEEYDPAZ6c6GRxfGcppmxPw87iMB8GA1UdIwQY
MBaAFB6MdzNtZvewI45sGExk+k8k0J8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG94M00yMW05N0Fqam13WVRHVDZUeVRRbndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZGE3OWQtNjBmNC00N2E4LTgxM2Et
OTk5NTdkZjQ5OTdlLzEvRm9RUmdNOEJucHpvWkhGOFp5bW1iRV9EenVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZGE3OWQtNjBmNC00N2E4LTgxM2EtOTk5NTdkZjQ5OTdl
LzEvSG94M00yMW05N0Fqam13WVRHVDZUeVRRbndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAWc
MA0GCSqGSIb3DQEBCwUAA4IBAQAdSsIvsFJq5N54GTeu4Fx1abhcfqMH9VS2nKHt
hJEn35Jvvv00ZRuQ+Kx5QLsRJyvgsHG44uQUcLvF6hMN2SptnvLp7XwR+6LhxP6N
xg36GO/Qz5C/FzZlSUpjy5cXSr7dSYKp+nm6tABUICOg8kU87dU/Kob9LIYYeOAg
bOUtCqWqn13l78qcsIMPvHjPu+sLKXQF1iY/dRvB9k4LJmCr4hzOZGrL0e/44vqs
yh88KMZ5GJ33CbgspT9CKbqyInEBlPWfSPtGqlhnZXukjhthXCmzSB8hWEyAHGul
1dnRYUFcQlrGBAKC6y0e6AqNhqD0Vo8vHMD3s+5BPqDEdH48
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:56 2024 by rpki-client on console-fra.rpki-client.org