Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/X7-XYtMODa07OhXkiARovKASyEM.roa
File: X7-XYtMODa07OhXkiARovKASyEM.roa (raw, json)
Hash identifier: fgIkp8hyRVGBrD0g7dgkWXodcfD+h09QCIaVpAOQz/U=
Subject key identifier: 5F:BF:97:62:D3:0E:0D:AD:3B:3A:15:E4:88:04:68:BC:A0:12:C8:43
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018CC64B2A830F4EA60BAAF1B9A29FE6DF67
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/X7-XYtMODa07OhXkiARovKASyEM.roa
Signing time: Mon 01 Jan 2024 18:31:04 +0000
ROA not before: Mon 01 Jan 2024 18:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204089
IP address blocks: 2a12:f8c7::/32 maxlen: 32
2a12:f8c1:f8c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2a:83:0f:4e:a6:0b:aa:f1:b9:a2:9f:e6:df:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 1 18:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fbf9762d30e0dad3b3a15e4880468bca012c843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c3:1e:24:12:6b:fb:fe:06:b3:c5:26:64:2d:
f0:5d:d5:29:5a:18:42:2c:24:ba:e5:5b:c5:1f:8d:
c1:a0:89:bf:14:dc:5a:f1:95:ee:23:b2:98:79:5e:
a6:93:5a:e5:f2:18:cb:9a:3a:00:77:57:13:fd:71:
8f:a4:7f:fe:03:5c:ac:81:46:37:e1:c8:8f:0c:a8:
aa:07:8c:fa:49:30:91:23:74:4c:1a:8c:90:48:9b:
8a:9d:d4:18:ef:b6:e7:55:f6:dc:ba:18:9b:ce:74:
fe:5d:cf:a2:50:c2:28:f8:fd:55:5f:1d:3e:83:25:
31:c9:ff:9b:7c:96:e6:88:f9:67:48:7f:be:ec:03:
99:41:10:34:3f:8f:7e:42:3f:31:97:52:29:32:ed:
22:a6:6d:24:54:b4:5a:d2:41:6a:1a:15:5b:eb:19:
31:9c:2d:7c:61:eb:9c:56:23:26:0c:6c:04:9c:fb:
9b:46:cc:41:e1:8f:31:08:54:0e:a5:bb:12:a2:37:
0f:55:7b:24:21:08:85:2c:af:30:63:a5:22:db:3d:
8e:11:a4:79:75:2e:cb:f1:fc:33:45:65:fe:81:dd:
da:43:06:90:f3:d1:ec:68:f1:b7:04:7b:3d:4f:52:
fd:90:bb:a7:9e:f5:2f:42:72:1a:c6:9e:6d:ee:09:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BF:97:62:D3:0E:0D:AD:3B:3A:15:E4:88:04:68:BC:A0:12:C8:43
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/X7-XYtMODa07OhXkiARovKASyEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:f8c1::/48
2a12:f8c7::/32
Signature Algorithm: sha256WithRSAEncryption
1b:df:24:c0:41:87:89:ee:2f:1d:0b:51:0b:c9:d5:ea:ab:05:
21:26:18:8e:e8:0f:c2:df:13:eb:c5:60:1f:5d:2a:b9:ad:14:
e6:f3:f0:80:4b:10:36:da:43:dd:3b:eb:df:3e:26:be:04:53:
ba:3b:2f:8e:c2:8a:1a:b9:b1:79:e4:bc:18:aa:39:d3:52:52:
fb:71:f9:a1:a2:6e:97:5b:83:8a:17:dc:a2:60:72:80:be:a3:
7e:5f:6b:c7:3e:c2:0f:7e:73:64:5b:b6:e4:5c:a1:79:8c:0a:
18:42:a4:d4:cb:d8:3a:82:34:ed:1a:94:45:01:1f:da:55:32:
4a:c6:fe:72:4a:1b:f6:2d:36:0d:a0:fa:46:d6:08:b5:f8:50:
62:9e:4a:bd:1d:60:db:95:7a:24:72:fc:27:2c:9b:74:0a:64:
76:db:08:bd:c5:16:92:4e:c9:35:ce:fd:13:36:72:d3:f2:75:
81:e8:07:24:13:e7:a9:45:51:cf:ea:c3:db:7e:5e:f1:55:7f:
d5:d7:55:41:24:d8:2f:e6:80:2a:9a:b5:35:b5:28:bb:c8:ef:
56:85:1c:03:25:b1:69:64:d2:ec:69:04:b4:80:50:1e:10:2c:
52:fb:27:21:eb:88:9c:0a:de:3d:be:9a:1a:90:cb:84:36:5d:
5d:de:e1:d3
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzGSyqDD06mC6rxuaKf5t9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmJmOTc2MmQzMGUwZGFkM2IzYTE1ZTQ4ODA0NjhiY2EwMTJjODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8MeJBJr+/4Gs8UmZC3wXdUpWhhC
LCS65VvFH43BoIm/FNxa8ZXuI7KYeV6mk1rl8hjLmjoAd1cT/XGPpH/+A1ysgUY3
4ciPDKiqB4z6STCRI3RMGoyQSJuKndQY77bnVfbcuhibznT+Xc+iUMIo+P1VXx0+
gyUxyf+bfJbmiPlnSH++7AOZQRA0P49+Qj8xl1IpMu0ipm0kVLRa0kFqGhVb6xkx
nC18YeucViMmDGwEnPubRsxB4Y8xCFQOpbsSojcPVXskIQiFLK8wY6Ui2z2OEaR5
dS7L8fwzRWX+gd3aQwaQ89HsaPG3BHs9T1L9kLunnvUvQnIaxp5t7glo2wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFF+/l2LTDg2tOzoV5IgEaLygEshDMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvWDctWFl0TU9EYTA3T2hYa2lBUm92S0FTeUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAKhL4wfjB
AwUAKhL4xzANBgkqhkiG9w0BAQsFAAOCAQEAG98kwEGHie4vHQtRC8nV6qsFISYY
jugPwt8T68VgH10qua0U5vPwgEsQNtpD3Tvr3z4mvgRTujsvjsKKGrmxeeS8GKo5
01JS+3H5oaJul1uDihfcomBygL6jfl9rxz7CD35zZFu25FyheYwKGEKk1MvYOoI0
7RqURQEf2lUySsb+ckob9i02DaD6RtYItfhQYp5KvR1g25V6JHL8JyybdApkdtsI
vcUWkk7JNc79EzZy0/J1gegHJBPnqUVRz+rD235e8VV/1ddVQSTYL+aAKpq1NbUo
u8jvVoUcAyWxaWTS7GkEtIBQHhAsUvsnIeuInArePb6aGpDLhDZdXd7h0w==
-----END CERTIFICATE-----
Generated at Wed May 29 09:28:58 2024 by rpki-client on console-fra.rpki-client.org