Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/qFfxJosJOxIGCYdAY4yVezelrKk.roa
File: qFfxJosJOxIGCYdAY4yVezelrKk.roa (raw, json)
Hash identifier: CAZLD+aIpb0IXLS/RQHDQ0d+Djz3PXq8+Ej63AoUJag=
Subject key identifier: A8:57:F1:26:8B:09:3B:12:06:09:87:40:63:8C:95:7B:37:A5:AC:A9
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 018CC94E4B5F19D7C460C10F000F282B601B
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/qFfxJosJOxIGCYdAY4yVezelrKk.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200334
IP address blocks: 2a0c:f587:ffff::/48 maxlen: 48
2a0c:f587:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4b:5f:19:d7:c4:60:c1:0f:00:0f:28:2b:60:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a857f1268b093b1206098740638c957b37a5aca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a4:99:00:e4:59:88:05:ba:c6:b4:f5:21:09:
12:0a:7c:b5:f0:99:63:34:3e:ae:08:7a:4f:db:57:
57:68:64:9e:57:09:7c:f5:a0:ea:e7:3b:7c:a5:80:
9a:e7:a0:e5:d7:de:33:77:e8:92:d4:5a:40:6e:a0:
f4:14:b3:34:04:28:bc:47:24:7d:2f:be:3c:d7:d9:
e2:d1:96:30:c5:6a:20:e4:ea:29:fd:0c:b1:0f:6a:
9d:11:24:34:87:10:5f:95:16:4e:c9:d6:e7:ae:35:
66:e8:f3:ea:03:77:a1:26:f6:92:eb:1f:9b:3e:21:
14:ca:99:d7:b9:7a:f0:1c:67:c2:a2:5f:97:1a:ca:
8b:1f:72:bb:6f:51:c6:97:fb:d8:fb:54:d1:9f:59:
60:76:67:7a:62:19:0c:0e:1c:d3:f9:70:9b:1d:98:
9c:50:f2:28:55:19:95:76:00:b1:a7:a1:15:a4:57:
a9:13:5b:fb:3a:08:06:d0:e9:a6:f1:c9:7c:46:d5:
b9:e7:47:b0:65:e1:18:2b:41:e8:dc:92:0a:6f:6d:
36:30:fb:5a:41:3c:39:80:59:be:e2:07:4b:7b:f8:
3e:8b:57:69:6c:f0:53:e4:fd:a1:d8:9b:4e:77:d1:
15:ee:60:b7:5d:32:1a:de:71:88:ac:96:87:1c:82:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:57:F1:26:8B:09:3B:12:06:09:87:40:63:8C:95:7B:37:A5:AC:A9
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/qFfxJosJOxIGCYdAY4yVezelrKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:f587:fffe::/47
Signature Algorithm: sha256WithRSAEncryption
06:7a:8e:c1:d9:54:24:ad:30:e0:6d:5f:8b:f9:9e:14:b9:66:
88:06:8d:e1:c7:4a:e4:07:9a:06:3c:89:4a:9e:09:36:98:f5:
62:e1:6d:29:5f:d4:ee:80:7f:9e:14:8b:74:93:b5:93:d5:74:
15:7a:af:34:69:b3:8b:fa:7c:0a:fb:a9:39:60:2b:2a:22:4d:
db:04:d4:17:66:fb:5b:0e:31:63:2b:90:a0:cc:ff:ab:f1:66:
38:d1:3b:16:08:21:d1:fe:57:fa:cb:01:b0:5a:be:dc:09:30:
d5:2e:73:c2:9c:67:2c:79:89:a3:57:92:1a:f9:34:12:27:2d:
31:bf:64:ad:46:44:a9:72:11:7a:65:f8:d1:26:78:4e:dd:6b:
a2:41:4f:0b:13:20:7b:ea:c8:f0:aa:b5:16:66:a3:e2:df:25:
a4:86:4c:c6:20:70:b8:f3:1b:5f:b6:b9:04:0e:9e:2d:15:3d:
e0:61:a8:6c:0f:76:9b:05:1e:51:44:a2:f2:c5:75:07:95:db:
69:3d:67:1f:b7:d1:17:5b:cc:cc:41:52:ba:0b:ad:51:98:ed:
ce:be:be:ed:8c:5b:cf:01:85:8b:67:7a:fa:12:af:72:f3:c7:
83:72:36:34:5d:33:1c:0c:1c:e0:2f:e2:5e:72:98:cd:c5:3a:
bf:0e:08:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJTktfGdfEYMEPAA8oK2AbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODU3ZjEyNjhiMDkzYjEyMDYwOTg3NDA2MzhjOTU3YjM3YTVhY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKSZAORZiAW6xrT1IQkSCny18Jlj
ND6uCHpP21dXaGSeVwl89aDq5zt8pYCa56Dl194zd+iS1FpAbqD0FLM0BCi8RyR9
L74819ni0ZYwxWog5Oop/QyxD2qdESQ0hxBflRZOydbnrjVm6PPqA3ehJvaS6x+b
PiEUypnXuXrwHGfCol+XGsqLH3K7b1HGl/vY+1TRn1lgdmd6YhkMDhzT+XCbHZic
UPIoVRmVdgCxp6EVpFepE1v7OggG0Omm8cl8RtW550ewZeEYK0Ho3JIKb202MPta
QTw5gFm+4gdLe/g+i1dpbPBT5P2h2JtOd9EV7mC3XTIa3nGIrJaHHIJYSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKhX8SaLCTsSBgmHQGOMlXs3paypMB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvcUZmeEpvc0pPeElHQ1lkQVk0eVZlemVscktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKgz1h//+
MA0GCSqGSIb3DQEBCwUAA4IBAQAGeo7B2VQkrTDgbV+L+Z4UuWaIBo3hx0rkB5oG
PIlKngk2mPVi4W0pX9TugH+eFIt0k7WT1XQVeq80abOL+nwK+6k5YCsqIk3bBNQX
ZvtbDjFjK5CgzP+r8WY40TsWCCHR/lf6ywGwWr7cCTDVLnPCnGcseYmjV5Ia+TQS
Jy0xv2StRkSpchF6ZfjRJnhO3WuiQU8LEyB76sjwqrUWZqPi3yWkhkzGIHC48xtf
trkEDp4tFT3gYahsD3abBR5RRKLyxXUHldtpPWcft9EXW8zMQVK6C61RmO3Ovr7t
jFvPAYWLZ3r6Eq9y88eDcjY0XTMcDBzgL+JecpjNxTq/Dgi5
-----END CERTIFICATE-----
Generated at Sat May 4 09:04:14 2024 by rpki-client on console-ams.rpki-client.org