Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/9mviu7JST6AIvEKX9gHv8L_wXHY.roa
File: 9mviu7JST6AIvEKX9gHv8L_wXHY.roa (raw, json)
Hash identifier: sNtGVmRruhOkuzd1VXvV+YvrxaMCplBAyvla2w7+4Vc=
Subject key identifier: F6:6B:E2:BB:B2:52:4F:A0:08:BC:42:97:F6:01:EF:F0:BF:F0:5C:76
Certificate issuer: /CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Certificate serial: 018CC94D96DF727C2DA0C611D4EF4739B910
Authority key identifier: 3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/9mviu7JST6AIvEKX9gHv8L_wXHY.roa
Signing time: Tue 02 Jan 2024 08:32:34 +0000
ROA not before: Tue 02 Jan 2024 08:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60236
IP address blocks: 2a0f:2a00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:96:df:72:7c:2d:a0:c6:11:d4:ef:47:39:b9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f2b4fcea4b722f2a6f6c705c5589ee1abc620ae
Validity
Not Before: Jan 2 08:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f66be2bbb2524fa008bc4297f601eff0bff05c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:79:31:de:36:62:0f:b3:24:18:ec:9e:6b:b4:
3d:07:bb:99:83:17:da:bc:92:36:17:d6:1f:22:1a:
a3:10:eb:1e:7e:44:1d:77:05:07:7e:a4:2b:6f:f1:
27:f7:3c:70:20:cd:98:7b:5f:b7:f5:6b:69:bc:07:
22:a5:86:f0:33:31:7e:1f:c2:13:ec:1d:46:6c:0a:
66:11:5d:83:48:1f:43:5e:56:d2:b9:58:3f:64:65:
99:64:33:da:48:ab:34:39:25:c1:87:4c:93:df:12:
ec:5f:67:83:b8:e7:62:ea:38:1d:29:6e:6f:00:f0:
48:41:d9:c4:fd:ca:f3:99:f6:a7:d4:ba:e9:7d:4d:
c4:12:e6:1a:fa:28:77:88:c6:6f:5b:c1:6a:dd:50:
fb:64:51:de:3b:4a:68:69:48:dc:cf:9f:1c:b2:3b:
67:b1:a6:0b:2a:95:c7:8d:42:ac:c7:c2:0b:9c:49:
5a:83:15:9b:34:72:87:0b:c9:7e:15:94:cd:3d:df:
d5:76:d4:2c:51:61:4c:56:f3:b9:a4:20:56:85:33:
aa:f8:ba:e7:fa:1f:2a:6d:05:f5:46:4c:eb:b0:32:
48:3b:55:09:c7:76:01:de:46:d0:1b:b6:14:c1:48:
83:6d:05:2c:cf:78:d5:c9:55:56:5a:d4:2d:ac:90:
d5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6B:E2:BB:B2:52:4F:A0:08:BC:42:97:F6:01:EF:F0:BF:F0:5C:76
X509v3 Authority Key Identifier:
keyid:3F:2B:4F:CE:A4:B7:22:F2:A6:F6:C7:05:C5:58:9E:E1:AB:C6:20:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PytPzqS3IvKm9scFxVie4avGIK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/9mviu7JST6AIvEKX9gHv8L_wXHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/85b237-d041-4497-a729-6253ad08f858/1/PytPzqS3IvKm9scFxVie4avGIK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2a00::/48
Signature Algorithm: sha256WithRSAEncryption
39:82:bd:3b:a8:55:65:2d:ee:be:cf:b3:0a:e5:2a:1b:7d:e7:
d2:ec:fb:50:5a:75:9a:e7:64:60:13:fd:8a:1c:ad:38:f2:c0:
ae:22:7b:9b:50:3e:ca:a5:db:f6:f9:b8:49:54:ce:81:26:37:
d2:11:3e:1a:a3:b4:0e:65:b9:7e:b4:7b:e2:cf:74:7b:cd:21:
eb:a5:4a:50:a8:50:6d:50:bb:bc:ef:95:f7:8d:db:ba:38:8b:
f6:98:51:bd:ac:98:07:75:9f:fb:69:d5:59:e4:7f:19:0f:4e:
ee:cc:55:f4:97:1f:99:6b:f4:59:81:06:be:2a:e5:40:22:47:
bc:bb:aa:e1:0a:60:9a:79:a3:af:f1:68:11:3a:dc:10:c0:ed:
45:c5:b0:3b:af:d5:7c:56:f2:17:0a:20:10:17:f2:74:74:7c:
5d:08:f6:b2:ab:08:6d:fc:71:e2:7c:d7:c9:d2:99:3c:69:80:
42:51:0a:b0:a8:c6:69:9f:82:67:28:f6:f7:93:23:4d:63:a1:
7a:f7:2f:80:dd:af:06:90:c4:e7:04:97:93:9a:33:f7:1f:e3:
c3:41:46:99:23:17:ab:90:06:6c:e9:3c:f2:d8:9f:5b:a9:b6:
30:d1:47:43:10:86:a3:ae:6f:a0:23:5e:ab:dd:d9:1d:a9:24:
49:9f:dd:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTZbfcnwtoMYR1O9HObkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMmI0ZmNlYTRiNzIyZjJhNmY2YzcwNWM1NTg5ZWUxYWJj
NjIwYWUwHhcNMjQwMTAyMDgzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZiZTJiYmIyNTI0ZmEwMDhiYzQyOTdmNjAxZWZmMGJmZjA1Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHkx3jZiD7MkGOyea7Q9B7uZgxfa
vJI2F9YfIhqjEOsefkQddwUHfqQrb/En9zxwIM2Ye1+39WtpvAcipYbwMzF+H8IT
7B1GbApmEV2DSB9DXlbSuVg/ZGWZZDPaSKs0OSXBh0yT3xLsX2eDuOdi6jgdKW5v
APBIQdnE/crzmfan1LrpfU3EEuYa+ih3iMZvW8Fq3VD7ZFHeO0poaUjcz58csjtn
saYLKpXHjUKsx8ILnElagxWbNHKHC8l+FZTNPd/VdtQsUWFMVvO5pCBWhTOq+Lrn
+h8qbQX1RkzrsDJIO1UJx3YB3kbQG7YUwUiDbQUsz3jVyVVWWtQtrJDVoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPZr4ruyUk+gCLxCl/YB7/C/8Fx2MB8GA1UdIwQY
MBaAFD8rT86ktyLypvbHBcVYnuGrxiCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3Mjkt
NjI1M2FkMDhmODU4LzEvOW12aXU3SlNUNkFJdkVLWDlnSHY4TF93WEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NWIyMzctZDA0MS00NDk3LWE3MjktNjI1M2FkMDhmODU4
LzEvUHl0UHpxUzNJdkttOXNjRnhWaWU0YXZHSUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg8qAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA5gr07qFVlLe6+z7MK5SobfefS7PtQWnWa52Rg
E/2KHK048sCuInubUD7Kpdv2+bhJVM6BJjfSET4ao7QOZbl+tHviz3R7zSHrpUpQ
qFBtULu875X3jdu6OIv2mFG9rJgHdZ/7adVZ5H8ZD07uzFX0lx+Za/RZgQa+KuVA
Ike8u6rhCmCaeaOv8WgROtwQwO1FxbA7r9V8VvIXCiAQF/J0dHxdCPayqwht/HHi
fNfJ0pk8aYBCUQqwqMZpn4JnKPb3kyNNY6F69y+A3a8GkMTnBJeTmjP3H+PDQUaZ
IxerkAZs6Tzy2J9bqbYw0UdDEIajrm+gI16r3dkdqSRJn93X
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:35 2024 by rpki-client on console-fra.rpki-client.org