Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/fHWNHAXNZAZXVt-ZFMB3ENVnY9Y.roa
File: fHWNHAXNZAZXVt-ZFMB3ENVnY9Y.roa (raw, json)
Hash identifier: bndX1rUjPM1IInEuSXfoZ0MT9WVnUeyYHmYWrDfUD14=
Subject key identifier: 7C:75:8D:1C:05:CD:64:06:57:56:DF:99:14:C0:77:10:D5:67:63:D6
Certificate issuer: /CN=53c912a0411bb0174507092d0ca35a91ad79905c
Certificate serial: 018CC493646EDDBC3A418F82D36470B29314
Authority key identifier: 53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/fHWNHAXNZAZXVt-ZFMB3ENVnY9Y.roa
Signing time: Mon 01 Jan 2024 10:30:43 +0000
ROA not before: Mon 01 Jan 2024 10:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28878
IP address blocks: 2a07:cb84::/32 maxlen: 32
2a07:cb82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:64:6e:dd:bc:3a:41:8f:82:d3:64:70:b2:93:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53c912a0411bb0174507092d0ca35a91ad79905c
Validity
Not Before: Jan 1 10:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c758d1c05cd64065756df9914c07710d56763d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d0:c3:88:71:01:00:b3:6a:fd:c6:a3:95:3c:
89:1d:d7:dc:e1:a5:e4:ac:08:2b:6b:78:b1:a7:ce:
54:93:2a:76:57:f8:9f:79:9c:8c:bd:9a:96:c3:55:
09:ad:30:0a:09:38:c8:ac:65:97:4c:45:d8:c4:7e:
31:96:30:c2:ac:a7:49:33:73:16:93:9a:92:b7:b7:
9e:05:4c:33:20:4f:ef:d8:cd:9b:9a:49:82:2f:d5:
7e:e8:99:ac:1a:35:8c:02:e0:3c:be:1e:f5:d5:6a:
6d:5f:05:f6:88:7f:49:07:67:51:9e:b2:b2:ab:09:
5b:03:3c:32:4b:87:e3:b2:22:c9:8d:fe:86:ff:cb:
8a:d6:ef:fa:ee:aa:f7:38:8f:65:0c:b0:3e:ed:fb:
2f:82:62:e9:d9:ff:e2:a6:b3:da:1c:e1:12:29:c6:
6b:a6:07:94:7c:f8:8c:12:a9:31:6f:ed:91:44:e1:
81:56:d7:23:1d:42:48:fa:0d:bf:a5:b7:2d:35:65:
57:7d:3b:52:ab:6a:14:eb:c1:00:42:1d:a5:e3:d6:
8e:ac:1c:c9:b7:49:71:3b:2f:31:b2:62:c0:dc:e0:
64:d6:40:68:dc:d4:e6:4d:ff:0e:ad:ca:91:74:46:
db:b9:96:f3:25:5f:61:24:bd:41:d7:13:99:b9:20:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:75:8D:1C:05:CD:64:06:57:56:DF:99:14:C0:77:10:D5:67:63:D6
X509v3 Authority Key Identifier:
keyid:53:C9:12:A0:41:1B:B0:17:45:07:09:2D:0C:A3:5A:91:AD:79:90:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8kSoEEbsBdFBwktDKNaka15kFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/fHWNHAXNZAZXVt-ZFMB3ENVnY9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/d77e60-8916-4f96-8ed0-e21c436b62ef/1/U8kSoEEbsBdFBwktDKNaka15kFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:cb82::/32
2a07:cb84::/32
Signature Algorithm: sha256WithRSAEncryption
01:bb:a1:e4:92:21:57:ae:c5:9b:6d:91:e1:95:a2:b9:be:0b:
92:34:8c:90:65:51:45:f4:3b:af:7a:e7:96:c6:62:d7:01:b2:
71:ef:22:d2:a3:b8:56:a2:7d:27:40:92:4c:e4:c1:a0:37:d1:
f0:d7:0e:0c:0b:e2:49:24:5e:7e:23:a6:fc:68:cf:b0:0d:7d:
63:10:45:e8:21:27:c4:2a:7e:68:40:38:c0:ca:0a:8d:61:f3:
ed:71:bd:d6:c8:ba:18:01:f9:a1:92:da:2c:27:5c:3c:7a:5b:
44:21:13:01:a5:19:f9:7d:fb:8e:b4:15:35:cb:6c:bf:c0:2b:
b0:bb:19:dd:4e:63:c7:bb:36:28:ea:63:63:c2:e8:5e:8d:97:
a0:d0:5b:7f:8c:38:31:d6:99:cb:46:8f:c8:ee:d8:f5:84:3e:
83:f7:12:90:72:36:72:e0:a6:da:73:5f:eb:0c:eb:c5:49:fd:
59:e0:f9:63:12:e5:45:c7:6f:9e:18:4b:cf:82:7b:13:9a:14:
e8:5c:d2:6f:3a:5a:ba:70:cb:02:4d:81:c9:af:c0:53:30:11:
66:d4:a7:e7:8d:57:2a:cd:cb:ff:fa:71:4c:0e:77:c2:41:6f:
ae:b6:c4:76:4d:1b:71:1f:df:3e:55:fb:16:1f:ec:2c:c2:a3:
d7:ad:bc:23
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEk2Ru3bw6QY+C02RwspMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzkxMmEwNDExYmIwMTc0NTA3MDkyZDBjYTM1YTkxYWQ3
OTkwNWMwHhcNMjQwMTAxMTAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc1OGQxYzA1Y2Q2NDA2NTc1NmRmOTkxNGMwNzcxMGQ1Njc2M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtDDiHEBALNq/cajlTyJHdfc4aXk
rAgra3ixp85Ukyp2V/ifeZyMvZqWw1UJrTAKCTjIrGWXTEXYxH4xljDCrKdJM3MW
k5qSt7eeBUwzIE/v2M2bmkmCL9V+6JmsGjWMAuA8vh711WptXwX2iH9JB2dRnrKy
qwlbAzwyS4fjsiLJjf6G/8uK1u/67qr3OI9lDLA+7fsvgmLp2f/iprPaHOESKcZr
pgeUfPiMEqkxb+2RROGBVtcjHUJI+g2/pbctNWVXfTtSq2oU68EAQh2l49aOrBzJ
t0lxOy8xsmLA3OBk1kBo3NTmTf8OrcqRdEbbuZbzJV9hJL1B1xOZuSDsKwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHx1jRwFzWQGV1bfmRTAdxDVZ2PWMB8GA1UdIwQY
MBaAFFPJEqBBG7AXRQcJLQyjWpGteZBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAt
ZTIxYzQzNmI2MmVmLzEvZkhXTkhBWE5aQVpYVnQtWkZNQjNFTlZuWTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9kNzdlNjAtODkxNi00Zjk2LThlZDAtZTIxYzQzNmI2MmVm
LzEvVThrU29FRWJzQmRGQndrdERLTmFrYTE1a0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgfLggMF
ACoHy4QwDQYJKoZIhvcNAQELBQADggEBAAG7oeSSIVeuxZttkeGVorm+C5I0jJBl
UUX0O69655bGYtcBsnHvItKjuFaifSdAkkzkwaA30fDXDgwL4kkkXn4jpvxoz7AN
fWMQReghJ8QqfmhAOMDKCo1h8+1xvdbIuhgB+aGS2iwnXDx6W0QhEwGlGfl9+460
FTXLbL/AK7C7Gd1OY8e7NijqY2PC6F6Nl6DQW3+MODHWmctGj8ju2PWEPoP3EpBy
NnLgptpzX+sM68VJ/Vng+WMS5UXHb54YS8+CexOaFOhc0m86WrpwywJNgcmvwFMw
EWbUp+eNVyrNy//6cUwOd8JBb662xHZNG3Ef3z5V+xYf7CzCo9etvCM=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:49:19 2024 by rpki-client on console-fra.rpki-client.org