Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/A1fIrFGhlMbj9f33wDPuGLhFHFs.roa
File: A1fIrFGhlMbj9f33wDPuGLhFHFs.roa (raw, json)
Hash identifier: MeV5POAOc87NCzLPKxna4dr7mBmVnFs302YhzzT2y4Y=
Subject key identifier: 03:57:C8:AC:51:A1:94:C6:E3:F5:FD:F7:C0:33:EE:18:B8:45:1C:5B
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 018CC94DA5CF0A8C860DB7E7D4C72A184EEA
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/A1fIrFGhlMbj9f33wDPuGLhFHFs.roa
Signing time: Tue 02 Jan 2024 08:32:38 +0000
ROA not before: Tue 02 Jan 2024 08:32:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212085
IP address blocks: 2a0f:ca81:1330::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a5:cf:0a:8c:86:0d:b7:e7:d4:c7:2a:18:4e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 2 08:32:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0357c8ac51a194c6e3f5fdf7c033ee18b8451c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d7:20:dc:fc:70:d1:9a:b2:5f:88:08:db:4c:
ad:6a:d4:b9:0e:98:a1:c8:d2:3f:e4:c5:0c:7a:42:
ca:0b:0c:20:8c:d3:73:3e:cd:88:f5:f9:8c:50:bb:
78:e7:c9:3b:37:26:e5:4d:c5:4d:6e:cd:4d:41:78:
c7:f4:32:c6:2a:ef:cd:b8:1e:78:86:d1:28:52:23:
2b:42:5d:f0:93:8e:8a:bf:a4:82:b3:18:e3:aa:5c:
bc:b9:e4:64:c4:c2:3a:4f:58:b5:ba:ba:c4:d1:15:
65:88:1a:d6:7b:c5:0e:6d:7a:23:9f:b2:d7:60:94:
5f:06:2d:38:46:97:e0:0b:9e:d6:e5:03:38:ca:d7:
28:94:4c:d7:3f:39:3a:db:e2:3d:9b:53:3a:64:48:
de:ff:87:d5:2a:86:38:20:30:38:00:5b:65:04:ac:
c6:00:54:ea:8f:6b:9c:95:7f:e0:60:a7:99:59:e9:
c0:55:59:19:41:96:c2:44:6a:e8:36:41:b3:a6:71:
eb:bd:1c:8b:15:2d:d4:17:b2:b7:5e:14:6a:46:63:
6b:80:91:46:67:01:e9:ba:75:f7:6c:28:bb:4e:b1:
65:89:7c:98:e0:44:55:df:8a:34:08:3a:dd:d0:3c:
30:3c:00:1c:cc:d9:e0:05:7c:82:93:11:96:ff:cd:
96:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:57:C8:AC:51:A1:94:C6:E3:F5:FD:F7:C0:33:EE:18:B8:45:1C:5B
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/A1fIrFGhlMbj9f33wDPuGLhFHFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca81:1330::/44
Signature Algorithm: sha256WithRSAEncryption
89:df:79:61:48:8b:42:67:86:f5:c3:2e:67:b7:1f:52:21:aa:
d5:62:a4:26:58:10:68:38:80:2b:82:b2:ba:d1:3e:ed:f7:93:
95:f5:a6:34:92:7a:4d:71:66:93:6e:54:cc:09:a8:6d:50:42:
bb:d5:76:3b:59:63:88:4b:08:99:d8:19:de:1f:30:dd:28:07:
da:37:89:7d:91:fb:52:31:42:9a:f7:b3:53:f2:28:a3:96:d4:
74:34:29:4e:01:67:89:c5:99:0f:ce:22:4f:41:86:ec:cf:28:
0c:72:92:a6:c7:bd:57:78:f1:40:85:0e:e5:21:43:2b:18:1f:
48:f9:a9:ae:d4:b0:34:46:5b:6c:21:5f:e1:97:95:6b:f5:f1:
c4:f5:c7:46:eb:31:9b:f8:55:bd:67:f0:30:fe:b4:f3:a6:8a:
f1:c8:00:ce:cd:67:e8:72:25:05:c9:d7:2a:d1:16:c1:06:07:
7f:9b:a6:1e:9e:60:68:c7:42:50:c4:55:71:81:66:01:0a:39:
f2:7d:60:c8:c3:59:09:35:e7:be:31:15:20:01:e6:d6:ca:f8:
62:dc:17:50:09:32:5e:84:85:66:2c:83:7b:c7:8d:63:01:d3:
b6:8e:1b:8e:84:64:91:95:c2:a3:65:27:ff:f6:24:65:f1:1f:
68:b9:8e:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTaXPCoyGDbfn1McqGE7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjQwMTAyMDgzMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU3YzhhYzUxYTE5NGM2ZTNmNWZkZjdjMDMzZWUxOGI4NDUxYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodcg3Pxw0ZqyX4gI20ytatS5Dpih
yNI/5MUMekLKCwwgjNNzPs2I9fmMULt458k7NyblTcVNbs1NQXjH9DLGKu/NuB54
htEoUiMrQl3wk46Kv6SCsxjjqly8ueRkxMI6T1i1urrE0RVliBrWe8UObXojn7LX
YJRfBi04RpfgC57W5QM4ytcolEzXPzk62+I9m1M6ZEje/4fVKoY4IDA4AFtlBKzG
AFTqj2uclX/gYKeZWenAVVkZQZbCRGroNkGzpnHrvRyLFS3UF7K3XhRqRmNrgJFG
ZwHpunX3bCi7TrFliXyY4ERV34o0CDrd0DwwPAAczNngBXyCkxGW/82WWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFANXyKxRoZTG4/X998Az7hi4RRxbMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvQTFmSXJGR2hsTWJqOWYzM3dEUHVHTGhGSEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg/KgRMw
MA0GCSqGSIb3DQEBCwUAA4IBAQCJ33lhSItCZ4b1wy5ntx9SIarVYqQmWBBoOIAr
grK60T7t95OV9aY0knpNcWaTblTMCahtUEK71XY7WWOISwiZ2BneHzDdKAfaN4l9
kftSMUKa97NT8iijltR0NClOAWeJxZkPziJPQYbszygMcpKmx71XePFAhQ7lIUMr
GB9I+amu1LA0RltsIV/hl5Vr9fHE9cdG6zGb+FW9Z/Aw/rTzporxyADOzWfociUF
ydcq0RbBBgd/m6YenmBox0JQxFVxgWYBCjnyfWDIw1kJNee+MRUgAebWyvhi3BdQ
CTJehIVmLIN7x41jAdO2jhuOhGSRlcKjZSf/9iRl8R9ouY6i
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:12:38 2024 by rpki-client on console-ams.rpki-client.org