Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/A_8Jb0wbzITZAuFKlrA84rQA43A.roa
File: A_8Jb0wbzITZAuFKlrA84rQA43A.roa (raw, json)
Hash identifier: HFY+67QkfqIdB5A13X1FebmJrJlckRyQ80ZmDlihsF8=
Subject key identifier: 03:FF:09:6F:4C:1B:CC:84:D9:02:E1:4A:96:B0:3C:E2:B4:00:E3:70
Certificate issuer: /CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Certificate serial: 018CC26D149A0B4988924CBA4509E8375B91
Authority key identifier: A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/A_8Jb0wbzITZAuFKlrA84rQA43A.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:e100:1::/48 maxlen: 48
2a12:e100:2::/48 maxlen: 48
2a12:e100:10::/44 maxlen: 44
2a12:e100:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:14:9a:0b:49:88:92:4c:ba:45:09:e8:37:5b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0df7f5b6618bda23c83bed11b442041f1fb456d
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03ff096f4c1bcc84d902e14a96b03ce2b400e370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e4:f2:32:70:40:ab:8e:8a:df:2d:7e:93:06:
b0:75:05:4b:10:b0:56:98:f6:52:48:28:92:a0:7d:
2a:b2:c6:c2:3d:d6:67:a1:5b:29:d1:30:69:a4:aa:
dd:96:cd:42:12:40:a1:46:0c:b5:10:c7:80:6a:fc:
1c:e9:12:c1:a4:97:c7:46:2d:48:b0:68:ea:9c:75:
de:f7:d9:fb:ef:4e:27:a5:2c:a2:14:b2:3d:91:f4:
27:fb:45:fe:ba:6e:d3:37:04:88:49:16:43:de:cb:
15:b7:e5:39:34:84:4c:b2:dc:80:32:a4:5e:d2:0b:
6e:13:b4:49:63:16:82:b9:9c:3b:94:ce:f0:76:9f:
f1:51:be:49:4c:1b:39:9a:ba:d0:79:ea:1f:39:af:
ec:a9:d9:35:d2:9d:51:40:0c:1e:33:c1:3e:8e:03:
4b:41:9f:55:9c:66:41:68:00:27:8d:8f:fb:d5:d6:
b5:66:80:80:e8:92:0e:1f:df:5c:81:53:7c:cf:b5:
cc:fb:83:ad:81:0f:bb:79:b3:0c:6e:a0:72:fb:6a:
4c:e8:03:33:5e:46:20:7f:0c:da:7e:1a:80:31:34:
10:fc:b3:d2:94:41:44:3e:5b:f5:6b:73:a5:2f:e3:
02:e6:b3:28:95:6b:6d:64:d2:3f:6f:2d:b1:e1:60:
31:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:FF:09:6F:4C:1B:CC:84:D9:02:E1:4A:96:B0:3C:E2:B4:00:E3:70
X509v3 Authority Key Identifier:
keyid:A0:DF:7F:5B:66:18:BD:A2:3C:83:BE:D1:1B:44:20:41:F1:FB:45:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oN9_W2YYvaI8g77RG0QgQfH7RW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/A_8Jb0wbzITZAuFKlrA84rQA43A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a5728b-a36d-4fba-93aa-5f4bc900c03d/1/oN9_W2YYvaI8g77RG0QgQfH7RW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:e100:1::-2a12:e100:3:ffff:ffff:ffff:ffff:ffff
2a12:e100:10::/44
Signature Algorithm: sha256WithRSAEncryption
09:6a:ad:d1:a6:70:2d:1f:6a:e6:1e:b0:10:1a:f3:3e:eb:a3:
54:8e:63:06:cb:d8:d0:e5:cb:e3:8b:c7:bb:b6:73:55:ed:61:
92:92:a0:be:56:63:59:c3:8c:c9:9e:70:01:74:47:38:82:c5:
ef:d4:a7:c9:e5:10:ca:48:be:94:9b:aa:bf:71:cd:18:3b:f9:
c2:b8:d3:79:e6:18:c8:16:7f:46:47:ac:64:5d:cc:da:ab:32:
3c:5a:3f:bc:e8:d5:8c:3d:42:0b:f9:e0:b6:24:2a:08:33:5a:
69:fc:4c:a6:5f:4b:fe:8c:ee:79:7a:b7:96:40:9c:49:fd:64:
46:25:44:e2:87:e3:58:d2:fb:07:6d:2d:6a:51:ba:0e:5e:c2:
ed:9d:64:78:1a:c2:f8:75:28:27:98:24:0c:92:fd:25:0e:70:
6a:90:f9:dd:41:f4:28:15:dd:5c:c5:a4:dd:de:3a:99:91:7d:
dc:11:ad:92:62:b4:60:87:ca:8e:3e:45:c0:17:17:4d:f3:45:
aa:d0:02:b1:37:a8:4a:c2:35:f3:4e:d0:26:74:70:68:c8:2e:
e5:59:c4:2f:a9:67:53:15:4f:c5:75:f6:eb:f8:cd:21:89:00:
4c:ce:76:84:9f:7f:45:9e:0d:08:be:78:0b:b8:b8:9b:79:d1:
36:cd:b6:55
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzCbRSaC0mIkky6RQnoN1uRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGY3ZjViNjYxOGJkYTIzYzgzYmVkMTFiNDQyMDQxZjFm
YjQ1NmQwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2ZmMDk2ZjRjMWJjYzg0ZDkwMmUxNGE5NmIwM2NlMmI0MDBlMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeTyMnBAq46K3y1+kwawdQVLELBW
mPZSSCiSoH0qssbCPdZnoVsp0TBppKrdls1CEkChRgy1EMeAavwc6RLBpJfHRi1I
sGjqnHXe99n7704npSyiFLI9kfQn+0X+um7TNwSISRZD3ssVt+U5NIRMstyAMqRe
0gtuE7RJYxaCuZw7lM7wdp/xUb5JTBs5mrrQeeofOa/sqdk10p1RQAweM8E+jgNL
QZ9VnGZBaAAnjY/71da1ZoCA6JIOH99cgVN8z7XM+4OtgQ+7ebMMbqBy+2pM6AMz
XkYgfwzafhqAMTQQ/LPSlEFEPlv1a3OlL+MC5rMolWttZNI/by2x4WAxDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAP/CW9MG8yE2QLhSpawPOK0AONwMB8GA1UdIwQY
MBaAFKDff1tmGL2iPIO+0RtEIEHx+0VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEt
NWY0YmM5MDBjMDNkLzEvQV84SmIwd2J6SVRaQXVGS2xyQTg0clFBNDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNTcyOGItYTM2ZC00ZmJhLTkzYWEtNWY0YmM5MDBjMDNk
LzEvb045X1cyWVl2YUk4Zzc3UkcwUWdRZkg3UlcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqEuEA
AAEDBwIqEuEAAAADBwQqEuEAABAwDQYJKoZIhvcNAQELBQADggEBAAlqrdGmcC0f
auYesBAa8z7ro1SOYwbL2NDly+OLx7u2c1XtYZKSoL5WY1nDjMmecAF0RziCxe/U
p8nlEMpIvpSbqr9xzRg7+cK403nmGMgWf0ZHrGRdzNqrMjxaP7zo1Yw9Qgv54LYk
KggzWmn8TKZfS/6M7nl6t5ZAnEn9ZEYlROKH41jS+wdtLWpRug5ewu2dZHgawvh1
KCeYJAyS/SUOcGqQ+d1B9CgV3VzFpN3eOpmRfdwRrZJitGCHyo4+RcAXF03zRarQ
ArE3qErCNfNO0CZ0cGjILuVZxC+pZ1MVT8V19uv4zSGJAEzOdoSff0WeDQi+eAu4
uJt50TbNtlU=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:21:57 2024 by rpki-client on console-ams.rpki-client.org