Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/usXd_oSAX0PM-sst0J_qLa0j9-0.roa
File: usXd_oSAX0PM-sst0J_qLa0j9-0.roa (raw, json)
Hash identifier: PNkZXvOoRyxuhmU8tVGIQQNJE4V8eMblQ35Aswa6dyg=
Subject key identifier: BA:C5:DD:FE:84:80:5F:43:CC:FA:CB:2D:D0:9F:EA:2D:AD:23:F7:ED
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018F2036173016499815088F8320C1FC32F8
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/usXd_oSAX0PM-sst0J_qLa0j9-0.roa
Signing time: Sat 27 Apr 2024 15:39:26 +0000
ROA not before: Sat 27 Apr 2024 15:39:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 2a0f:7803:fb4e::/48 maxlen: 48
2a0f:7803:fe50::/44 maxlen: 48
2a0f:7803:fec0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Nov 2024 10:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:20:36:17:30:16:49:98:15:08:8f:83:20:c1:fc:32:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Apr 27 15:39:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bac5ddfe84805f43ccfacb2dd09fea2dad23f7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:53:96:ca:ce:0a:41:f1:72:21:6b:0e:bb:c5:
e2:d6:49:48:a8:26:3d:b6:7c:5f:81:93:9d:5f:65:
de:ec:0a:64:22:23:27:e9:a5:fb:b7:05:10:1b:90:
a0:1f:b7:48:97:26:9a:51:49:09:3c:d2:08:b4:5f:
19:f9:ed:cd:c0:34:fa:32:89:38:45:b1:e2:68:ca:
95:ce:5b:6a:dc:46:1d:ae:ba:77:bc:00:51:79:8c:
d1:62:cb:8d:bd:3c:14:15:dc:da:a1:c6:77:8e:fe:
be:3d:4d:ab:09:22:fa:8c:d5:1c:0f:74:4b:95:32:
49:9e:4f:8c:a5:57:64:fc:2e:88:ed:63:68:3b:04:
ed:6c:5e:ca:81:3e:48:57:fd:36:25:78:29:5a:08:
aa:36:d3:36:6d:34:70:3d:52:c6:f5:a9:ce:6c:66:
82:da:72:c5:6d:79:a8:e1:9b:12:14:8a:cc:25:b4:
88:0d:51:77:af:01:36:5e:5f:64:66:e0:78:49:80:
93:17:78:55:a2:30:fb:6f:d1:b1:28:7e:ad:a1:c7:
73:c4:13:3b:77:d5:a3:a7:31:5e:9d:85:b3:1d:72:
db:b3:0a:76:33:2a:17:0a:ab:c6:7e:ea:30:41:7f:
90:64:72:44:e6:48:ad:13:3b:c1:1f:85:03:8d:05:
d4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C5:DD:FE:84:80:5F:43:CC:FA:CB:2D:D0:9F:EA:2D:AD:23:F7:ED
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/usXd_oSAX0PM-sst0J_qLa0j9-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:fb4e::/48
2a0f:7803:fe50::/44
2a0f:7803:fec0::/44
Signature Algorithm: sha256WithRSAEncryption
40:09:d8:cd:47:ee:d9:19:92:54:06:f5:3d:ea:73:35:92:0b:
f1:0f:b6:48:e5:10:c7:af:b8:d8:2d:21:2e:94:85:91:1d:ce:
26:62:8a:d1:6e:8a:26:fe:41:c5:a9:4f:7f:bd:cf:fe:19:d1:
b5:a8:67:91:bd:6c:16:56:5c:5f:96:41:66:0f:9d:dd:b2:4a:
9f:46:c7:5b:82:a8:e5:d5:a6:ad:a5:b7:b7:ea:fd:aa:a8:de:
f5:50:b1:97:0a:6d:01:65:4b:cd:d8:01:9a:7e:c3:3f:7e:41:
0a:72:c8:3d:60:46:37:02:0e:56:e4:af:92:72:2a:c2:02:3f:
fc:4d:ed:c0:03:4c:95:e5:07:2e:1c:52:f9:5e:f9:d3:23:50:
c4:e3:09:c0:7c:bd:6b:5e:44:50:ce:d5:bd:45:f6:bf:1d:24:
69:1d:ad:53:17:37:7d:79:c4:f9:52:ba:59:c8:92:25:c0:35:
6d:e0:a1:4b:3e:35:86:61:83:27:76:0b:56:f8:e8:a4:4d:f7:
db:9c:5a:d0:6e:7f:86:1f:69:bb:94:ff:80:d2:84:ae:14:2c:
c5:13:1a:d0:b0:4e:9c:c4:dd:1c:f9:51:d8:81:a6:59:6b:c3:
31:75:41:21:cb:bc:63:ed:0e:25:32:8b:ba:14:7b:b6:16:7e:
22:49:5a:81
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8gNhcwFkmYFQiPgyDB/DL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwNDI3MTUzOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM1ZGRmZTg0ODA1ZjQzY2NmYWNiMmRkMDlmZWEyZGFkMjNmN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1OWys4KQfFyIWsOu8Xi1klIqCY9
tnxfgZOdX2Xe7ApkIiMn6aX7twUQG5CgH7dIlyaaUUkJPNIItF8Z+e3NwDT6Mok4
RbHiaMqVzltq3EYdrrp3vABReYzRYsuNvTwUFdzaocZ3jv6+PU2rCSL6jNUcD3RL
lTJJnk+MpVdk/C6I7WNoOwTtbF7KgT5IV/02JXgpWgiqNtM2bTRwPVLG9anObGaC
2nLFbXmo4ZsSFIrMJbSIDVF3rwE2Xl9kZuB4SYCTF3hVojD7b9GxKH6tocdzxBM7
d9WjpzFenYWzHXLbswp2MyoXCqvGfuowQX+QZHJE5kitEzvBH4UDjQXUBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLrF3f6EgF9DzPrLLdCf6i2tI/ftMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvdXNYZF9vU0FYMFBNLXNzdDBKX3FMYTBqOS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg94A/tO
AwcEKg94A/5QAwcEKg94A/7AMA0GCSqGSIb3DQEBCwUAA4IBAQBACdjNR+7ZGZJU
BvU96nM1kgvxD7ZI5RDHr7jYLSEulIWRHc4mYorRboom/kHFqU9/vc/+GdG1qGeR
vWwWVlxflkFmD53dskqfRsdbgqjl1aatpbe36v2qqN71ULGXCm0BZUvN2AGafsM/
fkEKcsg9YEY3Ag5W5K+ScirCAj/8Te3AA0yV5QcuHFL5XvnTI1DE4wnAfL1rXkRQ
ztW9Rfa/HSRpHa1TFzd9ecT5UrpZyJIlwDVt4KFLPjWGYYMndgtW+OikTffbnFrQ
bn+GH2m7lP+A0oSuFCzFExrQsE6cxN0c+VHYgaZZa8MxdUEhy7xj7Q4lMou6FHu2
Fn4iSVqB
-----END CERTIFICATE-----
Generated at Sun Nov 10 17:03:05 2024 by rpki-client on console-fra.rpki-client.org