Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/qGBCN9eA7qIZ5t-4C78vJbdR_uA.roa
File: qGBCN9eA7qIZ5t-4C78vJbdR_uA.roa (raw, json)
Hash identifier: 2XUMkyximIMePhRQEMQH6fsSVYOs/i/bqBnbYbuCvjA=
Subject key identifier: A8:60:42:37:D7:80:EE:A2:19:E6:DF:B8:0B:BF:2F:25:B7:51:FE:E0
Certificate issuer: /CN=6b877f082ff5fef4b07cf8f7c0f71334bc8b8482
Certificate serial: 018CC64A81089C06C9B32B77ECE55060426B
Authority key identifier: 6B:87:7F:08:2F:F5:FE:F4:B0:7C:F8:F7:C0:F7:13:34:BC:8B:84:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4d_CC_1_vSwfPj3wPcTNLyLhII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/qGBCN9eA7qIZ5t-4C78vJbdR_uA.roa
Signing time: Mon 01 Jan 2024 18:30:20 +0000
ROA not before: Mon 01 Jan 2024 18:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35506
IP address blocks: 2a10:d000:3::/48 maxlen: 48
2a10:d001:3000::/36 maxlen: 36
2a10:d001:2000::/36 maxlen: 36
2a10:d001:1000::/36 maxlen: 36
2a10:d001::/36 maxlen: 36
2a10:d001:1800::/38 maxlen: 38
2a10:d001:2000::/38 maxlen: 38
2a10:d001:1000::/38 maxlen: 38
2a10:d001::/38 maxlen: 38
2a10:d000:14::/48 maxlen: 48
2a10:d000:1c::/48 maxlen: 48
2a10:d000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/a4d_CC_1_vSwfPj3wPcTNLyLhII.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/a4d_CC_1_vSwfPj3wPcTNLyLhII.mft
rsync://rpki.ripe.net/repository/DEFAULT/a4d_CC_1_vSwfPj3wPcTNLyLhII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:81:08:9c:06:c9:b3:2b:77:ec:e5:50:60:42:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b877f082ff5fef4b07cf8f7c0f71334bc8b8482
Validity
Not Before: Jan 1 18:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8604237d780eea219e6dfb80bbf2f25b751fee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:a9:f5:36:6c:d4:4c:c5:b3:88:d7:77:fc:
3f:21:a9:d0:ef:32:0c:a5:c1:b2:6b:b9:ad:76:b6:
e0:38:7a:9e:3f:b5:83:1d:5d:26:42:8d:f9:b7:2f:
62:dd:ca:6c:ff:02:f6:0f:2f:a5:12:5f:78:84:36:
32:e0:df:8a:58:7d:9e:f6:0f:91:40:ec:3e:43:8f:
00:50:11:0a:21:52:8e:b9:d2:d0:16:c1:74:07:f4:
c5:6a:86:b5:2a:cd:ac:ed:d7:40:c8:8a:ca:b7:49:
72:38:3c:17:8e:2b:ae:e3:06:84:cf:11:a9:a7:48:
d0:f4:ac:c4:98:d7:2e:9d:cd:02:ce:1e:4e:0a:45:
25:f2:65:a7:b3:ce:e9:e8:a3:7f:eb:8a:ec:81:27:
74:63:02:ce:b4:3a:48:af:53:61:a9:f5:5d:17:3c:
82:14:e0:a3:1e:15:5a:41:80:3f:da:32:c6:89:fc:
28:d0:66:32:22:dd:33:77:b8:0c:da:cc:66:38:ac:
fc:ce:2d:26:b1:d0:ba:43:5b:64:53:33:1e:2f:28:
1f:d5:ab:16:9f:cc:3e:4e:8a:65:c5:06:cf:f9:a2:
92:b0:10:c5:bd:d6:00:5c:15:cd:4c:c4:c6:d1:18:
a8:75:cf:67:cf:8a:27:e5:99:90:6c:df:84:d9:d1:
eb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:60:42:37:D7:80:EE:A2:19:E6:DF:B8:0B:BF:2F:25:B7:51:FE:E0
X509v3 Authority Key Identifier:
keyid:6B:87:7F:08:2F:F5:FE:F4:B0:7C:F8:F7:C0:F7:13:34:BC:8B:84:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4d_CC_1_vSwfPj3wPcTNLyLhII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/qGBCN9eA7qIZ5t-4C78vJbdR_uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/11cf4e-60a3-4622-b212-7314e694bac9/1/a4d_CC_1_vSwfPj3wPcTNLyLhII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:d000::/29
Signature Algorithm: sha256WithRSAEncryption
59:c9:31:71:b2:a4:43:e6:12:26:17:04:a2:98:f7:f2:52:da:
ea:8e:e0:2d:25:a6:ad:44:a4:d8:dc:3a:d0:f0:5f:4a:56:59:
b4:6d:31:72:9a:29:49:49:5f:03:11:2a:db:31:7b:8c:44:b2:
94:68:fc:70:fc:44:a7:08:1a:29:ee:9f:19:8e:91:4c:78:37:
5c:f1:9e:44:cf:dd:cb:04:a9:45:da:d7:31:69:4e:98:31:c6:
34:70:ba:71:92:68:a0:41:7d:8e:f9:92:0e:2a:b2:9b:4b:cf:
78:73:1e:7e:10:85:f7:85:98:fe:8d:d5:02:2f:bb:98:b3:79:
e9:ea:b6:c0:0a:2c:6c:77:04:de:2f:28:26:2a:90:a4:79:39:
b6:c9:9c:48:81:3e:55:bc:ea:52:f0:80:c2:37:c0:0d:45:de:
83:47:26:97:f8:61:b1:d6:e0:a4:1e:97:64:2b:a7:c6:29:45:
e6:fd:b3:2b:ab:ab:4d:e8:10:81:84:41:b8:aa:3f:b2:e1:91:
a5:78:cb:86:d6:75:d9:05:d6:76:13:bf:92:4d:25:ea:15:36:
ca:a5:5f:29:f6:51:28:67:2e:df:1d:f4:44:1e:9a:a7:92:d3:
32:64:cc:00:98:1f:48:9b:fa:39:47:96:79:e4:e5:16:30:9d:
fe:29:c7:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSoEInAbJsyt37OVQYEJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODc3ZjA4MmZmNWZlZjRiMDdjZjhmN2MwZjcxMzM0YmM4
Yjg0ODIwHhcNMjQwMTAxMTgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYwNDIzN2Q3ODBlZWEyMTllNmRmYjgwYmJmMmYyNWI3NTFmZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7Cp9TZs1EzFs4jXd/w/IanQ7zIM
pcGya7mtdrbgOHqeP7WDHV0mQo35ty9i3cps/wL2Dy+lEl94hDYy4N+KWH2e9g+R
QOw+Q48AUBEKIVKOudLQFsF0B/TFaoa1Ks2s7ddAyIrKt0lyODwXjiuu4waEzxGp
p0jQ9KzEmNcunc0Czh5OCkUl8mWns87p6KN/64rsgSd0YwLOtDpIr1NhqfVdFzyC
FOCjHhVaQYA/2jLGifwo0GYyIt0zd7gM2sxmOKz8zi0msdC6Q1tkUzMeLygf1asW
n8w+ToplxQbP+aKSsBDFvdYAXBXNTMTG0Riodc9nz4on5ZmQbN+E2dHrWQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKhgQjfXgO6iGebfuAu/LyW3Uf7gMB8GA1UdIwQY
MBaAFGuHfwgv9f70sHz498D3EzS8i4SCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRkX0NDXzFfdlN3ZlBqM3dQY1ROTHlMaElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xMWNmNGUtNjBhMy00NjIyLWIyMTIt
NzMxNGU2OTRiYWM5LzEvcUdCQ045ZUE3cUlaNXQtNEM3OHZKYmRSX3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xMWNmNGUtNjBhMy00NjIyLWIyMTItNzMxNGU2OTRiYWM5
LzEvYTRkX0NDXzFfdlN3ZlBqM3dQY1ROTHlMaElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhDQADAN
BgkqhkiG9w0BAQsFAAOCAQEAWckxcbKkQ+YSJhcEopj38lLa6o7gLSWmrUSk2Nw6
0PBfSlZZtG0xcpopSUlfAxEq2zF7jESylGj8cPxEpwgaKe6fGY6RTHg3XPGeRM/d
ywSpRdrXMWlOmDHGNHC6cZJooEF9jvmSDiqym0vPeHMefhCF94WY/o3VAi+7mLN5
6eq2wAosbHcE3i8oJiqQpHk5tsmcSIE+VbzqUvCAwjfADUXeg0cml/hhsdbgpB6X
ZCunxilF5v2zK6urTegQgYRBuKo/suGRpXjLhtZ12QXWdhO/kk0l6hU2yqVfKfZR
KGcu3x30RB6ap5LTMmTMAJgfSJv6OUeWeeTlFjCd/inH4w==
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:10:15 2024 by rpki-client on console-fra.rpki-client.org