Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/RhE9MMXdfESIIfyqhVf63ERsyI8.roa
File: RhE9MMXdfESIIfyqhVf63ERsyI8.roa (raw, json)
Hash identifier: 3HEX5IDvCrQdZOdTkttT2N+J0mXJKtSOQ5vnwnytvIQ=
Subject key identifier: 46:11:3D:30:C5:DD:7C:44:88:21:FC:AA:85:57:FA:DC:44:6C:C8:8F
Certificate issuer: /CN=33ae399984d7374b2a8e0af72d2bfcf105c86154
Certificate serial: 018CC2DB1722ABF728B7D9EA61A27CA37836
Authority key identifier: 33:AE:39:99:84:D7:37:4B:2A:8E:0A:F7:2D:2B:FC:F1:05:C8:61:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M645mYTXN0sqjgr3LSv88QXIYVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/RhE9MMXdfESIIfyqhVf63ERsyI8.roa
Signing time: Mon 01 Jan 2024 02:29:47 +0000
ROA not before: Mon 01 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213237
IP address blocks: 2001:678:45c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/M645mYTXN0sqjgr3LSv88QXIYVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/M645mYTXN0sqjgr3LSv88QXIYVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/M645mYTXN0sqjgr3LSv88QXIYVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:17:22:ab:f7:28:b7:d9:ea:61:a2:7c:a3:78:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ae399984d7374b2a8e0af72d2bfcf105c86154
Validity
Not Before: Jan 1 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46113d30c5dd7c448821fcaa8557fadc446cc88f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:20:7b:97:85:38:38:b8:c0:e0:68:45:04:f6:
d5:eb:a2:9f:b7:d9:c4:9f:ef:5f:3d:b6:28:f9:f2:
a3:40:63:ab:23:97:f9:f7:3b:00:40:3b:27:f8:07:
61:71:34:36:8c:05:a9:4a:3c:32:1d:a1:09:23:90:
22:eb:67:cc:9b:ae:67:b8:f3:35:ab:db:39:a9:11:
31:41:d6:a4:63:2c:79:0b:67:82:93:1d:e2:c7:40:
54:c0:f5:ab:42:bd:38:46:cc:ff:9e:70:d5:0a:7a:
8e:e6:99:10:60:c1:e7:c9:a5:73:73:08:f7:5a:37:
4c:3d:0c:21:5b:18:21:b0:bf:70:53:8d:fa:3d:bd:
21:4c:3b:cf:34:b9:8c:b3:29:ca:0b:fc:b4:16:ac:
4a:48:9f:5a:82:1e:ad:c7:4c:94:f3:ef:b0:08:c8:
0a:5e:e6:57:71:e1:09:8c:05:b6:52:1a:22:69:71:
cc:23:2e:ef:70:c2:3e:0b:e9:5e:00:a1:d1:f6:9c:
0f:c9:95:a2:65:6a:ac:99:be:09:1d:fe:09:e9:52:
ba:bd:fa:d9:49:45:da:3e:79:f9:c4:4d:50:0f:38:
3f:68:88:02:a1:60:01:30:a7:3a:87:d8:3b:b8:72:
38:e1:6d:2a:51:55:0b:4b:ce:a3:42:4e:29:e4:e4:
42:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:11:3D:30:C5:DD:7C:44:88:21:FC:AA:85:57:FA:DC:44:6C:C8:8F
X509v3 Authority Key Identifier:
keyid:33:AE:39:99:84:D7:37:4B:2A:8E:0A:F7:2D:2B:FC:F1:05:C8:61:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M645mYTXN0sqjgr3LSv88QXIYVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/RhE9MMXdfESIIfyqhVf63ERsyI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/62846e-0189-468d-a8d3-1a8daff11e0c/1/M645mYTXN0sqjgr3LSv88QXIYVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:45c::/48
Signature Algorithm: sha256WithRSAEncryption
63:b1:22:71:bf:3a:4b:86:12:d9:17:1a:6a:af:06:8c:b1:e7:
98:04:1a:dc:b5:24:02:ee:7c:67:b4:d4:0a:e0:48:55:b2:0e:
14:3f:f6:2a:49:46:6a:91:2d:38:e3:90:39:31:84:0d:66:a2:
86:b1:24:82:c7:c0:c8:63:be:14:c4:0c:e3:45:07:00:7d:9e:
45:c1:2f:fe:09:17:d9:b7:66:cc:7e:d7:45:f2:93:19:46:f7:
e4:25:00:ba:f5:57:4f:8c:f3:3e:98:df:df:ce:42:10:89:34:
56:be:eb:79:86:b4:c4:4d:b7:77:ec:20:b4:02:9d:0b:be:44:
1b:73:28:2d:e8:ce:39:b4:30:89:52:e0:97:50:b6:0f:59:43:
d9:f3:b6:30:96:8d:e6:de:98:9e:3f:a8:24:1a:db:f0:90:76:
f0:6c:32:fd:88:01:64:7c:55:59:07:ef:99:e6:41:3b:23:e4:
19:5b:79:8d:90:61:4e:70:58:02:ca:90:6f:67:bb:cb:6a:88:
2a:60:aa:7d:74:b0:66:a7:52:22:16:93:25:82:fe:6e:4d:6e:
92:c7:45:22:a4:af:70:41:d2:c1:e2:5f:4d:e2:c8:52:40:bd:
d1:3e:6a:e6:71:dc:1f:94:7a:c8:16:35:c9:e2:57:3b:31:1d:
ac:76:b8:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2xciq/cot9nqYaJ8o3g2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYWUzOTk5ODRkNzM3NGIyYThlMGFmNzJkMmJmY2YxMDVj
ODYxNTQwHhcNMjQwMTAxMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjExM2QzMGM1ZGQ3YzQ0ODgyMWZjYWE4NTU3ZmFkYzQ0NmNjODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yB7l4U4OLjA4GhFBPbV66Kft9nE
n+9fPbYo+fKjQGOrI5f59zsAQDsn+AdhcTQ2jAWpSjwyHaEJI5Ai62fMm65nuPM1
q9s5qRExQdakYyx5C2eCkx3ix0BUwPWrQr04Rsz/nnDVCnqO5pkQYMHnyaVzcwj3
WjdMPQwhWxghsL9wU436Pb0hTDvPNLmMsynKC/y0FqxKSJ9agh6tx0yU8++wCMgK
XuZXceEJjAW2UhoiaXHMIy7vcMI+C+leAKHR9pwPyZWiZWqsmb4JHf4J6VK6vfrZ
SUXaPnn5xE1QDzg/aIgCoWABMKc6h9g7uHI44W0qUVULS86jQk4p5ORCVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEYRPTDF3XxEiCH8qoVX+txEbMiPMB8GA1UdIwQY
MBaAFDOuOZmE1zdLKo4K9y0r/PEFyGFUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTY0NW1ZVFhOMHNxamdyM0xTdjg4UVhJWVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82Mjg0NmUtMDE4OS00NjhkLWE4ZDMt
MWE4ZGFmZjExZTBjLzEvUmhFOU1NWGRmRVNJSWZ5cWhWZjYzRVJzeUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82Mjg0NmUtMDE4OS00NjhkLWE4ZDMtMWE4ZGFmZjExZTBj
LzEvTTY0NW1ZVFhOMHNxamdyM0xTdjg4UVhJWVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeARc
MA0GCSqGSIb3DQEBCwUAA4IBAQBjsSJxvzpLhhLZFxpqrwaMseeYBBrctSQC7nxn
tNQK4EhVsg4UP/YqSUZqkS0445A5MYQNZqKGsSSCx8DIY74UxAzjRQcAfZ5FwS/+
CRfZt2bMftdF8pMZRvfkJQC69VdPjPM+mN/fzkIQiTRWvut5hrTETbd37CC0Ap0L
vkQbcygt6M45tDCJUuCXULYPWUPZ87Ywlo3m3pieP6gkGtvwkHbwbDL9iAFkfFVZ
B++Z5kE7I+QZW3mNkGFOcFgCypBvZ7vLaogqYKp9dLBmp1IiFpMlgv5uTW6Sx0Ui
pK9wQdLB4l9N4shSQL3RPmrmcdwflHrIFjXJ4lc7MR2sdri0
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:08:33 2024 by rpki-client on console-ams.rpki-client.org