Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/dOYC4COGFul6i3yyWrC0C1CmAJ4.roa
File: dOYC4COGFul6i3yyWrC0C1CmAJ4.roa (raw, json)
Hash identifier: lmqcFn7ikNWuJd4CBK7vIa/tEPcy/mvuzZDHZPpZRlQ=
Subject key identifier: 74:E6:02:E0:23:86:16:E9:7A:8B:7C:B2:5A:B0:B4:0B:50:A6:00:9E
Certificate issuer: /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial: 018CC42546411D91FC342F3D1AA900DD6B2E
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/dOYC4COGFul6i3yyWrC0C1CmAJ4.roa
Signing time: Mon 01 Jan 2024 08:30:26 +0000
ROA not before: Mon 01 Jan 2024 08:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212044
IP address blocks: 2a06:bbc2:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:46:41:1d:91:fc:34:2f:3d:1a:a9:00:dd:6b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
Validity
Not Before: Jan 1 08:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74e602e0238616e97a8b7cb25ab0b40b50a6009e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:31:db:52:f5:9d:5e:ee:7e:6d:d6:46:c6:b3:
53:f7:5e:b6:20:f3:45:ef:2f:85:b2:f8:35:57:00:
bc:89:90:8d:85:3d:a9:0e:08:06:88:2f:a2:1b:db:
77:49:c1:db:b6:2b:8c:a9:41:c9:45:00:9f:66:59:
bb:8a:fd:18:33:60:96:84:a3:80:43:89:e3:ad:11:
a7:01:ed:05:15:c1:66:45:65:1a:59:48:7b:16:31:
b4:93:08:0b:70:e9:c5:81:bd:b5:70:c2:fe:6e:03:
ad:33:3e:8a:4f:af:63:d4:a0:36:53:2b:78:e1:11:
17:59:5f:bc:f6:b4:b3:49:06:5b:9e:32:63:b8:76:
71:78:5b:4f:bb:f4:e3:cb:1e:0b:8d:21:81:4a:6f:
24:8d:bc:9b:05:a6:63:7f:9f:ba:02:44:55:cc:63:
22:80:4d:80:7a:fe:5a:31:3b:bc:35:1c:c3:a0:2e:
58:b1:b8:3c:98:d4:f0:af:cc:60:3e:14:0c:0c:47:
a9:f3:7e:3f:d8:b6:05:ee:9a:84:a4:1c:8d:57:0c:
7b:d7:dc:52:9b:d2:f9:55:bc:a3:89:d1:aa:6e:5f:
ed:fb:33:d0:fb:f9:59:bc:a0:b4:a0:4b:00:92:77:
5b:0b:65:dd:bf:a3:2c:e2:d4:62:65:e9:a9:ec:74:
cd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E6:02:E0:23:86:16:E9:7A:8B:7C:B2:5A:B0:B4:0B:50:A6:00:9E
X509v3 Authority Key Identifier:
keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/dOYC4COGFul6i3yyWrC0C1CmAJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:bbc2:1::/48
Signature Algorithm: sha256WithRSAEncryption
05:00:dc:bd:ae:b7:ad:22:6c:ef:a4:d5:96:de:20:94:4d:16:
f7:44:98:21:6c:3d:a5:8b:46:6d:a5:1b:9b:ff:e0:23:5c:c0:
f0:6f:69:4b:73:15:8f:05:00:1a:6d:db:3a:21:13:cd:3a:d0:
cd:dd:8b:a6:b2:6a:ad:26:09:11:65:f9:4a:df:ee:e0:a0:a2:
e6:56:5f:c4:71:11:af:3b:10:39:06:01:c7:af:2c:c2:4e:ae:
a9:d1:60:29:a0:71:a0:99:a6:ee:a0:ec:5f:98:04:5c:03:90:
f3:6e:62:9a:dd:6d:7b:d2:02:62:c5:79:a2:0f:5b:60:18:1f:
b2:76:96:57:57:13:1c:b7:4e:0e:64:7b:a5:da:5f:92:17:b7:
2b:e5:63:8c:89:04:d7:80:e8:f8:4e:61:78:45:05:2e:a2:12:
5f:e4:db:8e:2f:a2:e2:a8:26:4f:ca:bd:d8:cd:4b:e9:7e:88:
66:ad:c5:b9:b0:de:19:9c:40:ff:af:97:bf:f0:7b:1b:88:83:
fd:1c:29:c3:e5:cb:7a:d8:ac:8d:fb:76:d2:fb:f5:4d:83:a1:
7d:ce:fa:b3:81:73:7d:c8:ee:1e:25:c1:34:16:cc:2a:d4:c9:
d1:74:1f:31:69:50:c7:a8:23:17:0e:31:ab:8a:16:95:55:6c:
d4:18:9e:40
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJUZBHZH8NC89GqkA3WsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjQwMTAxMDgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGU2MDJlMDIzODYxNmU5N2E4YjdjYjI1YWIwYjQwYjUwYTYwMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzHbUvWdXu5+bdZGxrNT9162IPNF
7y+Fsvg1VwC8iZCNhT2pDggGiC+iG9t3ScHbtiuMqUHJRQCfZlm7iv0YM2CWhKOA
Q4njrRGnAe0FFcFmRWUaWUh7FjG0kwgLcOnFgb21cML+bgOtMz6KT69j1KA2Uyt4
4REXWV+89rSzSQZbnjJjuHZxeFtPu/Tjyx4LjSGBSm8kjbybBaZjf5+6AkRVzGMi
gE2Aev5aMTu8NRzDoC5Ysbg8mNTwr8xgPhQMDEep834/2LYF7pqEpByNVwx719xS
m9L5VbyjidGqbl/t+zPQ+/lZvKC0oEsAkndbC2Xdv6Ms4tRiZemp7HTNdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHTmAuAjhhbpeot8slqwtAtQpgCeMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvZE9ZQzRDT0dGdWw2aTN5eVdyQzBDMUNtQUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGItNTk5MGVhNThlMDMw
LzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKga7wgAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAFANy9rretImzvpNWW3iCUTRb3RJghbD2li0Zt
pRub/+AjXMDwb2lLcxWPBQAabds6IRPNOtDN3YumsmqtJgkRZflK3+7goKLmVl/E
cRGvOxA5BgHHryzCTq6p0WApoHGgmabuoOxfmARcA5DzbmKa3W170gJixXmiD1tg
GB+ydpZXVxMct04OZHul2l+SF7cr5WOMiQTXgOj4TmF4RQUuohJf5NuOL6LiqCZP
yr3YzUvpfohmrcW5sN4ZnED/r5e/8HsbiIP9HCnD5ct62KyN+3bS+/VNg6F9zvqz
gXN9yO4eJcE0Fswq1MnRdB8xaVDHqCMXDjGrihaVVWzUGJ5A
-----END CERTIFICATE-----
Generated at Thu May 30 13:39:41 2024 by rpki-client on console-ams.rpki-client.org