Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/BGnHHDcE3cf_4KtVFfypiexwh_E.roa
File: BGnHHDcE3cf_4KtVFfypiexwh_E.roa (raw, json)
Hash identifier: tZPqzF2TOaBC0Ot+nkYNYdq66KrVbKjoxjiLIX4lVBk=
Subject key identifier: 04:69:C7:1C:37:04:DD:C7:FF:E0:AB:55:15:FC:A9:89:EC:70:87:F1
Certificate issuer: /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial: 018CC6B8ED0D419024811BA2A3215D1E331B
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/BGnHHDcE3cf_4KtVFfypiexwh_E.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133752
IP address blocks: 2a00:c6c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ed:0d:41:90:24:81:1b:a2:a3:21:5d:1e:33:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0469c71c3704ddc7ffe0ab5515fca989ec7087f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f9:7c:1b:7c:54:d5:fa:cc:53:66:89:74:f5:
fc:66:be:ff:d0:6a:64:b9:f1:99:2b:cb:a1:0d:17:
92:ec:c7:97:58:8f:c3:8c:77:e7:be:55:af:43:9e:
04:c2:8b:69:3e:55:34:f0:69:a7:fa:48:50:48:76:
36:7c:31:2a:82:27:40:d8:d0:d8:5e:24:af:8a:b6:
eb:53:c9:14:8c:a8:95:4b:63:ad:91:17:c4:8e:bb:
29:63:cb:19:6a:17:56:69:34:77:02:e1:af:65:6e:
8b:5a:ff:b2:70:75:56:3a:c1:bf:1f:e5:7f:5c:b9:
02:ec:13:d9:5c:97:a6:95:0c:57:49:1b:95:fe:c0:
97:8b:92:db:2d:67:80:d6:ba:c2:2b:f3:ad:b8:21:
4b:d3:0f:40:df:d7:4c:76:b0:fe:4f:a8:dc:63:4e:
6a:43:0c:c2:30:bb:70:2e:d9:67:ea:96:39:44:4c:
02:e7:ea:20:26:2f:22:74:f5:4b:41:0e:5b:1c:6d:
12:d9:bc:97:99:20:68:e0:ea:89:cd:6f:03:56:7c:
be:7a:bb:e8:6e:55:c8:8d:68:bd:1f:00:52:d6:55:
e8:49:70:35:f2:49:fa:4f:55:cb:79:ec:97:8a:60:
60:ba:27:cf:ac:4d:38:d3:17:e9:b7:3b:62:fe:ba:
b7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:69:C7:1C:37:04:DD:C7:FF:E0:AB:55:15:FC:A9:89:EC:70:87:F1
X509v3 Authority Key Identifier:
keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/BGnHHDcE3cf_4KtVFfypiexwh_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:c6c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
32:b0:fa:ea:a0:10:cf:e8:67:4d:f1:40:38:25:87:97:d1:ea:
42:74:aa:6e:3f:82:2c:9d:20:b7:40:65:b9:88:c1:6c:dc:6b:
cb:b0:b6:25:d2:61:3b:f1:e1:2b:fb:86:a2:ed:b5:b9:7e:cd:
d8:45:2a:af:b4:36:ed:93:69:f6:ea:a2:d2:3a:06:ec:26:75:
56:6b:98:fc:2f:d4:5d:a0:6c:d0:ee:34:86:ae:cb:c7:13:38:
3b:7e:04:2c:d8:5f:22:cb:01:e1:27:12:81:e0:87:c9:1e:1a:
e0:57:57:a1:37:bd:1e:bc:00:c3:d8:70:71:f7:5a:74:15:2a:
1a:1a:02:c9:7a:67:1c:7c:40:de:ef:91:31:e4:b9:af:d2:d4:
1f:ec:11:61:01:73:5f:40:0c:b0:4f:a4:52:93:fe:6b:b8:e1:
4d:74:87:3f:5f:2b:33:47:05:ec:8e:03:da:c0:db:ea:f0:f6:
d7:a3:d7:ed:4d:f8:1e:e2:0d:23:2b:8b:a4:7f:c5:5c:1d:3d:
13:57:40:60:9c:0a:8a:ec:25:14:ba:e0:2f:e1:73:43:0f:76:
f7:eb:9f:24:0e:97:2f:08:7a:77:0a:5b:fe:ca:fd:9b:63:6c:
58:93:3f:65:a0:f1:6d:b8:4d:43:0b:0b:d1:54:ea:27:b4:d6:
ba:d1:ae:a0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuO0NQZAkgRuioyFdHjMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY5YzcxYzM3MDRkZGM3ZmZlMGFiNTUxNWZjYTk4OWVjNzA4N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfl8G3xU1frMU2aJdPX8Zr7/0Gpk
ufGZK8uhDReS7MeXWI/DjHfnvlWvQ54EwotpPlU08Gmn+khQSHY2fDEqgidA2NDY
XiSvirbrU8kUjKiVS2OtkRfEjrspY8sZahdWaTR3AuGvZW6LWv+ycHVWOsG/H+V/
XLkC7BPZXJemlQxXSRuV/sCXi5LbLWeA1rrCK/OtuCFL0w9A39dMdrD+T6jcY05q
QwzCMLtwLtln6pY5REwC5+ogJi8idPVLQQ5bHG0S2byXmSBo4OqJzW8DVny+ervo
blXIjWi9HwBS1lXoSXA18kn6T1XLeeyXimBguifPrE040xfptzti/rq3dQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFARpxxw3BN3H/+CrVRX8qYnscIfxMB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvQkduSEhEY0UzY2ZfNEt0VkZmeXBpZXh3aF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODktNTNlZGM2MjZiMjg3
LzEvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgDGwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAysPrqoBDP6GdN8UA4JYeX0epCdKpuP4IsnSC3
QGW5iMFs3GvLsLYl0mE78eEr+4ai7bW5fs3YRSqvtDbtk2n26qLSOgbsJnVWa5j8
L9RdoGzQ7jSGrsvHEzg7fgQs2F8iywHhJxKB4IfJHhrgV1ehN70evADD2HBx91p0
FSoaGgLJemccfEDe75Ex5Lmv0tQf7BFhAXNfQAywT6RSk/5ruOFNdIc/XyszRwXs
jgPawNvq8PbXo9ftTfge4g0jK4ukf8VcHT0TV0BgnAqK7CUUuuAv4XNDD3b3658k
DpcvCHp3Clv+yv2bY2xYkz9loPFtuE1DCwvRVOontNa60a6g
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:30:51 2024 by rpki-client on console-ams.rpki-client.org