Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/NhO3_RjbYIpGKWdlFLCubHI1S1Q.roa
File: NhO3_RjbYIpGKWdlFLCubHI1S1Q.roa (raw, json)
Hash identifier: Bx1MYNMWhkMUsNXeW8txyueZdiri180rcR0ME4YiE/o=
Subject key identifier: 36:13:B7:FD:18:DB:60:8A:46:29:67:65:14:B0:AE:6C:72:35:4B:54
Certificate issuer: /CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Certificate serial: 018CC5DCF4D5AD7021FB16C1BE80C7976E50
Authority key identifier: 0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/NhO3_RjbYIpGKWdlFLCubHI1S1Q.roa
Signing time: Mon 01 Jan 2024 16:30:41 +0000
ROA not before: Mon 01 Jan 2024 16:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43126
IP address blocks: 2a0f:607:1060::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:f4:d5:ad:70:21:fb:16:c1:be:80:c7:97:6e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c21b925b4c4bcc30f77c9c41ba8d040ac95dfc6
Validity
Not Before: Jan 1 16:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3613b7fd18db608a4629676514b0ae6c72354b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3e:6f:3d:92:e5:89:44:48:76:b8:d1:c6:63:
63:2c:25:a0:3a:a4:b5:58:86:fd:79:fc:d2:7e:2e:
44:ff:72:53:b9:3d:7c:9c:e5:7b:12:4d:15:c5:8e:
f8:c1:7c:9d:e3:74:54:7b:ea:39:f2:e5:ce:c9:e5:
45:ad:15:a5:89:d6:a8:ed:f5:81:ca:6e:bf:c6:08:
62:cc:7e:ca:08:2a:1e:82:fa:87:21:fe:21:e3:31:
30:ad:9b:b0:55:06:29:24:ce:4e:94:9f:e0:97:69:
c6:35:e8:48:16:69:da:8f:27:7b:b9:27:a5:67:09:
57:5f:5a:99:94:9f:9f:ce:16:49:b8:4e:1d:ce:d8:
b1:55:7e:42:ca:f6:4a:4c:b7:d3:57:45:db:de:b3:
dc:f3:47:bc:ef:d6:0f:f1:b6:bb:1a:4f:1f:ad:a1:
26:88:76:9b:a9:a4:aa:1a:47:33:af:48:b0:02:71:
da:5b:88:e4:89:bc:90:ba:35:ba:c3:a7:4e:6c:f9:
0e:02:1c:c4:ab:0f:dd:9f:ee:5a:f1:dc:f3:a0:a9:
6e:a4:09:85:e7:d3:47:7f:e2:ff:b6:96:49:85:5d:
8a:92:5c:c3:fd:77:26:5b:16:7b:86:6d:6a:db:24:
9a:b7:5f:8c:51:a0:4f:c6:cf:8b:10:dc:09:8f:87:
25:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:13:B7:FD:18:DB:60:8A:46:29:67:65:14:B0:AE:6C:72:35:4B:54
X509v3 Authority Key Identifier:
keyid:0C:21:B9:25:B4:C4:BC:C3:0F:77:C9:C4:1B:A8:D0:40:AC:95:DF:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCG5JbTEvMMPd8nEG6jQQKyV38Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/NhO3_RjbYIpGKWdlFLCubHI1S1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/c0bd67-f7dd-4ce2-ab7e-a347564158f8/1/DCG5JbTEvMMPd8nEG6jQQKyV38Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:607:1060::/44
Signature Algorithm: sha256WithRSAEncryption
3e:0c:eb:87:24:5b:18:42:43:0a:4a:15:0f:58:70:8b:d8:0e:
a1:d2:7a:f8:7a:2d:7f:16:f7:77:54:83:9c:9b:86:9b:f8:21:
b7:3f:dc:88:c7:0e:20:33:c0:de:e8:4e:e1:ba:44:fb:be:34:
c0:51:9a:a3:a0:51:9f:db:b8:d7:a4:b7:2d:55:e5:7d:8c:ed:
bd:71:1b:4c:fc:a3:67:36:7e:41:85:85:73:84:1e:7f:89:ed:
6b:1a:38:53:be:25:d0:97:eb:2f:0e:5a:90:57:c4:7e:8c:5b:
a9:c7:9f:a1:bc:7f:6f:d9:5c:77:a0:3a:7f:f0:36:92:5a:36:
32:fb:1e:8d:5f:ec:77:db:0a:6e:7c:c3:16:4e:71:f2:cd:29:
26:d4:90:c7:a4:87:b1:6f:06:a9:69:46:bc:26:03:6b:52:b5:
8f:68:18:6f:53:0f:ae:47:60:2e:f4:e3:91:84:70:c6:6b:c8:
3f:20:d3:0e:76:40:6d:fe:70:aa:6b:3c:2c:93:ed:b4:d5:bf:
83:2b:28:ab:50:6e:4b:19:09:7b:9c:e8:2f:8d:a9:e8:24:1a:
44:8f:66:c5:b7:b9:29:a5:8e:33:16:49:5f:d6:b3:fb:bb:86:
98:93:95:3a:d6:fd:ec:cc:53:64:de:32:27:eb:5a:8d:e6:b3:
2f:95:01:30
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF3PTVrXAh+xbBvoDHl25QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjFiOTI1YjRjNGJjYzMwZjc3YzljNDFiYThkMDQwYWM5
NWRmYzYwHhcNMjQwMTAxMTYzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjEzYjdmZDE4ZGI2MDhhNDYyOTY3NjUxNGIwYWU2YzcyMzU0YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT5vPZLliURIdrjRxmNjLCWgOqS1
WIb9efzSfi5E/3JTuT18nOV7Ek0VxY74wXyd43RUe+o58uXOyeVFrRWlidao7fWB
ym6/xghizH7KCCoegvqHIf4h4zEwrZuwVQYpJM5OlJ/gl2nGNehIFmnajyd7uSel
ZwlXX1qZlJ+fzhZJuE4dztixVX5CyvZKTLfTV0Xb3rPc80e879YP8ba7Gk8fraEm
iHabqaSqGkczr0iwAnHaW4jkibyQujW6w6dObPkOAhzEqw/dn+5a8dzzoKlupAmF
59NHf+L/tpZJhV2KklzD/XcmWxZ7hm1q2ySat1+MUaBPxs+LENwJj4cltQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDYTt/0Y22CKRilnZRSwrmxyNUtUMB8GA1UdIwQY
MBaAFAwhuSW0xLzDD3fJxBuo0ECsld/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2Ut
YTM0NzU2NDE1OGY4LzEvTmhPM19SamJZSXBHS1dkbEZMQ3ViSEkxUzFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jMGJkNjctZjdkZC00Y2UyLWFiN2UtYTM0NzU2NDE1OGY4
LzEvRENHNUpiVEV2TU1QZDhuRUc2alFRS3lWMzhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg8GBxBg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+DOuHJFsYQkMKShUPWHCL2A6h0nr4ei1/Fvd3
VIOcm4ab+CG3P9yIxw4gM8De6E7hukT7vjTAUZqjoFGf27jXpLctVeV9jO29cRtM
/KNnNn5BhYVzhB5/ie1rGjhTviXQl+svDlqQV8R+jFupx5+hvH9v2Vx3oDp/8DaS
WjYy+x6NX+x32wpufMMWTnHyzSkm1JDHpIexbwapaUa8JgNrUrWPaBhvUw+uR2Au
9OORhHDGa8g/INMOdkBt/nCqazwsk+201b+DKyirUG5LGQl7nOgvjanoJBpEj2bF
t7kppY4zFklf1rP7u4aYk5U61v3szFNk3jIn61qN5rMvlQEw
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:10:05 2024 by rpki-client on console-fra.rpki-client.org