Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/5VP2o0Bt7GCX4vYPs_CK7CAEWFw.roa
File: 5VP2o0Bt7GCX4vYPs_CK7CAEWFw.roa (raw, json)
Hash identifier: 7hFz6un2wDtcnW2Hv32Sxk+2M8BMmqcxffv511Y9lOI=
Subject key identifier: E5:53:F6:A3:40:6D:EC:60:97:E2:F6:0F:B3:F0:8A:EC:20:04:58:5C
Certificate issuer: /CN=4aabd1a765ae5cbe1dc93daf024d3a47e72ac918
Certificate serial: 018CC50112D81108A728E8734A2C13D46479
Authority key identifier: 4A:AB:D1:A7:65:AE:5C:BE:1D:C9:3D:AF:02:4D:3A:47:E7:2A:C9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SqvRp2WuXL4dyT2vAk06R-cqyRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/5VP2o0Bt7GCX4vYPs_CK7CAEWFw.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210961
IP address blocks: 2001:67c:30::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/SqvRp2WuXL4dyT2vAk06R-cqyRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/SqvRp2WuXL4dyT2vAk06R-cqyRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SqvRp2WuXL4dyT2vAk06R-cqyRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:12:d8:11:08:a7:28:e8:73:4a:2c:13:d4:64:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aabd1a765ae5cbe1dc93daf024d3a47e72ac918
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e553f6a3406dec6097e2f60fb3f08aec2004585c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fa:92:70:02:1a:81:bd:88:1c:52:1c:00:d3:
5e:ad:49:26:9e:99:49:2e:bc:a5:f1:af:44:e6:45:
2d:6e:4d:36:47:24:a4:ed:84:8d:ab:56:69:69:99:
07:0f:12:1b:e9:8c:fb:93:ed:f3:54:43:ae:c9:7a:
64:b1:95:4e:11:6a:96:42:07:a8:98:01:29:73:c3:
8c:c8:98:df:00:8e:20:ac:0f:ad:56:59:48:43:39:
15:df:6f:0b:4d:91:f4:b7:94:ed:7a:47:0d:40:d9:
a8:0b:94:4c:92:b9:34:98:6e:59:41:4e:96:10:03:
55:3d:5e:a7:8c:34:fa:0c:52:49:8b:01:18:10:09:
f2:91:42:a2:92:e5:8c:84:d5:70:fd:e5:71:41:fa:
c8:56:f7:fc:e3:0f:d7:7d:a7:9a:95:32:8e:2d:09:
1a:fb:10:a7:1d:0b:de:24:07:a6:d1:a5:31:6e:4b:
c5:ee:e5:10:3a:1b:de:22:da:ca:d9:92:2a:9b:21:
6f:9b:33:77:c5:09:39:b8:21:50:98:6f:b1:bb:6a:
07:da:04:d9:41:f6:61:84:03:9a:c5:32:d7:e6:d3:
f3:af:26:20:43:ff:5a:26:38:5b:79:e5:42:60:08:
bd:4e:4f:96:ef:06:01:b5:fb:d9:b6:ea:f9:40:66:
1a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:53:F6:A3:40:6D:EC:60:97:E2:F6:0F:B3:F0:8A:EC:20:04:58:5C
X509v3 Authority Key Identifier:
keyid:4A:AB:D1:A7:65:AE:5C:BE:1D:C9:3D:AF:02:4D:3A:47:E7:2A:C9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqvRp2WuXL4dyT2vAk06R-cqyRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/5VP2o0Bt7GCX4vYPs_CK7CAEWFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/fbf239-5f8a-4d6a-a0cb-44ac6adb3a49/1/SqvRp2WuXL4dyT2vAk06R-cqyRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:30::/48
Signature Algorithm: sha256WithRSAEncryption
82:ff:dd:d9:ca:5d:e9:28:0f:e8:0f:20:61:75:bf:4f:c2:03:
94:d8:d9:18:51:1a:a9:f2:59:0e:40:40:e0:28:d8:df:47:28:
58:7c:f1:fc:d6:95:d4:cf:93:c8:19:f4:a9:69:b4:a5:45:28:
80:53:2c:90:4d:91:30:37:a3:d4:21:35:fc:3c:aa:88:09:7d:
45:66:81:22:b7:89:bb:19:a5:41:7e:4d:6b:5b:97:f2:0b:fb:
f6:1c:be:31:26:b4:89:5b:68:02:9c:07:d7:2f:1c:b2:01:72:
52:b3:58:08:66:8a:73:09:2c:70:72:20:1c:29:a8:ce:e4:a1:
9a:c4:4f:e5:cf:82:25:75:37:6e:7f:75:87:2d:b6:6d:07:f4:
2b:39:64:09:a0:b3:d2:c6:0c:ef:7a:cb:b9:97:56:45:b6:21:
72:e6:b8:ca:be:26:34:4f:a8:dc:f1:ab:67:52:44:33:80:c6:
1e:c8:1b:99:81:3f:9e:fb:96:e8:ae:7f:1a:f2:53:c3:38:05:
62:f0:c7:f1:2b:7c:9c:3c:38:6f:38:a6:2f:28:e7:9d:79:e5:
11:4f:54:34:dc:f8:10:df:bd:5c:b9:ed:c8:29:40:aa:77:5d:
86:40:41:14:76:11:13:a1:e8:4c:65:1e:4e:ca:06:c5:c8:e8:
7e:65:f2:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFARLYEQinKOhzSiwT1GR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYWJkMWE3NjVhZTVjYmUxZGM5M2RhZjAyNGQzYTQ3ZTcy
YWM5MTgwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTUzZjZhMzQwNmRlYzYwOTdlMmY2MGZiM2YwOGFlYzIwMDQ1ODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfqScAIagb2IHFIcANNerUkmnplJ
Lryl8a9E5kUtbk02RySk7YSNq1ZpaZkHDxIb6Yz7k+3zVEOuyXpksZVOEWqWQgeo
mAEpc8OMyJjfAI4grA+tVllIQzkV328LTZH0t5TtekcNQNmoC5RMkrk0mG5ZQU6W
EANVPV6njDT6DFJJiwEYEAnykUKikuWMhNVw/eVxQfrIVvf84w/XfaealTKOLQka
+xCnHQveJAem0aUxbkvF7uUQOhveItrK2ZIqmyFvmzN3xQk5uCFQmG+xu2oH2gTZ
QfZhhAOaxTLX5tPzryYgQ/9aJjhbeeVCYAi9Tk+W7wYBtfvZtur5QGYaQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOVT9qNAbexgl+L2D7PwiuwgBFhcMB8GA1UdIwQY
MBaAFEqr0adlrly+Hck9rwJNOkfnKskYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3F2UnAyV3VYTDRkeVQydkFrMDZSLWNxeVJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mYmYyMzktNWY4YS00ZDZhLWEwY2It
NDRhYzZhZGIzYTQ5LzEvNVZQMm8wQnQ3R0NYNHZZUHNfQ0s3Q0FFV0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mYmYyMzktNWY4YS00ZDZhLWEwY2ItNDRhYzZhZGIzYTQ5
LzEvU3F2UnAyV3VYTDRkeVQydkFrMDZSLWNxeVJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAAw
MA0GCSqGSIb3DQEBCwUAA4IBAQCC/93Zyl3pKA/oDyBhdb9PwgOU2NkYURqp8lkO
QEDgKNjfRyhYfPH81pXUz5PIGfSpabSlRSiAUyyQTZEwN6PUITX8PKqICX1FZoEi
t4m7GaVBfk1rW5fyC/v2HL4xJrSJW2gCnAfXLxyyAXJSs1gIZopzCSxwciAcKajO
5KGaxE/lz4IldTduf3WHLbZtB/QrOWQJoLPSxgzvesu5l1ZFtiFy5rjKviY0T6jc
8atnUkQzgMYeyBuZgT+e+5born8a8lPDOAVi8MfxK3ycPDhvOKYvKOedeeURT1Q0
3PgQ371cue3IKUCqd12GQEEUdhEToehMZR5OygbFyOh+ZfIx
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:57 2024 by rpki-client on console-ams.rpki-client.org