Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/Ag12A8lV_aRse_thduwYb7mBBa4.roa
File: Ag12A8lV_aRse_thduwYb7mBBa4.roa (raw, json)
Hash identifier: P1i57gKCu5Sf9Z3bIjjncpYh56H0J019uTOcLfuNENE=
Subject key identifier: 02:0D:76:03:C9:55:FD:A4:6C:7B:FB:61:76:EC:18:6F:B9:81:05:AE
Certificate issuer: /CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Certificate serial: 018CC3490C718115BC31BFFAF74C14E33177
Authority key identifier: 18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/Ag12A8lV_aRse_thduwYb7mBBa4.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2001:678:a90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0c:71:81:15:bc:31:bf:fa:f7:4c:14:e3:31:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f4ee88584d6dfd9e3aa9bc201c50f44e353d9c
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=020d7603c955fda46c7bfb6176ec186fb98105ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:23:1a:6c:64:6b:62:55:a7:47:dc:4a:3f:e9:
a2:86:64:cb:ae:9f:06:73:e9:57:29:9f:fc:6c:93:
df:c3:56:84:cf:c9:a8:50:f7:ef:ea:32:5d:fa:7f:
c6:f1:fa:86:3b:60:d0:17:b4:83:54:73:2a:ef:bc:
a2:74:9a:3a:c3:47:fa:a7:b3:65:e8:a2:d5:a2:6d:
b5:f0:0b:a8:60:bf:7f:b8:84:a0:c5:fc:70:55:d8:
88:e9:ad:1a:0c:4b:ff:2a:2c:ca:67:42:5b:77:b5:
b2:d8:d0:67:17:e5:db:e8:61:30:6f:6d:36:34:b6:
d1:2c:31:6c:30:f3:e3:e9:de:a7:1b:20:4c:20:49:
65:a1:d5:31:6e:c5:8e:80:0a:17:f7:e0:3d:56:02:
43:57:41:51:0a:2d:ae:0f:b8:f1:ef:bb:2c:9a:24:
93:9a:ea:23:e0:5e:97:f4:46:50:f7:5f:aa:87:5d:
34:9c:02:3c:7e:47:fe:8e:3e:2a:23:3f:b6:76:08:
c4:ea:bb:42:d8:19:0c:69:f8:a6:e5:b3:84:fe:18:
a6:5e:dd:7c:02:46:a4:75:e8:de:f3:b8:ec:45:59:
f9:53:7a:c5:b3:75:0e:61:e2:35:10:3c:7c:1f:2b:
35:4f:7c:9a:54:70:81:fa:d4:26:f9:d1:2f:27:d6:
65:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0D:76:03:C9:55:FD:A4:6C:7B:FB:61:76:EC:18:6F:B9:81:05:AE
X509v3 Authority Key Identifier:
keyid:18:F4:EE:88:58:4D:6D:FD:9E:3A:A9:BC:20:1C:50:F4:4E:35:3D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPTuiFhNbf2eOqm8IBxQ9E41PZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/Ag12A8lV_aRse_thduwYb7mBBa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/9f8fbe-b2e8-472d-9ebc-0b9885863ebf/1/GPTuiFhNbf2eOqm8IBxQ9E41PZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a90::/48
Signature Algorithm: sha256WithRSAEncryption
09:5f:72:d9:27:92:7d:30:e0:07:cc:6a:6d:d9:19:37:60:0b:
0e:5b:68:41:b6:5d:58:18:aa:9e:0d:bb:69:85:13:2b:ae:dc:
64:8a:17:1f:69:c8:eb:e1:72:80:ca:a1:15:38:99:62:89:38:
29:62:65:69:79:b0:d4:a2:e4:33:25:de:91:5f:5a:62:55:07:
ba:8e:f7:aa:e6:df:d3:5a:7f:b5:36:73:d5:53:a2:bd:9f:a5:
24:44:90:db:b4:3b:ab:b5:5e:76:2b:0a:82:42:40:c7:c2:5d:
ad:04:e8:30:fe:6f:dc:4e:4e:1c:c4:c6:7f:91:c3:b9:db:c6:
1e:a7:13:50:9f:e2:3d:56:6e:a7:83:23:19:16:dd:1f:b2:9d:
1c:f0:06:ed:0e:bb:20:5e:28:05:b2:f2:f5:3d:ba:4e:fd:da:
10:45:6d:09:e9:4e:1f:6a:8a:6f:d8:73:9c:a6:ad:63:b9:5c:
64:28:be:c3:d1:f2:be:8d:a3:bf:30:c4:20:fd:7b:0f:6b:49:
95:16:47:cd:f2:e0:c9:e4:f4:9a:09:3c:f9:fe:92:cb:5c:02:
5b:7b:44:85:2f:72:9d:b7:a3:d2:b0:6b:8d:49:5a:8f:be:1e:
27:f8:7e:47:fe:66:b1:e9:67:1f:89:77:c2:6c:eb:0f:44:e9:
22:41:1d:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSQxxgRW8Mb/690wU4zF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjRlZTg4NTg0ZDZkZmQ5ZTNhYTliYzIwMWM1MGY0NGUz
NTNkOWMwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBkNzYwM2M5NTVmZGE0NmM3YmZiNjE3NmVjMTg2ZmI5ODEwNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiMabGRrYlWnR9xKP+mihmTLrp8G
c+lXKZ/8bJPfw1aEz8moUPfv6jJd+n/G8fqGO2DQF7SDVHMq77yidJo6w0f6p7Nl
6KLVom218AuoYL9/uISgxfxwVdiI6a0aDEv/KizKZ0Jbd7Wy2NBnF+Xb6GEwb202
NLbRLDFsMPPj6d6nGyBMIEllodUxbsWOgAoX9+A9VgJDV0FRCi2uD7jx77ssmiST
muoj4F6X9EZQ91+qh100nAI8fkf+jj4qIz+2dgjE6rtC2BkMafim5bOE/himXt18
Akakdeje87jsRVn5U3rFs3UOYeI1EDx8Hys1T3yaVHCB+tQm+dEvJ9ZlowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAINdgPJVf2kbHv7YXbsGG+5gQWuMB8GA1UdIwQY
MBaAFBj07ohYTW39njqpvCAcUPRONT2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMt
MGI5ODg1ODYzZWJmLzEvQWcxMkE4bFZfYVJzZV90aGR1d1liN21CQmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85ZjhmYmUtYjJlOC00NzJkLTllYmMtMGI5ODg1ODYzZWJm
LzEvR1BUdWlGaE5iZjJlT3FtOElCeFE5RTQxUFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAJX3LZJ5J9MOAHzGpt2Rk3YAsOW2hBtl1YGKqe
DbtphRMrrtxkihcfacjr4XKAyqEVOJliiTgpYmVpebDUouQzJd6RX1piVQe6jveq
5t/TWn+1NnPVU6K9n6UkRJDbtDurtV52KwqCQkDHwl2tBOgw/m/cTk4cxMZ/kcO5
28YepxNQn+I9Vm6ngyMZFt0fsp0c8AbtDrsgXigFsvL1PbpO/doQRW0J6U4faopv
2HOcpq1juVxkKL7D0fK+jaO/MMQg/XsPa0mVFkfN8uDJ5PSaCTz5/pLLXAJbe0SF
L3Kdt6PSsGuNSVqPvh4n+H5H/max6WcfiXfCbOsPROkiQR2G
-----END CERTIFICATE-----
Generated at Mon May 6 11:26:51 2024 by rpki-client on console-ams.rpki-client.org