Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/0cqXSzv4VuB4JQ8P-APOgsdsK60.roa
File: 0cqXSzv4VuB4JQ8P-APOgsdsK60.roa (raw, json)
Hash identifier: +3Wtw2XldcQSODQELpOWPEK0CGjmX4KNsKkI3rn48yU=
Subject key identifier: D1:CA:97:4B:3B:F8:56:E0:78:25:0F:0F:F8:03:CE:82:C7:6C:2B:AD
Certificate issuer: /CN=9a5550e908a9b9688c29aac9895353dea836c45a
Certificate serial: 018CC64AA96E9C74F260E2FCBAED48806709
Authority key identifier: 9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/0cqXSzv4VuB4JQ8P-APOgsdsK60.roa
Signing time: Mon 01 Jan 2024 18:30:30 +0000
ROA not before: Mon 01 Jan 2024 18:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62571
IP address blocks: 2a02:e982:1e::/48 maxlen: 48
2a02:e982:31::/48 maxlen: 48
2a02:e980:1e::/48 maxlen: 48
2a02:e980:25::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a9:6e:9c:74:f2:60:e2:fc:ba:ed:48:80:67:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5550e908a9b9688c29aac9895353dea836c45a
Validity
Not Before: Jan 1 18:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1ca974b3bf856e078250f0ff803ce82c76c2bad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:6a:fe:d3:52:6b:93:be:9f:62:14:94:a9:
39:77:14:8d:ef:55:0c:a9:da:48:ff:c7:3f:21:9f:
34:ef:5b:20:16:96:a6:26:57:b6:b9:90:d0:e9:37:
9c:a4:1c:dd:63:4d:1c:a2:92:20:80:bf:ff:dc:02:
a6:fa:3d:ba:86:62:06:5b:fa:a9:ec:0e:ed:21:ce:
6f:9a:84:91:80:8a:b6:2e:f0:08:7b:dd:86:5d:39:
30:28:ff:8b:23:8b:d2:78:48:e8:4d:f1:d7:2c:b5:
f9:27:a5:20:56:76:f1:43:62:4f:c4:05:c6:35:59:
17:0b:14:d2:b2:c2:f0:ef:7e:09:9c:63:09:91:48:
12:13:cb:79:8c:7c:3a:ba:92:8b:74:6c:30:66:1b:
5f:42:1e:df:b6:39:96:f9:c2:e9:40:c9:8f:30:e2:
b6:8d:3c:6f:5b:c7:13:1a:27:56:fc:2a:19:b2:33:
0a:05:7f:b6:96:8b:06:6f:c6:3d:81:a0:1e:d0:c2:
4b:84:07:19:cd:52:dd:c9:c9:74:89:82:a7:94:26:
ed:02:25:96:8d:0c:a5:5f:4c:3f:11:7f:67:a8:1e:
08:03:ff:9a:8a:38:f0:e4:94:9f:81:0d:be:4e:0e:
a8:41:7c:58:67:d0:45:31:e5:e3:0a:fb:75:17:1d:
f7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CA:97:4B:3B:F8:56:E0:78:25:0F:0F:F8:03:CE:82:C7:6C:2B:AD
X509v3 Authority Key Identifier:
keyid:9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/0cqXSzv4VuB4JQ8P-APOgsdsK60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e980:1e::/48
2a02:e980:25::/48
2a02:e982:1e::/48
2a02:e982:31::/48
Signature Algorithm: sha256WithRSAEncryption
57:ff:ec:c8:ce:e0:e6:d7:3e:c4:b5:2a:1e:b9:10:86:f7:55:
54:3e:5a:9c:cb:b6:fa:9b:6d:32:ab:a2:97:48:45:fe:9f:24:
67:e1:bb:9d:1b:f0:0a:a5:1e:2c:e0:84:cb:cf:17:63:e3:77:
01:48:be:b7:46:14:5d:6e:c8:1e:0c:93:c4:96:08:3d:3a:77:
e2:e3:45:85:95:47:6a:46:9a:77:36:4a:e9:05:ad:0b:b6:89:
59:85:67:88:05:ec:cc:54:72:be:be:7b:f0:a8:30:a5:71:08:
82:d6:46:27:1d:b1:c5:5f:e5:db:94:93:c6:22:6b:49:8a:03:
8d:36:b9:8e:33:f2:05:d5:10:e2:93:12:1c:4e:00:9a:79:63:
aa:8f:5e:a6:81:53:9a:0e:77:ee:d6:30:4c:f4:27:64:95:64:
5b:2c:18:9a:ab:a2:be:2f:40:08:45:0b:fc:91:7f:ba:22:43:
56:ea:c4:d9:e8:7d:42:79:f1:5e:28:ea:08:99:0b:9c:ce:2b:
ee:58:25:09:9b:d6:fc:e0:ff:fa:57:19:c9:0e:b0:fd:12:e9:
14:1c:7e:b2:0f:c0:b0:db:f0:15:53:f7:68:81:d4:1e:bd:a7:
9f:5e:99:65:c4:9b:ef:e1:d3:25:35:90:a9:0e:78:86:59:22:
e0:f8:c5:66
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSqlunHTyYOL8uu1IgGcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTU1MGU5MDhhOWI5Njg4YzI5YWFjOTg5NTM1M2RlYTgz
NmM0NWEwHhcNMjQwMTAxMTgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWNhOTc0YjNiZjg1NmUwNzgyNTBmMGZmODAzY2U4MmM3NmMyYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwotq/tNSa5O+n2IUlKk5dxSN71UM
qdpI/8c/IZ8071sgFpamJle2uZDQ6TecpBzdY00copIggL//3AKm+j26hmIGW/qp
7A7tIc5vmoSRgIq2LvAIe92GXTkwKP+LI4vSeEjoTfHXLLX5J6UgVnbxQ2JPxAXG
NVkXCxTSssLw734JnGMJkUgSE8t5jHw6upKLdGwwZhtfQh7ftjmW+cLpQMmPMOK2
jTxvW8cTGidW/CoZsjMKBX+2losGb8Y9gaAe0MJLhAcZzVLdycl0iYKnlCbtAiWW
jQylX0w/EX9nqB4IA/+aijjw5JSfgQ2+Tg6oQXxYZ9BFMeXjCvt1Fx33rwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNHKl0s7+FbgeCUPD/gDzoLHbCutMB8GA1UdIwQY
MBaAFJpVUOkIqblojCmqyYlTU96oNsRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTIt
MTM5OWEyODIyMjdhLzEvMGNxWFN6djRWdUI0SlE4UC1BUE9nc2RzSzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTItMTM5OWEyODIyMjdh
LzEvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgLpgAAe
AwcAKgLpgAAlAwcAKgLpggAeAwcAKgLpggAxMA0GCSqGSIb3DQEBCwUAA4IBAQBX
/+zIzuDm1z7EtSoeuRCG91VUPlqcy7b6m20yq6KXSEX+nyRn4budG/AKpR4s4ITL
zxdj43cBSL63RhRdbsgeDJPElgg9Onfi40WFlUdqRpp3NkrpBa0LtolZhWeIBezM
VHK+vnvwqDClcQiC1kYnHbHFX+XblJPGImtJigONNrmOM/IF1RDikxIcTgCaeWOq
j16mgVOaDnfu1jBM9CdklWRbLBiaq6K+L0AIRQv8kX+6IkNW6sTZ6H1CefFeKOoI
mQuczivuWCUJm9b84P/6VxnJDrD9EukUHH6yD8Cw2/AVU/dogdQevaefXpllxJvv
4dMlNZCpDniGWSLg+MVm
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:30 2024 by rpki-client on console-ams.rpki-client.org