Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/v4gzHC-WFnf5oJQpD_g5y8gi5gE.roa
File: v4gzHC-WFnf5oJQpD_g5y8gi5gE.roa (raw, json)
Hash identifier: W5/trwRP8exPS73zInEGf4UNDCxa95GtwRftQMKywCE=
Subject key identifier: BF:88:33:1C:2F:96:16:77:F9:A0:94:29:0F:F8:39:CB:C8:22:E6:01
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018F15FE3937AAD58E866ED17094CD4A903C
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/v4gzHC-WFnf5oJQpD_g5y8gi5gE.roa
Signing time: Thu 25 Apr 2024 16:02:13 +0000
ROA not before: Thu 25 Apr 2024 16:02:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a06:7380::/29 maxlen: 29
2a06:7d00::/29 maxlen: 29
2a07:4980::/29 maxlen: 29
2a07:ec40::/29 maxlen: 29
2a0b:6500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:fe:39:37:aa:d5:8e:86:6e:d1:70:94:cd:4a:90:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Apr 25 16:02:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf88331c2f961677f9a094290ff839cbc822e601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1f:4e:28:54:fd:57:1b:2f:9a:42:43:87:e6:
08:40:c9:86:b7:eb:1b:ef:c9:e6:a8:45:e6:7a:c5:
37:5b:22:8c:de:48:ff:7c:5f:aa:84:fe:23:98:e4:
ab:4d:31:59:77:a4:35:74:d6:6a:e9:be:d7:c2:95:
74:55:41:98:83:8b:ee:93:6b:f1:1f:f2:0c:05:15:
b4:19:20:51:fe:1a:f1:9a:b5:43:08:55:8e:c7:cb:
8b:41:fb:4d:4a:68:ea:94:94:a1:49:13:57:78:a4:
d6:d3:96:1e:21:57:47:5c:66:d7:54:1a:bd:ba:d6:
b6:41:d3:7d:13:b4:35:7b:5e:87:d3:27:f9:f2:25:
c7:24:a3:c9:e4:c0:9e:f1:8d:f5:95:d4:ee:58:13:
df:cf:f7:e9:2e:80:33:bc:a4:92:6d:03:a8:7f:92:
65:60:a9:5c:c9:bf:12:5d:76:e3:9b:93:25:9b:04:
45:95:79:ea:35:fa:a5:6b:d7:86:3b:d5:ed:48:98:
a9:9a:21:71:d6:e2:93:f7:ab:c9:17:a7:ad:e7:69:
13:70:94:d5:a2:bc:c4:c2:4e:e7:54:63:4d:4b:72:
2f:25:d6:9a:38:be:5d:39:c0:d3:d5:57:2b:cf:17:
82:c0:0f:5c:80:73:2c:5d:7b:15:4b:ec:87:e3:56:
fb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:88:33:1C:2F:96:16:77:F9:A0:94:29:0F:F8:39:CB:C8:22:E6:01
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/v4gzHC-WFnf5oJQpD_g5y8gi5gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7380::/29
2a06:7d00::/29
2a07:4980::/29
2a07:ec40::/29
2a0b:6500::/29
Signature Algorithm: sha256WithRSAEncryption
95:fd:10:d5:0a:37:08:5f:fd:75:61:3f:30:6a:da:38:57:a6:
67:4e:07:94:16:18:95:52:ae:b5:9b:09:4e:45:96:0f:45:95:
14:b7:19:38:be:a0:8d:ec:21:5b:50:4e:1e:f5:13:2c:55:f5:
e7:99:1e:47:ae:de:5c:5d:75:24:3f:29:af:a1:20:0e:b4:d3:
6f:ee:d9:52:f0:8d:86:72:e6:29:4c:4c:75:94:67:ee:9b:e7:
dc:e2:9c:7f:05:7a:81:95:fd:35:67:b3:00:5c:a0:43:7e:9f:
2c:60:c3:5c:16:c4:75:77:aa:f7:fd:3c:d7:2c:1c:31:95:eb:
f6:af:03:58:11:1e:d4:c1:2a:b0:02:12:18:96:41:e6:af:5b:
73:69:1c:0b:4b:b8:5d:49:40:df:55:15:c9:9e:61:09:8f:27:
bd:c5:04:97:cc:68:a2:13:fa:ca:2c:e1:a0:68:5d:f5:ff:b9:
41:66:38:37:43:5e:68:02:9e:5a:0b:20:46:dc:ec:74:d5:ca:
a3:48:2e:8c:61:01:6d:ef:9d:14:e7:da:3c:10:cc:6a:e9:98:
0c:b7:f0:74:59:c0:13:9c:28:f0:a8:d1:36:8b:39:e9:94:28:
bb:57:3f:bf:a3:e2:6e:40:c1:55:de:36:b8:39:9f:e1:b1:5c:
f6:d0:27:da
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY8V/jk3qtWOhm7RcJTNSpA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwNDI1MTYwMjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjg4MzMxYzJmOTYxNjc3ZjlhMDk0MjkwZmY4MzljYmM4MjJlNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix9OKFT9VxsvmkJDh+YIQMmGt+sb
78nmqEXmesU3WyKM3kj/fF+qhP4jmOSrTTFZd6Q1dNZq6b7XwpV0VUGYg4vuk2vx
H/IMBRW0GSBR/hrxmrVDCFWOx8uLQftNSmjqlJShSRNXeKTW05YeIVdHXGbXVBq9
uta2QdN9E7Q1e16H0yf58iXHJKPJ5MCe8Y31ldTuWBPfz/fpLoAzvKSSbQOof5Jl
YKlcyb8SXXbjm5MlmwRFlXnqNfqla9eGO9XtSJipmiFx1uKT96vJF6et52kTcJTV
orzEwk7nVGNNS3IvJdaaOL5dOcDT1VcrzxeCwA9cgHMsXXsVS+yH41b7FQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFL+IMxwvlhZ3+aCUKQ/4OcvIIuYBMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvdjRnekhDLVdGbmY1b0pRcERfZzV5OGdpNWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgZzgAMF
AyoGfQADBQMqB0mAAwUDKgfsQAMFAyoLZQAwDQYJKoZIhvcNAQELBQADggEBAJX9
ENUKNwhf/XVhPzBq2jhXpmdOB5QWGJVSrrWbCU5Flg9FlRS3GTi+oI3sIVtQTh71
EyxV9eeZHkeu3lxddSQ/Ka+hIA6002/u2VLwjYZy5ilMTHWUZ+6b59zinH8FeoGV
/TVnswBcoEN+nyxgw1wWxHV3qvf9PNcsHDGV6/avA1gRHtTBKrACEhiWQeavW3Np
HAtLuF1JQN9VFcmeYQmPJ73FBJfMaKIT+sos4aBoXfX/uUFmODdDXmgCnloLIEbc
7HTVyqNILoxhAW3vnRTn2jwQzGrpmAy38HRZwBOcKPCo0TaLOemUKLtXP7+j4m5A
wVXeNrg5n+GxXPbQJ9o=
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:27:39 2024 by rpki-client on console-fra.rpki-client.org