Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/6afxs1bdeD5yaqefdk0QB9wMEX0.roa
File: 6afxs1bdeD5yaqefdk0QB9wMEX0.roa (raw, json)
Hash identifier: Tq2jOBjdP5DHJtw2wpcac1XtvZ84CvjharbJzjYnFAE=
Subject key identifier: E9:A7:F1:B3:56:DD:78:3E:72:6A:A7:9F:76:4D:10:07:DC:0C:11:7D
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018CC2DAED0276D621E4117287C4BE2DABF2
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/6afxs1bdeD5yaqefdk0QB9wMEX0.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29014
IP address blocks: 2a0b:2a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ed:02:76:d6:21:e4:11:72:87:c4:be:2d:ab:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9a7f1b356dd783e726aa79f764d1007dc0c117d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:97:56:d5:db:64:b6:7c:fa:48:5d:a1:ad:
97:81:6d:47:70:f3:85:5e:00:9d:d2:38:df:11:b2:
f5:bf:48:d4:eb:05:f5:59:6c:38:ea:c0:06:fe:98:
92:9c:a2:22:73:b4:96:64:c0:88:af:71:49:fb:76:
b1:32:35:45:c1:32:2d:d5:2b:05:2e:b5:d9:7a:7e:
72:6d:8a:c6:36:38:bf:cc:9b:0f:98:a4:fe:1f:63:
57:3c:22:11:7b:30:b6:e3:e2:f7:3a:a2:17:d7:f9:
8d:9f:21:c1:2b:58:c4:1f:e3:02:45:9e:37:06:83:
c4:a9:54:62:40:65:61:88:c3:0a:11:0c:d7:22:43:
2c:4b:73:5b:a4:39:b5:a5:ee:68:00:3b:9c:cd:ce:
3b:c0:ff:1c:fa:a8:7f:8b:b2:92:e0:2e:e5:ab:1b:
a7:60:df:11:dc:19:3b:37:cb:2d:da:3f:af:58:7c:
6c:c9:b1:8a:aa:cb:b4:84:6a:05:87:0e:af:fd:a3:
32:0c:cb:2d:35:53:22:3c:72:46:ca:f2:df:5c:25:
8f:c7:bb:73:7d:5a:b9:8d:1b:62:20:31:69:62:22:
1b:65:37:5e:2c:8a:d8:db:41:3c:b6:1d:a7:b2:f1:
77:d1:6a:7a:19:dd:99:a3:61:35:b2:08:83:49:fc:
ff:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A7:F1:B3:56:DD:78:3E:72:6A:A7:9F:76:4D:10:07:DC:0C:11:7D
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/6afxs1bdeD5yaqefdk0QB9wMEX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2a40::/29
Signature Algorithm: sha256WithRSAEncryption
6d:5d:4f:ba:39:1a:97:ea:e7:33:d1:d9:55:7a:03:cf:90:62:
21:b6:a1:8f:60:ce:3c:eb:dd:33:91:9c:ee:fb:4f:84:f2:7b:
3c:eb:f9:b2:22:73:69:94:90:8f:b1:d8:95:f7:91:ff:f2:2c:
a9:d9:47:15:37:40:1a:25:b4:f3:9d:0c:8e:86:18:a2:f8:05:
8f:b0:6b:58:cf:42:25:03:0c:78:f5:cd:d3:ba:96:71:aa:c7:
55:b9:da:0a:4b:0d:91:fa:98:77:d2:75:89:2e:31:cc:7e:94:
61:5f:43:46:75:ea:ac:47:53:8a:de:fb:2b:45:41:cf:e5:18:
97:86:07:0d:a6:da:a2:5c:cd:4f:dd:98:57:86:dc:94:06:1c:
02:80:85:98:ea:9a:05:ea:66:c8:62:f0:3a:2c:51:96:98:d0:
b0:dd:6d:d8:53:5d:dc:c1:37:de:2d:be:03:7c:1a:c9:bc:73:
ff:63:ee:f8:6c:0d:a4:59:2e:1e:1f:3f:d7:fd:16:b9:d5:99:
66:4b:05:03:d7:7e:ce:7b:a2:a8:58:3b:6b:53:d8:b5:7a:cf:
84:f1:f4:be:a1:8a:00:31:6b:4e:d7:48:8a:cc:13:68:98:45:
73:3d:5f:b1:86:14:2d:ae:68:6f:4e:30:d3:91:14:8e:7d:20:
35:f1:6c:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzC2u0CdtYh5BFyh8S+LavyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWE3ZjFiMzU2ZGQ3ODNlNzI2YWE3OWY3NjRkMTAwN2RjMGMxMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCOXVtXbZLZ8+khdoa2XgW1HcPOF
XgCd0jjfEbL1v0jU6wX1WWw46sAG/piSnKIic7SWZMCIr3FJ+3axMjVFwTIt1SsF
LrXZen5ybYrGNji/zJsPmKT+H2NXPCIRezC24+L3OqIX1/mNnyHBK1jEH+MCRZ43
BoPEqVRiQGVhiMMKEQzXIkMsS3NbpDm1pe5oADuczc47wP8c+qh/i7KS4C7lqxun
YN8R3Bk7N8st2j+vWHxsybGKqsu0hGoFhw6v/aMyDMstNVMiPHJGyvLfXCWPx7tz
fVq5jRtiIDFpYiIbZTdeLIrY20E8th2nsvF30Wp6Gd2Zo2E1sgiDSfz/kwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOmn8bNW3Xg+cmqnn3ZNEAfcDBF9MB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvNmFmeHMxYmRlRDV5YXFlZmRrMFFCOXdNRVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgsqQDAN
BgkqhkiG9w0BAQsFAAOCAQEAbV1Pujkal+rnM9HZVXoDz5BiIbahj2DOPOvdM5Gc
7vtPhPJ7POv5siJzaZSQj7HYlfeR//IsqdlHFTdAGiW0850MjoYYovgFj7BrWM9C
JQMMePXN07qWcarHVbnaCksNkfqYd9J1iS4xzH6UYV9DRnXqrEdTit77K0VBz+UY
l4YHDabaolzNT92YV4bclAYcAoCFmOqaBepmyGLwOixRlpjQsN1t2FNd3ME33i2+
A3waybxz/2Pu+GwNpFkuHh8/1/0WudWZZksFA9d+znuiqFg7a1PYtXrPhPH0vqGK
ADFrTtdIiswTaJhFcz1fsYYULa5ob04w05EUjn0gNfFscw==
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:22:33 2024 by rpki-client on console-ams.rpki-client.org