Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/OEmOcH6u_vNM8oSPpjXL2a2Nvrk.roa
File: OEmOcH6u_vNM8oSPpjXL2a2Nvrk.roa (raw, json)
Hash identifier: zrYN3hkCMCUFYubwqpizLvEFwdOC1jS405wG9y05B0I=
Subject key identifier: 38:49:8E:70:7E:AE:FE:F3:4C:F2:84:8F:A6:35:CB:D9:AD:8D:BE:B9
Certificate issuer: /CN=9b831ee94c37b9b1159c7d7732936181ab541d80
Certificate serial: 018F242E5407650F68F9399727CC3D477CE6
Authority key identifier: 9B:83:1E:E9:4C:37:B9:B1:15:9C:7D:77:32:93:61:81:AB:54:1D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4Me6Uw3ubEVnH13MpNhgatUHYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/OEmOcH6u_vNM8oSPpjXL2a2Nvrk.roa
Signing time: Sun 28 Apr 2024 10:09:26 +0000
ROA not before: Sun 28 Apr 2024 10:09:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204704
IP address blocks: 2a0c:d880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/m4Me6Uw3ubEVnH13MpNhgatUHYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/m4Me6Uw3ubEVnH13MpNhgatUHYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4Me6Uw3ubEVnH13MpNhgatUHYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:24:2e:54:07:65:0f:68:f9:39:97:27:cc:3d:47:7c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b831ee94c37b9b1159c7d7732936181ab541d80
Validity
Not Before: Apr 28 10:09:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38498e707eaefef34cf2848fa635cbd9ad8dbeb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c0:d0:ee:2c:a0:71:9e:b7:54:3c:4b:de:10:
84:53:c5:0b:1a:46:a1:51:11:8b:11:f4:70:49:c5:
a8:bf:2e:ab:27:db:3f:e8:e8:ca:21:dd:4b:c4:26:
13:ff:89:62:0d:b3:ac:30:b6:ce:c4:82:84:ec:db:
5f:82:9d:8f:b5:02:1f:6d:0f:e5:a1:89:15:d0:42:
4f:33:b4:f1:95:78:e2:0e:63:f1:5a:5f:52:88:5a:
ba:fa:3c:1f:80:0e:ba:20:79:a8:40:d9:74:47:b3:
59:8e:db:1f:f1:f9:f0:f1:cf:65:b8:b4:7a:a0:c9:
4c:17:cf:ff:3f:c9:89:4f:ca:7b:be:70:6e:7f:22:
e6:3f:12:b8:60:2c:09:82:39:12:7c:b3:4c:01:e6:
de:66:d6:ee:5e:16:66:dd:3d:ea:e7:3d:ff:d1:17:
8c:ad:07:e1:15:40:1c:3c:58:71:f6:24:01:0f:62:
74:3a:b0:d3:33:02:d6:79:e8:4e:bf:9c:2b:bb:ad:
e4:09:0d:78:5e:cf:28:2b:9b:ad:12:97:5c:da:d7:
3e:16:b1:8e:70:34:78:39:47:ac:81:d8:f4:27:95:
bd:25:6e:96:b9:a1:d6:d7:58:c2:6a:b1:6c:84:f9:
23:2b:ad:9e:19:f1:71:5c:2c:6e:35:12:f1:63:70:
8f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:49:8E:70:7E:AE:FE:F3:4C:F2:84:8F:A6:35:CB:D9:AD:8D:BE:B9
X509v3 Authority Key Identifier:
keyid:9B:83:1E:E9:4C:37:B9:B1:15:9C:7D:77:32:93:61:81:AB:54:1D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4Me6Uw3ubEVnH13MpNhgatUHYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/OEmOcH6u_vNM8oSPpjXL2a2Nvrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/m4Me6Uw3ubEVnH13MpNhgatUHYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:d880::/32
Signature Algorithm: sha256WithRSAEncryption
41:da:6d:e7:79:7e:95:be:21:80:7f:c7:d3:90:1b:65:95:96:
4b:10:d2:05:7a:f0:8a:32:00:8a:58:65:1e:fb:26:0c:a8:9f:
14:11:22:8c:fb:8c:fe:c2:44:60:fe:43:93:86:4c:77:9b:4d:
12:14:01:e8:a4:3e:4f:b4:bc:2d:82:6f:f4:e2:78:5c:17:39:
47:3b:61:11:23:0e:b2:df:af:84:58:f0:27:79:60:15:f5:5a:
5f:39:12:28:26:16:8d:30:63:57:4d:49:27:c1:93:c1:ef:7b:
72:a4:44:fb:f7:2e:66:b6:91:6d:d0:2d:b6:95:94:24:78:4d:
f9:f5:6a:e7:bd:5a:0e:e4:d6:19:e5:0b:0d:66:33:86:e5:e9:
4c:f2:25:2c:c4:ad:15:32:81:9b:25:04:84:10:65:66:29:1c:
93:ca:00:16:b5:66:47:3e:0d:6a:d2:2c:82:46:10:b9:a8:8f:
1f:c3:dc:ee:40:d2:f8:b5:48:df:bf:86:ec:a2:a8:40:19:6e:
fc:3d:dd:21:e1:64:53:eb:f0:8c:f5:30:40:16:39:c2:0d:66:
3f:88:b5:f8:28:d8:ab:53:32:d9:e5:29:40:0d:8c:0a:fb:98:
44:8f:4f:85:be:89:d3:d3:24:0d:9d:5e:dd:53:67:a5:24:e0:
29:0f:5e:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8kLlQHZQ9o+TmXJ8w9R3zmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODMxZWU5NGMzN2I5YjExNTljN2Q3NzMyOTM2MTgxYWI1
NDFkODAwHhcNMjQwNDI4MTAwOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQ5OGU3MDdlYWVmZWYzNGNmMjg0OGZhNjM1Y2JkOWFkOGRiZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8DQ7iygcZ63VDxL3hCEU8ULGkah
URGLEfRwScWovy6rJ9s/6OjKId1LxCYT/4liDbOsMLbOxIKE7Ntfgp2PtQIfbQ/l
oYkV0EJPM7TxlXjiDmPxWl9SiFq6+jwfgA66IHmoQNl0R7NZjtsf8fnw8c9luLR6
oMlMF8//P8mJT8p7vnBufyLmPxK4YCwJgjkSfLNMAebeZtbuXhZm3T3q5z3/0ReM
rQfhFUAcPFhx9iQBD2J0OrDTMwLWeehOv5wru63kCQ14Xs8oK5utEpdc2tc+FrGO
cDR4OUesgdj0J5W9JW6WuaHW11jCarFshPkjK62eGfFxXCxuNRLxY3CPewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDhJjnB+rv7zTPKEj6Y1y9mtjb65MB8GA1UdIwQY
MBaAFJuDHulMN7mxFZx9dzKTYYGrVB2AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRNZTZVdzN1YkVWbkgxM01wTmhnYXRVSFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMTcyZTktMWM1YS00MTVjLTgwMjgt
MTI4MGYyZTc4M2Q0LzEvT0VtT2NINnVfdk5NOG9TUHBqWEwyYTJOdnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMTcyZTktMWM1YS00MTVjLTgwMjgtMTI4MGYyZTc4M2Q0
LzEvbTRNZTZVdzN1YkVWbkgxM01wTmhnYXRVSFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgzYgDAN
BgkqhkiG9w0BAQsFAAOCAQEAQdpt53l+lb4hgH/H05AbZZWWSxDSBXrwijIAilhl
HvsmDKifFBEijPuM/sJEYP5Dk4ZMd5tNEhQB6KQ+T7S8LYJv9OJ4XBc5RzthESMO
st+vhFjwJ3lgFfVaXzkSKCYWjTBjV01JJ8GTwe97cqRE+/cuZraRbdAttpWUJHhN
+fVq571aDuTWGeULDWYzhuXpTPIlLMStFTKBmyUEhBBlZikck8oAFrVmRz4NatIs
gkYQuaiPH8Pc7kDS+LVI37+G7KKoQBlu/D3dIeFkU+vwjPUwQBY5wg1mP4i1+CjY
q1My2eUpQA2MCvuYRI9Phb6J09MkDZ1e3VNnpSTgKQ9eig==
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:27:00 2024 by rpki-client on console-ams.rpki-client.org