Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/3asJo343y8LGvp1pLIBe5yKd6E4.roa
File: 3asJo343y8LGvp1pLIBe5yKd6E4.roa (raw, json)
Hash identifier: P2KkVYb/crTTyktoFoAqyjxbzjRr3DCqPqbD3rBDK2Q=
Subject key identifier: DD:AB:09:A3:7E:37:CB:C2:C6:BE:9D:69:2C:80:5E:E7:22:9D:E8:4E
Certificate issuer: /CN=c605871889b9dcafe7ec3136aed1ddfee2dfbc7d
Certificate serial: 018CC94E67B34826C4B14D580EF14D2889AA
Authority key identifier: C6:05:87:18:89:B9:DC:AF:E7:EC:31:36:AE:D1:DD:FE:E2:DF:BC:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xgWHGIm53K_n7DE2rtHd_uLfvH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/3asJo343y8LGvp1pLIBe5yKd6E4.roa
Signing time: Tue 02 Jan 2024 08:33:27 +0000
ROA not before: Tue 02 Jan 2024 08:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61385
IP address blocks: 2a05:9281::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/xgWHGIm53K_n7DE2rtHd_uLfvH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/xgWHGIm53K_n7DE2rtHd_uLfvH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xgWHGIm53K_n7DE2rtHd_uLfvH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 23:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:67:b3:48:26:c4:b1:4d:58:0e:f1:4d:28:89:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c605871889b9dcafe7ec3136aed1ddfee2dfbc7d
Validity
Not Before: Jan 2 08:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddab09a37e37cbc2c6be9d692c805ee7229de84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:18:7c:e5:42:d1:55:33:b5:ce:a9:ba:ff:
81:9a:69:c1:d2:ee:be:5a:2b:f7:de:48:d1:03:c5:
1e:5f:de:07:ad:f0:10:92:ce:aa:c6:a5:4c:a9:9d:
ac:b7:6d:d0:a1:1a:1e:f6:ef:02:4e:5e:68:c0:32:
7f:ba:90:2a:35:f3:b7:dc:92:1c:e6:a4:bb:82:9e:
ed:7a:46:63:1c:bf:8e:de:58:12:5c:f5:2a:89:da:
e3:30:f1:47:d3:7c:63:2a:3b:03:01:5f:ee:32:2e:
8c:26:59:88:2a:50:3f:d6:b4:ea:ab:c1:12:24:75:
5a:01:9c:8e:24:f8:99:1d:aa:6b:73:0c:c7:36:80:
cc:4f:36:b4:d4:04:1b:25:bb:57:d8:ed:b2:3a:64:
6e:4e:90:ba:25:f6:34:88:2d:7d:cc:84:19:e4:0e:
53:e5:c2:c6:81:b2:1b:47:24:05:99:df:ae:d6:04:
df:36:b1:18:9e:13:2c:75:6e:72:e1:5c:3f:22:ab:
95:ee:a9:0d:b2:ab:32:3d:ae:51:13:4d:20:42:cf:
6f:2d:33:02:ed:7e:ed:6d:c1:6b:92:1e:b6:67:3c:
1d:7b:8a:09:f4:d4:58:81:01:e4:5d:93:b5:11:72:
fa:0b:8c:8e:dc:26:75:8c:bd:ea:01:c5:51:55:2e:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AB:09:A3:7E:37:CB:C2:C6:BE:9D:69:2C:80:5E:E7:22:9D:E8:4E
X509v3 Authority Key Identifier:
keyid:C6:05:87:18:89:B9:DC:AF:E7:EC:31:36:AE:D1:DD:FE:E2:DF:BC:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xgWHGIm53K_n7DE2rtHd_uLfvH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/3asJo343y8LGvp1pLIBe5yKd6E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6046a6-decb-49a3-a3b4-3087f86a63ab/1/xgWHGIm53K_n7DE2rtHd_uLfvH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9281::/32
Signature Algorithm: sha256WithRSAEncryption
40:95:fb:f8:81:7c:19:ee:51:93:68:c4:3c:a2:4c:ac:07:ef:
b9:09:51:0d:5d:ca:6f:93:93:6f:e0:78:95:22:52:fc:b0:12:
8e:51:1f:ac:83:ee:51:58:d3:8b:d1:de:1c:23:d1:39:3f:9d:
79:0c:7e:a9:4c:06:a9:76:4c:63:78:04:73:b9:b4:a0:d9:91:
92:54:1f:8b:b4:c9:18:05:e2:bb:2c:cd:7e:70:22:17:06:f6:
a5:cb:a5:c5:70:b2:3a:f6:2f:e0:36:63:14:6e:e1:f3:77:2c:
93:85:6f:b0:f6:39:4b:83:29:0c:aa:3b:b4:aa:be:41:d8:08:
9a:14:b3:2b:d8:86:39:e2:ba:c6:7c:40:d6:da:f9:10:02:b5:
d5:c8:71:de:c8:be:b6:45:1d:cd:3a:84:27:03:25:6c:2b:56:
4c:fa:6c:ce:ad:d0:ea:73:51:4e:c0:d8:67:e8:8e:ef:68:eb:
5d:ae:a5:a3:96:39:c1:ea:cb:c2:4f:58:fd:94:e6:d9:c0:68:
b8:6a:95:a6:d6:c4:4f:d5:11:91:22:99:22:48:a7:31:c2:04:
fa:9e:eb:96:34:c6:a8:2e:b3:42:50:9f:b7:80:4d:90:81:10:
6f:9c:bd:89:9b:35:c2:2d:ee:30:3f:8d:54:e1:23:8e:2c:ff:
8b:99:3e:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTmezSCbEsU1YDvFNKImqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MDU4NzE4ODliOWRjYWZlN2VjMzEzNmFlZDFkZGZlZTJk
ZmJjN2QwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFiMDlhMzdlMzdjYmMyYzZiZTlkNjkyYzgwNWVlNzIyOWRlODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXMYfOVC0VUztc6puv+BmmnB0u6+
Wiv33kjRA8UeX94HrfAQks6qxqVMqZ2st23QoRoe9u8CTl5owDJ/upAqNfO33JIc
5qS7gp7tekZjHL+O3lgSXPUqidrjMPFH03xjKjsDAV/uMi6MJlmIKlA/1rTqq8ES
JHVaAZyOJPiZHaprcwzHNoDMTza01AQbJbtX2O2yOmRuTpC6JfY0iC19zIQZ5A5T
5cLGgbIbRyQFmd+u1gTfNrEYnhMsdW5y4Vw/IquV7qkNsqsyPa5RE00gQs9vLTMC
7X7tbcFrkh62Zzwde4oJ9NRYgQHkXZO1EXL6C4yO3CZ1jL3qAcVRVS7dDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN2rCaN+N8vCxr6daSyAXucinehOMB8GA1UdIwQY
MBaAFMYFhxiJudyv5+wxNq7R3f7i37x9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGdXSEdJbTUzS19uN0RFMnJ0SGRfdUxmdkgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MDQ2YTYtZGVjYi00OWEzLWEzYjQt
MzA4N2Y4NmE2M2FiLzEvM2FzSm8zNDN5OExHdnAxcExJQmU1eUtkNkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MDQ2YTYtZGVjYi00OWEzLWEzYjQtMzA4N2Y4NmE2M2Fi
LzEveGdXSEdJbTUzS19uN0RFMnJ0SGRfdUxmdkgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgWSgTAN
BgkqhkiG9w0BAQsFAAOCAQEAQJX7+IF8Ge5Rk2jEPKJMrAfvuQlRDV3Kb5OTb+B4
lSJS/LASjlEfrIPuUVjTi9HeHCPROT+deQx+qUwGqXZMY3gEc7m0oNmRklQfi7TJ
GAXiuyzNfnAiFwb2pculxXCyOvYv4DZjFG7h83csk4VvsPY5S4MpDKo7tKq+QdgI
mhSzK9iGOeK6xnxA1tr5EAK11chx3si+tkUdzTqEJwMlbCtWTPpszq3Q6nNRTsDY
Z+iO72jrXa6lo5Y5werLwk9Y/ZTm2cBouGqVptbET9URkSKZIkinMcIE+p7rljTG
qC6zQlCft4BNkIEQb5y9iZs1wi3uMD+NVOEjjiz/i5k+HA==
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:08:29 2024 by rpki-client on console-fra.rpki-client.org