Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0paR-zzDeGmxIA6j-RZsQwNWokg.roa
File: 0paR-zzDeGmxIA6j-RZsQwNWokg.roa (raw, json)
Hash identifier: cdblmP8JkABcAHkwrlr2hJ4DOfzHCxuh0ztxBmmBUcs=
Subject key identifier: D2:96:91:FB:3C:C3:78:69:B1:20:0E:A3:F9:16:6C:43:03:56:A2:48
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB6741DD7F05FAEAB042794C45453E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0paR-zzDeGmxIA6j-RZsQwNWokg.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201414
IP address blocks: 192.162.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 04:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:67:41:dd:7f:05:fa:ea:b0:42:79:4c:45:45:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d29691fb3cc37869b1200ea3f9166c430356a248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f9:0d:57:c4:b2:b2:fd:ba:1a:11:ef:45:4b:
35:1a:fb:69:25:62:92:c1:14:df:90:e9:1e:ae:e1:
c7:9b:3e:13:c5:6d:cb:7a:7c:c1:0f:91:c5:65:f4:
4a:96:4e:9a:7b:2f:e1:ea:d8:d3:9a:23:d7:c7:3b:
14:c4:7b:98:e6:fe:9f:d4:c3:25:f0:dc:0c:d7:41:
0f:61:ad:72:1c:4e:85:9a:4a:8d:45:6f:a3:36:9b:
e6:d2:fb:7d:2b:ac:09:60:8f:aa:6f:d9:d3:00:2a:
6f:25:b2:76:c8:22:ae:a8:f6:32:59:72:ce:c8:0b:
1d:67:9d:0b:f8:13:a8:4a:86:ab:45:12:aa:44:5b:
0f:5c:75:61:ce:a7:1f:41:04:55:06:a5:3e:17:79:
02:06:c4:ed:c4:66:cc:dc:09:94:4d:7a:50:3b:dc:
67:25:34:04:dc:8c:40:4d:09:d3:20:d6:b3:e3:86:
7a:51:dc:86:e6:0a:37:48:f7:70:98:85:d0:11:55:
48:3c:45:cd:ec:91:2b:01:53:d7:f7:da:f5:a3:3a:
d7:ca:80:3d:00:75:18:ed:b4:ce:a1:1b:13:93:f8:
f4:e3:37:b3:ba:36:5d:3b:cc:e9:c3:6c:a4:fb:90:
96:98:0c:dc:d3:d5:30:c9:66:bd:55:bb:ff:8f:83:
07:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:96:91:FB:3C:C3:78:69:B1:20:0E:A3:F9:16:6C:43:03:56:A2:48
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0paR-zzDeGmxIA6j-RZsQwNWokg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.64.0/24
Signature Algorithm: sha256WithRSAEncryption
56:75:90:56:7a:5a:db:f9:5d:84:39:f3:92:9d:63:41:4c:23:
ad:fc:c6:6b:da:14:34:43:0b:1c:a2:66:01:df:72:44:ed:62:
4a:11:e4:fa:e0:f6:d1:1b:c4:23:cc:c2:08:8d:04:58:25:f5:
7c:82:01:f2:2b:ca:de:9a:0c:e7:3e:92:dd:e3:ad:e0:b6:65:
3d:68:e1:9b:5b:72:c9:b7:2b:fe:c7:8d:d7:d1:4e:26:e4:61:
f2:b5:3e:a3:eb:35:c3:3b:18:5b:9b:ed:6d:0e:70:2f:4f:47:
cf:a9:d0:86:48:b8:cb:11:ac:a6:6f:ba:fb:0d:71:91:74:1d:
09:c0:10:ca:af:20:8f:f2:91:30:0a:3d:1b:e5:0f:3e:c1:6c:
4e:4a:7d:9c:1b:a5:cb:5b:5b:e7:9d:cd:d2:24:03:d5:3b:b4:
14:99:3b:87:67:24:6d:b8:26:10:1f:df:3f:3a:ff:f2:94:97:
51:37:f1:de:1a:7b:03:56:d3:67:f6:cb:36:8d:24:6f:8d:00:
aa:0d:d9:16:52:13:cf:cb:07:e7:ed:b3:7c:7c:de:d4:84:3a:
15:03:72:cd:e8:25:2d:d5:7b:2b:59:23:32:93:5f:61:80:3f:
3a:c9:24:59:0d:fb:7a:84:3e:db:57:d4:7d:73:3c:6c:d0:37:
d7:ee:f0:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22dB3X8F+uqwQnlMRUU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjk2OTFmYjNjYzM3ODY5YjEyMDBlYTNmOTE2NmM0MzAzNTZhMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/kNV8Sysv26GhHvRUs1GvtpJWKS
wRTfkOkeruHHmz4TxW3LenzBD5HFZfRKlk6aey/h6tjTmiPXxzsUxHuY5v6f1MMl
8NwM10EPYa1yHE6FmkqNRW+jNpvm0vt9K6wJYI+qb9nTACpvJbJ2yCKuqPYyWXLO
yAsdZ50L+BOoSoarRRKqRFsPXHVhzqcfQQRVBqU+F3kCBsTtxGbM3AmUTXpQO9xn
JTQE3IxATQnTINaz44Z6UdyG5go3SPdwmIXQEVVIPEXN7JErAVPX99r1ozrXyoA9
AHUY7bTOoRsTk/j04zezujZdO8zpw2yk+5CWmAzc09UwyWa9Vbv/j4MHfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKWkfs8w3hpsSAOo/kWbEMDVqJIMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMHBhUi16ekRlR214SUE2ai1SWnNRd05Xb2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKJAMA0G
CSqGSIb3DQEBCwUAA4IBAQBWdZBWelrb+V2EOfOSnWNBTCOt/MZr2hQ0QwscomYB
33JE7WJKEeT64PbRG8QjzMIIjQRYJfV8ggHyK8remgznPpLd463gtmU9aOGbW3LJ
tyv+x43X0U4m5GHytT6j6zXDOxhbm+1tDnAvT0fPqdCGSLjLEaymb7r7DXGRdB0J
wBDKryCP8pEwCj0b5Q8+wWxOSn2cG6XLW1vnnc3SJAPVO7QUmTuHZyRtuCYQH98/
Ov/ylJdRN/HeGnsDVtNn9ss2jSRvjQCqDdkWUhPPywfn7bN8fN7UhDoVA3LN6CUt
1XsrWSMyk19hgD86ySRZDft6hD7bV9R9czxs0DfX7vAI
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:09:03 2024 by rpki-client on console-ams.rpki-client.org