Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/vjCb31anXB6oWaUQw6Q4B-k6_38.roa
File: vjCb31anXB6oWaUQw6Q4B-k6_38.roa (raw, json)
Hash identifier: u/xWSzZGyLpQB89GlVzUSQGw3KklbeBXVXgVFlR0zEc=
Subject key identifier: BE:30:9B:DF:56:A7:5C:1E:A8:59:A5:10:C3:A4:38:07:E9:3A:FF:7F
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 018D292ADE2F10CC3321D6A651B7D7FA8F88
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/vjCb31anXB6oWaUQw6Q4B-k6_38.roa
Signing time: Sat 20 Jan 2024 23:18:11 +0000
ROA not before: Sat 20 Jan 2024 23:18:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216054
IP address blocks: 2a14:4f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:29:2a:de:2f:10:cc:33:21:d6:a6:51:b7:d7:fa:8f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Jan 20 23:18:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be309bdf56a75c1ea859a510c3a43807e93aff7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8b:ea:2a:43:60:a8:92:63:e7:b9:05:39:fb:
6b:ed:cf:29:d6:1f:da:12:63:df:56:10:d7:a1:f1:
71:bf:d7:29:ff:11:72:bb:a9:b9:19:99:de:3e:09:
0f:f0:60:3b:63:2d:54:52:48:41:bb:39:1c:bc:47:
e2:b9:3c:8b:01:4f:02:05:d1:c6:05:ef:14:33:b4:
9e:0f:8f:96:bd:f5:74:42:9e:2e:e5:92:af:03:bd:
23:9f:2a:04:ca:c6:44:7a:2a:9b:5a:20:9f:32:3d:
3d:9c:85:31:23:da:c5:4d:7e:57:69:0c:b8:d6:9a:
9a:cd:b2:ea:66:14:c9:19:52:2d:81:97:13:f8:38:
3b:a6:63:f2:6d:50:f1:53:e1:2c:52:e9:bc:b5:83:
ec:8b:bb:c7:68:c4:61:d4:58:6e:a9:ac:c7:03:94:
c5:54:73:42:5e:5c:73:66:57:b7:42:47:d3:76:f7:
5d:dc:9c:03:31:df:e3:9d:a8:fa:56:d8:ab:59:d5:
54:92:a1:87:06:96:74:89:22:81:80:f6:9f:6f:25:
2a:57:b3:ec:ab:45:92:c8:a0:1b:a5:25:20:d4:45:
67:69:cb:a6:70:e5:76:1e:2d:3a:00:f9:55:6c:a2:
9f:b2:99:4d:ff:d4:11:05:45:59:50:28:b2:fd:86:
92:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:30:9B:DF:56:A7:5C:1E:A8:59:A5:10:C3:A4:38:07:E9:3A:FF:7F
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/vjCb31anXB6oWaUQw6Q4B-k6_38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
00:8d:d3:bf:f8:fc:67:56:9a:3e:7a:20:c6:ff:08:ac:1a:95:
45:65:5c:c8:ac:12:78:7f:d0:c6:44:6c:31:20:99:b9:ce:48:
83:4a:ad:e2:f4:91:12:6c:3d:5f:75:c5:da:2f:29:17:e9:6e:
8c:59:08:c1:e1:78:bd:35:8e:30:3a:ce:f4:dd:3b:c9:39:89:
a5:48:64:a7:cb:c8:fc:04:ee:d2:67:54:0b:57:ce:52:75:c8:
f4:a7:b5:1c:c2:33:78:1c:12:db:73:d3:d5:67:6f:79:fe:67:
35:df:6c:c8:88:a2:2f:9c:8d:15:58:91:9e:17:1f:ea:3c:d5:
a3:b9:f8:2b:e2:4c:9a:05:c5:b0:55:89:76:c2:ca:a5:6a:83:
f8:bf:25:9a:5b:f4:3a:c1:8d:aa:d6:fc:f1:42:45:aa:c9:33:
5f:3e:18:08:0b:0e:1f:bf:3d:c8:7b:e5:9f:f4:6b:a4:7b:fb:
fb:f5:c6:10:cc:4d:3b:b6:1d:ac:b5:54:f6:bb:78:61:cb:7b:
6e:6a:61:93:c5:1d:8a:66:49:41:2b:10:0c:f5:71:49:f0:d5:
bf:ff:91:26:6b:02:fa:f8:1a:b0:6d:8a:1c:62:8f:da:9d:85:
46:ba:00:af:09:72:2a:f3:9e:32:5f:3e:7a:cf:9f:96:ff:d2:
bd:46:31:0b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY0pKt4vEMwzIdamUbfX+o+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjQwMTIwMjMxODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTMwOWJkZjU2YTc1YzFlYTg1OWE1MTBjM2E0MzgwN2U5M2FmZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnovqKkNgqJJj57kFOftr7c8p1h/a
EmPfVhDXofFxv9cp/xFyu6m5GZnePgkP8GA7Yy1UUkhBuzkcvEfiuTyLAU8CBdHG
Be8UM7SeD4+WvfV0Qp4u5ZKvA70jnyoEysZEeiqbWiCfMj09nIUxI9rFTX5XaQy4
1pqazbLqZhTJGVItgZcT+Dg7pmPybVDxU+EsUum8tYPsi7vHaMRh1FhuqazHA5TF
VHNCXlxzZle3QkfTdvdd3JwDMd/jnaj6VtirWdVUkqGHBpZ0iSKBgPafbyUqV7Ps
q0WSyKAbpSUg1EVnacumcOV2Hi06APlVbKKfsplN/9QRBUVZUCiy/YaSGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL4wm99Wp1weqFmlEMOkOAfpOv9/MB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvdmpDYjMxYW5YQjZvV2FVUXc2UTRCLWs2XzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAI3Tv/j8Z1aaPnogxv8IrBqVRWVcyKwSeH/QxkRs
MSCZuc5Ig0qt4vSREmw9X3XF2i8pF+lujFkIweF4vTWOMDrO9N07yTmJpUhkp8vI
/ATu0mdUC1fOUnXI9Ke1HMIzeBwS23PT1Wdvef5nNd9syIiiL5yNFViRnhcf6jzV
o7n4K+JMmgXFsFWJdsLKpWqD+L8lmlv0OsGNqtb88UJFqskzXz4YCAsOH789yHvl
n/RrpHv7+/XGEMxNO7YdrLVU9rt4Yct7bmphk8UdimZJQSsQDPVxSfDVv/+RJmsC
+vgasG2KHGKP2p2FRroArwlyKvOeMl8+es+flv/SvUYxCw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:30:08 2024 by rpki-client on console-ams.rpki-client.org