Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/dS06vhn_OGWLfPb2PicMba97w8E.roa
File: dS06vhn_OGWLfPb2PicMba97w8E.roa (raw, json)
Hash identifier: TtxCHJajuqj1fH3tNFboWj0trKHXdqDUJAZ14WLnZwA=
Subject key identifier: 75:2D:3A:BE:19:FF:38:65:8B:7C:F6:F6:3E:27:0C:6D:AF:7B:C3:C1
Certificate issuer: /CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Certificate serial: 0190E5B6DBB5FC79EA689BA0397D58F82859
Authority key identifier: A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/dS06vhn_OGWLfPb2PicMba97w8E.roa
Signing time: Wed 24 Jul 2024 17:08:04 +0000
ROA not before: Wed 24 Jul 2024 17:08:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216219
IP address blocks: 2a13:f740::/48 maxlen: 48
2a13:f740:1::/48 maxlen: 48
2a13:f740:2::/48 maxlen: 48
2a13:f740:3::/48 maxlen: 48
2a13:f740:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e5:b6:db:b5:fc:79:ea:68:9b:a0:39:7d:58:f8:28:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Validity
Not Before: Jul 24 17:08:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=752d3abe19ff38658b7cf6f63e270c6daf7bc3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c6:cf:b6:7a:91:0a:01:d4:99:1e:17:43:d4:
47:8b:68:35:e1:20:27:ca:4c:f2:e2:7a:e7:f9:48:
61:d3:eb:e3:e9:e3:fa:df:08:97:40:2d:59:dd:e2:
3e:c8:92:e2:65:84:24:7b:cc:ec:b7:6d:8b:a5:e5:
d2:5e:61:c9:e3:12:a5:8d:17:5f:30:03:0c:d5:1a:
03:8c:7e:e6:c8:7b:da:e7:a6:4a:e1:2f:9d:ee:82:
55:36:4b:43:88:66:a1:3e:fb:46:5e:47:dc:7b:74:
2a:bb:79:8f:81:e6:6e:8a:8f:c6:5e:ea:f3:9f:9e:
1d:90:db:ef:d7:a7:ff:e0:d8:7e:92:68:77:8a:65:
32:12:66:de:a2:e4:c4:a2:37:68:91:eb:b6:e4:07:
da:ba:49:9c:bd:2c:88:ce:62:8b:56:43:bf:41:01:
d5:b3:e2:c0:19:74:36:8d:f2:fd:51:a0:d9:b2:87:
33:77:37:3a:1d:ec:2d:14:51:e9:20:18:f5:a2:43:
fe:ea:ae:e4:cd:03:f3:3f:f7:d8:0f:ff:c1:bd:c6:
6b:e8:15:06:5d:61:56:18:2b:eb:5e:af:96:46:22:
b3:74:aa:03:e0:7c:48:5a:d4:69:e3:31:e9:c1:19:
31:ff:84:3d:ec:8f:1e:87:99:15:ea:b9:e6:fc:69:
11:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:2D:3A:BE:19:FF:38:65:8B:7C:F6:F6:3E:27:0C:6D:AF:7B:C3:C1
X509v3 Authority Key Identifier:
keyid:A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/dS06vhn_OGWLfPb2PicMba97w8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f740::-2a13:f740:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
58:7a:a6:07:34:6f:f1:6a:f9:69:50:35:c6:1a:18:4b:70:10:
a5:b8:04:40:36:20:7a:80:3f:2a:5a:b3:2e:39:d1:68:f8:df:
eb:40:48:4e:65:c6:82:f3:d8:e4:e0:24:7d:ab:ca:14:b6:e5:
ec:95:4b:cc:8c:56:4e:e1:11:12:da:8d:da:f0:fa:24:52:7a:
de:c2:ce:24:11:bb:c7:a1:1a:69:7c:af:22:b7:b0:4e:f0:43:
0d:ac:51:61:98:d3:45:5d:f6:a0:13:15:32:c5:f7:b3:ed:57:
d7:31:48:ec:0b:d7:77:43:c1:96:32:cd:27:8a:9d:a5:7f:96:
a7:19:ca:d2:37:cb:99:6d:64:91:16:4d:f4:58:1e:7a:8a:4a:
ce:41:49:3b:db:2b:e7:ce:55:5a:75:f4:b9:18:d6:bc:b4:df:
09:16:1e:15:38:0c:5f:e2:b5:f7:99:b9:7f:13:ff:b7:5c:5d:
00:78:03:f3:55:d7:25:84:4e:aa:b7:d6:f4:48:c9:e4:6d:79:
55:d6:c1:bc:81:26:b6:51:de:20:c4:81:b9:7e:42:98:d0:68:
8b:c4:4d:a4:db:08:c6:22:a2:0f:a0:6d:d5:3b:31:2c:9d:33:
c1:60:64:53:68:57:f6:60:26:76:7d:b1:d2:bf:b7:4e:2b:6d:
f4:86:44:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDlttu1/HnqaJugOX1Y+ChZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YThhNjkwMDlhZDJlODkwOTg2YmRkNzZjNjMzYzFiMzFm
MDZmM2EwHhcNMjQwNzI0MTcwODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTJkM2FiZTE5ZmYzODY1OGI3Y2Y2ZjYzZTI3MGM2ZGFmN2JjM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcbPtnqRCgHUmR4XQ9RHi2g14SAn
ykzy4nrn+Uhh0+vj6eP63wiXQC1Z3eI+yJLiZYQke8zst22LpeXSXmHJ4xKljRdf
MAMM1RoDjH7myHva56ZK4S+d7oJVNktDiGahPvtGXkfce3Qqu3mPgeZuio/GXurz
n54dkNvv16f/4Nh+kmh3imUyEmbeouTEojdokeu25AfaukmcvSyIzmKLVkO/QQHV
s+LAGXQ2jfL9UaDZsoczdzc6HewtFFHpIBj1okP+6q7kzQPzP/fYD//BvcZr6BUG
XWFWGCvrXq+WRiKzdKoD4HxIWtRp4zHpwRkx/4Q97I8eh5kV6rnm/GkRWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUtOr4Z/zhli3z29j4nDG2ve8PBMB8GA1UdIwQY
MBaAFKWoppAJrS6JCYa912xjPBsx8G86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYt
YjEyZWJmMzQ1YmMzLzEvZFMwNnZobl9PR1dMZlBiMlBpY01iYTk3dzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYtYjEyZWJmMzQ1YmMz
LzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqE/dA
AwcAKhP3QAAEMA0GCSqGSIb3DQEBCwUAA4IBAQBYeqYHNG/xavlpUDXGGhhLcBCl
uARANiB6gD8qWrMuOdFo+N/rQEhOZcaC89jk4CR9q8oUtuXslUvMjFZO4RES2o3a
8PokUnrews4kEbvHoRppfK8it7BO8EMNrFFhmNNFXfagExUyxfez7VfXMUjsC9d3
Q8GWMs0nip2lf5anGcrSN8uZbWSRFk30WB56ikrOQUk72yvnzlVadfS5GNa8tN8J
Fh4VOAxf4rX3mbl/E/+3XF0AeAPzVdclhE6qt9b0SMnkbXlV1sG8gSa2Ud4gxIG5
fkKY0GiLxE2k2wjGIqIPoG3VOzEsnTPBYGRTaFf2YCZ2fbHSv7dOK230hkRs
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:15 2024 by rpki-client on console-ams.rpki-client.org