Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/My4AjSIjL6XG2ko3xj8GECvD3q8.roa
File: My4AjSIjL6XG2ko3xj8GECvD3q8.roa (raw, json)
Hash identifier: 936pUQx9uw/KBzn1BPdYkG0NDFD6BOsajwBE2iUyo2s=
Subject key identifier: 33:2E:00:8D:22:23:2F:A5:C6:DA:4A:37:C6:3F:06:10:2B:C3:DE:AF
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AE5B89CBA69D81C6118A97A7AD06C
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/My4AjSIjL6XG2ko3xj8GECvD3q8.roa
Signing time: Mon 01 Jan 2024 18:30:46 +0000
ROA not before: Mon 01 Jan 2024 18:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201697
IP address blocks: 2a00:f826:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e5:b8:9c:ba:69:d8:1c:61:18:a9:7a:7a:d0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=332e008d22232fa5c6da4a37c63f06102bc3deaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dc:29:ae:bc:fb:26:93:1d:d4:cb:f6:54:ab:
50:5d:e7:bd:13:04:d7:ce:86:a4:2d:eb:8c:3b:36:
49:36:43:ff:4a:c8:57:be:88:d2:76:3a:26:d1:d3:
ec:10:44:f0:1f:08:b3:93:dd:07:3a:b0:78:2d:1e:
ed:e2:6a:10:1c:61:4c:80:e5:ab:dd:0a:33:b8:0f:
3e:83:9b:a9:85:0e:58:3a:71:98:6a:83:03:c3:13:
4d:13:2d:e3:60:97:67:33:84:6c:ca:ca:79:9c:de:
13:90:eb:87:7f:44:40:09:3c:54:a2:39:58:75:0d:
95:61:cb:43:26:f1:6b:15:58:fc:bc:51:59:82:58:
11:9b:53:a4:ad:60:25:a1:7f:99:36:4b:4c:53:93:
9d:7e:b1:ac:fb:40:79:f9:7f:e0:82:cb:0a:ea:51:
56:38:83:09:9b:04:c1:19:0e:66:e5:15:62:1a:2e:
0b:54:d0:c8:d4:25:c9:19:00:8b:1c:49:de:40:2a:
46:9d:be:83:7b:00:02:c9:f1:4b:31:a7:9d:02:4d:
fa:fa:4e:e4:f5:c3:be:7c:ef:44:42:39:e3:3f:ff:
50:ec:95:25:1b:33:5d:3b:68:57:00:a5:96:a0:dd:
e6:05:af:5c:c0:1e:41:d4:bb:8a:fe:98:e6:e8:46:
c9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2E:00:8D:22:23:2F:A5:C6:DA:4A:37:C6:3F:06:10:2B:C3:DE:AF
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/My4AjSIjL6XG2ko3xj8GECvD3q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f826:7::/48
Signature Algorithm: sha256WithRSAEncryption
01:f7:f0:c2:fe:07:78:8f:8d:01:24:a0:af:68:50:41:37:21:
78:44:43:8f:50:f9:06:fa:d2:dc:b6:97:cf:ae:44:9a:ce:d1:
b3:1f:82:58:c0:da:08:c0:ff:86:05:28:34:8d:6f:12:ea:f4:
ea:cb:d0:64:70:39:6f:f8:3d:58:d2:68:77:29:fc:2e:c0:e8:
bf:d8:08:2a:ad:1b:70:e2:50:75:3b:0b:21:e9:97:63:34:f1:
4d:86:50:c8:ff:41:01:f5:2b:16:ba:4d:49:f0:6e:f6:7c:85:
94:f6:e8:5b:4e:d3:a5:06:2e:eb:c8:8e:47:33:57:12:d0:e3:
d0:79:e6:f4:15:bd:aa:ad:97:dc:09:94:12:1a:f9:e8:5b:fe:
aa:8b:80:16:bf:75:c6:18:f7:d7:d7:9f:42:fd:50:15:0d:9c:
02:e6:d5:28:f5:d7:6e:c3:23:b7:59:6f:a4:a2:8e:80:dd:08:
29:54:f5:74:e9:9b:5f:b2:fb:85:55:b0:19:a1:ba:5a:a2:09:
87:4d:2c:fe:cf:b5:11:0f:fd:6f:82:cd:76:f7:9e:d6:d0:a9:
eb:45:67:30:33:21:91:ca:67:9c:3f:9b:e3:18:45:c9:f1:4d:
fe:89:42:b7:9d:ff:df:63:ef:6c:54:8b:5f:e3:a1:79:7c:98:
f0:d3:bb:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSuW4nLpp2BxhGKl6etBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzJlMDA4ZDIyMjMyZmE1YzZkYTRhMzdjNjNmMDYxMDJiYzNkZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNwprrz7JpMd1Mv2VKtQXee9EwTX
zoakLeuMOzZJNkP/SshXvojSdjom0dPsEETwHwizk90HOrB4LR7t4moQHGFMgOWr
3QozuA8+g5uphQ5YOnGYaoMDwxNNEy3jYJdnM4Rsysp5nN4TkOuHf0RACTxUojlY
dQ2VYctDJvFrFVj8vFFZglgRm1OkrWAloX+ZNktMU5OdfrGs+0B5+X/ggssK6lFW
OIMJmwTBGQ5m5RViGi4LVNDI1CXJGQCLHEneQCpGnb6DewACyfFLMaedAk36+k7k
9cO+fO9EQjnjP/9Q7JUlGzNdO2hXAKWWoN3mBa9cwB5B1LuK/pjm6EbJcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDMuAI0iIy+lxtpKN8Y/BhArw96vMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTXk0QWpTSWpMNlhHMmtvM3hqOEdFQ3ZEM3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD4JgAH
MA0GCSqGSIb3DQEBCwUAA4IBAQAB9/DC/gd4j40BJKCvaFBBNyF4REOPUPkG+tLc
tpfPrkSaztGzH4JYwNoIwP+GBSg0jW8S6vTqy9BkcDlv+D1Y0mh3KfwuwOi/2Agq
rRtw4lB1Owsh6ZdjNPFNhlDI/0EB9SsWuk1J8G72fIWU9uhbTtOlBi7ryI5HM1cS
0OPQeeb0Fb2qrZfcCZQSGvnoW/6qi4AWv3XGGPfX159C/VAVDZwC5tUo9dduwyO3
WW+koo6A3QgpVPV06ZtfsvuFVbAZobpaogmHTSz+z7URD/1vgs12957W0KnrRWcw
MyGRymecP5vjGEXJ8U3+iUK3nf/fY+9sVItf46F5fJjw07ti
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:16:55 2024 by rpki-client on console-ams.rpki-client.org