Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/wdY7B3V9XS1CZUDoU2a5BrVJlr8.roa
File: wdY7B3V9XS1CZUDoU2a5BrVJlr8.roa (raw, json)
Hash identifier: jFftvx4CTiex3RcMEYvAQ+mjIyNb26owXYCn6TVFiNI=
Subject key identifier: C1:D6:3B:07:75:7D:5D:2D:42:65:40:E8:53:66:B9:06:B5:49:96:BF
Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Certificate serial: 018CCA299523713B58B03ED6FB9053B2C9CC
Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/wdY7B3V9XS1CZUDoU2a5BrVJlr8.roa
Signing time: Tue 02 Jan 2024 12:32:51 +0000
ROA not before: Tue 02 Jan 2024 12:32:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a11:9c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:95:23:71:3b:58:b0:3e:d6:fb:90:53:b2:c9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Validity
Not Before: Jan 2 12:32:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1d63b07757d5d2d426540e85366b906b54996bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ca:00:01:50:13:63:f0:54:db:19:75:a3:62:
7f:a7:1a:c4:10:1e:3c:f9:92:82:5f:67:09:96:30:
1b:7c:64:25:93:dd:60:f2:34:b2:df:d5:eb:7c:b6:
18:24:f1:83:94:5f:8a:ed:45:23:e6:24:64:6a:63:
b5:7b:2d:d1:a5:da:57:e5:6b:aa:cf:17:3d:3d:2f:
ac:1a:34:8a:48:50:0f:3d:24:71:a7:30:8c:ef:69:
88:2a:61:dd:ef:be:e9:93:88:17:e0:ac:fb:26:20:
8d:41:3e:37:2c:8f:9a:9c:61:38:70:0b:59:50:9f:
2e:2e:be:f3:37:c6:d5:66:05:92:35:55:31:6b:c6:
3a:4b:64:04:a0:ff:64:c7:10:c9:1d:3c:0a:1b:6d:
38:47:f3:73:8e:e6:25:01:9c:76:0c:e7:62:91:52:
ff:83:f1:f6:10:b8:12:8b:a8:35:6e:ff:10:39:3f:
90:12:b9:eb:01:54:12:bf:6b:5d:78:ac:b2:84:f7:
c0:14:7b:b5:c0:b0:ea:59:39:c0:a6:1d:e4:7e:7d:
02:8d:03:67:78:7a:a2:a0:18:75:a2:e1:2a:9f:9b:
fb:59:eb:a8:76:b6:66:e6:62:c2:1a:a2:5a:65:5f:
c1:08:07:c0:4f:d8:53:5a:0e:05:d5:5c:52:84:06:
59:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:D6:3B:07:75:7D:5D:2D:42:65:40:E8:53:66:B9:06:B5:49:96:BF
X509v3 Authority Key Identifier:
keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/wdY7B3V9XS1CZUDoU2a5BrVJlr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
7a:dc:22:c2:2b:ac:a4:8b:7c:f5:19:ca:c1:3c:95:7f:d7:76:
e0:cc:cb:11:03:ce:ea:ca:c3:47:44:d5:da:b2:96:35:ac:43:
a0:a9:ec:f9:0f:11:5f:97:5e:12:2a:24:e2:69:15:51:95:31:
31:71:69:6f:2c:0d:54:c7:61:ee:c0:6f:63:4a:46:a8:12:83:
bb:66:0a:cf:20:ba:b9:99:b4:37:cb:dc:63:2f:ee:0b:20:5c:
a9:8f:da:20:ca:f1:ee:eb:13:77:ea:9f:71:40:87:99:84:b3:
66:19:8f:91:4d:f6:88:6d:d7:62:0d:4e:e1:5a:fc:87:ae:fa:
36:0a:bc:82:7a:30:aa:5e:e3:de:a2:0a:33:c8:0a:67:7c:4c:
22:dc:9d:a2:79:f3:4d:d2:94:51:1c:32:5a:b8:d5:56:37:1b:
19:10:91:f7:61:93:12:39:0a:6c:6d:a8:61:02:d5:5f:2f:5e:
7b:7e:62:dc:75:bf:85:42:55:fe:8b:b9:fe:92:65:77:54:43:
ef:b5:4f:ff:9c:23:5b:af:91:b4:3b:fa:27:de:42:79:93:f3:
51:e0:b9:ec:ac:a6:5c:bf:13:cd:82:81:35:63:11:eb:af:e8:
2c:8f:e3:25:e9:95:1a:9c:46:81:14:6b:a8:a9:0f:26:97:69:
a6:08:b2:99
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKZUjcTtYsD7W+5BTssnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZhNmJlM2Y1YzM4ZjRiYjdlMDYyYjY3MDc3NDdmNDk2
MWEwNDgwHhcNMjQwMTAyMTIzMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWQ2M2IwNzc1N2Q1ZDJkNDI2NTQwZTg1MzY2YjkwNmI1NDk5NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsoAAVATY/BU2xl1o2J/pxrEEB48
+ZKCX2cJljAbfGQlk91g8jSy39XrfLYYJPGDlF+K7UUj5iRkamO1ey3RpdpX5Wuq
zxc9PS+sGjSKSFAPPSRxpzCM72mIKmHd777pk4gX4Kz7JiCNQT43LI+anGE4cAtZ
UJ8uLr7zN8bVZgWSNVUxa8Y6S2QEoP9kxxDJHTwKG204R/NzjuYlAZx2DOdikVL/
g/H2ELgSi6g1bv8QOT+QErnrAVQSv2tdeKyyhPfAFHu1wLDqWTnAph3kfn0CjQNn
eHqioBh1ouEqn5v7WeuodrZm5mLCGqJaZV/BCAfAT9hTWg4F1VxShAZZLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMHWOwd1fV0tQmVA6FNmuQa1SZa/MB8GA1UdIwQY
MBaAFNNPpr4/XDj0u34GK2cHdH9JYaBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEt
OTgxMTg0ZGVlMTMxLzEvd2RZN0IzVjlYUzFDWlVEb1UyYTVCclZKbHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEtOTgxMTg0ZGVlMTMx
LzEvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAetwiwiuspIt89RnKwTyVf9d24MzLEQPO6srDR0TV
2rKWNaxDoKns+Q8RX5deEiok4mkVUZUxMXFpbywNVMdh7sBvY0pGqBKDu2YKzyC6
uZm0N8vcYy/uCyBcqY/aIMrx7usTd+qfcUCHmYSzZhmPkU32iG3XYg1O4Vr8h676
Ngq8gnowql7j3qIKM8gKZ3xMItydonnzTdKUURwyWrjVVjcbGRCR92GTEjkKbG2o
YQLVXy9ee35i3HW/hUJV/ou5/pJld1RD77VP/5wjW6+RtDv6J95CeZPzUeC57Kym
XL8TzYKBNWMR66/oLI/jJemVGpxGgRRrqKkPJpdppgiymQ==
-----END CERTIFICATE-----
Generated at Thu May 2 08:57:50 2024 by rpki-client on console-fra.rpki-client.org