Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/U5wKQsq4yED7UQOtd4LlmyvH1Ww.roa
File: U5wKQsq4yED7UQOtd4LlmyvH1Ww.roa (raw, json)
Hash identifier: l2C5ESNBrAxld77b3qxHHo5+M2By0kN89mW5lE7hnQI=
Subject key identifier: 53:9C:0A:42:CA:B8:C8:40:FB:51:03:AD:77:82:E5:9B:2B:C7:D5:6C
Certificate issuer: /CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a
Certificate serial: 018CC86F5E87A2DD3EC05AFCC57E97D84A7C
Authority key identifier: 65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/U5wKQsq4yED7UQOtd4LlmyvH1Ww.roa
Signing time: Tue 02 Jan 2024 04:29:51 +0000
ROA not before: Tue 02 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31317
IP address blocks: 2001:67c:2048::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5e:87:a2:dd:3e:c0:5a:fc:c5:7e:97:d8:4a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a
Validity
Not Before: Jan 2 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=539c0a42cab8c840fb5103ad7782e59b2bc7d56c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7f:13:82:49:c1:f6:68:c6:a6:1e:47:c9:dc:
50:ef:0d:a4:47:6c:1a:a3:83:8a:d8:71:7d:ff:9d:
e9:69:e9:f3:51:97:5f:05:7b:6d:92:da:41:d6:98:
15:17:af:ee:ab:63:8d:86:3c:f1:f5:00:f2:f7:fe:
05:6f:9e:26:e8:64:14:2a:d3:ed:4d:10:ba:62:6e:
26:f6:db:18:10:14:83:f7:81:ea:f4:e8:54:ec:04:
b2:69:3e:fc:57:7f:78:07:70:4c:76:5c:40:88:82:
5a:7f:2b:9f:da:39:c8:9e:24:e8:e2:b5:5f:b5:73:
05:29:25:cc:86:0d:6a:35:87:ba:74:ff:8a:e1:36:
07:51:6c:cf:dd:92:c5:4c:c2:bc:1f:30:6b:7a:a6:
2f:6b:22:db:31:93:52:d7:93:8e:2e:c3:05:ef:1e:
d3:c3:50:97:d8:bd:b8:ae:27:82:62:66:eb:67:da:
dd:db:d4:3d:fd:05:2b:77:ea:86:09:40:36:02:aa:
cd:60:89:b7:e2:b9:70:68:17:2d:78:4d:2a:58:b4:
0f:50:2b:b7:95:f8:7a:38:50:41:95:fc:22:7a:bc:
53:8d:53:15:24:ab:22:11:9e:3a:87:d6:f5:fc:86:
86:a8:38:da:fa:5a:68:77:7d:c9:e9:cb:7a:d1:c1:
9e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:9C:0A:42:CA:B8:C8:40:FB:51:03:AD:77:82:E5:9B:2B:C7:D5:6C
X509v3 Authority Key Identifier:
keyid:65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/U5wKQsq4yED7UQOtd4LlmyvH1Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2048::/48
Signature Algorithm: sha256WithRSAEncryption
89:38:e1:aa:46:6c:0b:99:ae:7e:55:ef:bd:0b:f8:6b:7f:0c:
e2:3b:5d:06:62:5e:66:2b:1f:63:d7:cf:16:1d:8c:49:3e:70:
78:c8:39:10:d0:90:9b:9a:fc:13:0a:1d:e1:a8:3a:1b:ea:d9:
26:41:20:a9:09:1e:20:20:a2:37:58:12:af:1b:c1:00:67:d6:
7e:b8:5d:97:5c:38:4d:f2:81:83:45:47:d5:23:d0:3b:bf:7d:
dc:3f:19:20:08:ec:68:fb:7d:6b:50:30:f7:d2:2d:ca:cc:94:
14:9f:35:e1:13:0e:f9:2c:9c:32:d6:35:f9:e0:0a:a1:38:12:
36:1e:4e:87:43:99:89:6e:e3:56:2f:2f:2a:98:ed:18:09:96:
37:48:20:f1:87:12:d0:e0:b5:3e:47:a3:a3:ba:4a:6d:52:70:
4c:5b:1b:1d:95:22:5c:41:a3:ed:a3:10:0a:56:bd:5a:34:1e:
b7:07:f0:b0:ed:d5:dc:e8:ca:8e:a1:62:87:db:95:5b:1d:e8:
73:d1:66:b3:41:02:13:01:b0:e9:2a:53:77:80:0c:55:a8:e4:
19:ba:1a:71:13:d5:46:9f:36:db:c3:d9:e7:6c:d1:94:fe:9d:
39:a5:58:f9:78:f9:85:49:92:f3:77:4d:98:1f:b7:1d:d5:47:
85:10:e8:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIb16Hot0+wFr8xX6X2Ep8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDY2MzI5NTc2YzljMDFiM2NkODI4NWY0YjU0YjAxNzBk
OGMzOWEwHhcNMjQwMTAyMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzljMGE0MmNhYjhjODQwZmI1MTAzYWQ3NzgyZTU5YjJiYzdkNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj38TgknB9mjGph5HydxQ7w2kR2wa
o4OK2HF9/53paenzUZdfBXttktpB1pgVF6/uq2ONhjzx9QDy9/4Fb54m6GQUKtPt
TRC6Ym4m9tsYEBSD94Hq9OhU7ASyaT78V394B3BMdlxAiIJafyuf2jnIniTo4rVf
tXMFKSXMhg1qNYe6dP+K4TYHUWzP3ZLFTMK8HzBreqYvayLbMZNS15OOLsMF7x7T
w1CX2L24rieCYmbrZ9rd29Q9/QUrd+qGCUA2AqrNYIm34rlwaBcteE0qWLQPUCu3
lfh6OFBBlfwierxTjVMVJKsiEZ46h9b1/IaGqDja+lpod33J6ct60cGeOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFOcCkLKuMhA+1EDrXeC5Zsrx9VsMB8GA1UdIwQY
MBaAFGXWYylXbJwBs82ChfS1SwFw2MOaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgt
MWU2NjUwNTEzMWNhLzEvVTV3S1FzcTR5RUQ3VVFPdGQ0TGxteXZIMVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgtMWU2NjUwNTEzMWNh
LzEvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCBI
MA0GCSqGSIb3DQEBCwUAA4IBAQCJOOGqRmwLma5+Ve+9C/hrfwziO10GYl5mKx9j
188WHYxJPnB4yDkQ0JCbmvwTCh3hqDob6tkmQSCpCR4gIKI3WBKvG8EAZ9Z+uF2X
XDhN8oGDRUfVI9A7v33cPxkgCOxo+31rUDD30i3KzJQUnzXhEw75LJwy1jX54Aqh
OBI2Hk6HQ5mJbuNWLy8qmO0YCZY3SCDxhxLQ4LU+R6OjukptUnBMWxsdlSJcQaPt
oxAKVr1aNB63B/Cw7dXc6MqOoWKH25VbHehz0WazQQITAbDpKlN3gAxVqOQZuhpx
E9VGnzbbw9nnbNGU/p05pVj5ePmFSZLzd02YH7cd1UeFEOhV
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:05:59 2024 by rpki-client on console-fra.rpki-client.org