Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Yq3FCaUSt6fd6OOQHrvzuYqjHKA.roa
File: Yq3FCaUSt6fd6OOQHrvzuYqjHKA.roa (raw, json)
Hash identifier: 8Vi95uCswqZPWlXsgZXfBArujKBxn48dWe9rDr6vq94=
Subject key identifier: 62:AD:C5:09:A5:12:B7:A7:DD:E8:E3:90:1E:BB:F3:B9:8A:A3:1C:A0
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018CC501175B4AD1CE9907D41F184A3B40AE
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Yq3FCaUSt6fd6OOQHrvzuYqjHKA.roa
Signing time: Mon 01 Jan 2024 12:30:32 +0000
ROA not before: Mon 01 Jan 2024 12:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 2a0e:eb45::/32 maxlen: 32
2a0c:9e05::/32 maxlen: 32
2a0e:eb46::/32 maxlen: 32
2a0e:eb41::/32 maxlen: 32
2a0e:eb43::/32 maxlen: 32
2a0e:eb47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:17:5b:4a:d1:ce:99:07:d4:1f:18:4a:3b:40:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 12:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62adc509a512b7a7dde8e3901ebbf3b98aa31ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b1:c3:9d:59:b1:52:3f:49:1e:4c:e3:cb:06:
c3:fd:7d:d8:e8:21:37:32:7c:bd:96:e3:93:e5:ab:
82:f2:8d:ef:50:03:37:c3:c3:f2:9f:67:4d:3d:ad:
d8:19:f2:2d:31:24:69:86:f1:49:94:d2:80:14:63:
7f:60:7f:2c:94:d2:b6:40:c1:3a:89:de:da:0c:09:
ea:be:d9:43:d5:c6:ba:82:8a:1b:0f:d5:9c:a6:8e:
0f:1c:eb:32:b2:7f:9c:50:d4:a7:c7:46:5a:ca:31:
d0:10:6d:8f:c5:21:90:5f:5c:ff:f8:a3:53:67:0d:
39:ac:2a:7a:49:1d:33:21:55:01:ad:81:32:ba:ef:
a8:03:bc:12:31:19:f9:cb:38:d9:2c:e8:8e:33:7a:
e8:91:a0:be:9f:af:cd:89:6d:a4:af:97:e1:8f:32:
d7:d6:9d:90:4f:6e:49:48:b5:5d:d2:14:76:be:17:
98:bb:79:92:cc:e6:a8:e1:79:61:0d:60:c8:5c:e4:
4c:a0:7e:df:d1:be:84:1b:6c:7f:4b:08:b1:ae:5a:
c5:31:63:a6:b9:8c:cf:08:69:7d:4f:a3:bf:a3:e7:
14:b6:fe:61:7e:1e:c3:28:c4:96:1e:66:db:17:77:
14:c6:c8:d4:08:7b:fe:9d:54:0c:52:ae:31:6d:da:
d7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AD:C5:09:A5:12:B7:A7:DD:E8:E3:90:1E:BB:F3:B9:8A:A3:1C:A0
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Yq3FCaUSt6fd6OOQHrvzuYqjHKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9e05::/32
2a0e:eb41::/32
2a0e:eb43::/32
2a0e:eb45::-2a0e:eb47:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:dd:21:2f:29:7d:f1:1d:db:80:61:68:12:33:0a:1e:20:88:
de:7d:d3:9f:4d:35:51:80:f5:c0:27:18:0f:3d:a2:e3:b0:ba:
59:ba:8a:a9:d2:78:c7:bd:e5:5c:93:20:20:2e:2f:cc:d1:9a:
ea:79:c7:f3:db:49:fa:13:73:9e:97:68:2d:6f:bc:1b:a4:f3:
db:12:12:09:f7:ab:ea:13:32:34:8c:44:82:bf:9e:4b:12:bb:
62:70:ca:48:ca:33:fc:47:01:bf:36:ec:21:0f:f0:30:f0:ac:
fb:43:73:de:aa:ee:43:9a:2b:e2:9b:66:e1:3a:6a:65:31:4c:
e2:cc:cd:40:4d:51:19:f9:c7:33:c8:4e:42:04:b7:7d:76:15:
69:be:aa:d1:37:17:75:da:3f:8b:85:d1:25:54:a6:49:45:11:
60:80:d8:aa:78:5f:e6:85:e7:1f:67:bd:67:16:8f:32:d3:81:
31:d8:d6:68:f7:32:e6:64:e8:6e:00:b9:3f:e4:0b:25:b2:9a:
83:4f:29:16:6b:78:13:74:7e:04:83:96:b7:e4:1e:69:3c:85:
62:aa:f7:05:38:dc:b9:67:66:0e:79:f6:c7:f3:4b:89:2d:6f:
6d:47:66:1e:34:37:90:5d:cb:df:89:88:bb:a2:13:a4:1a:4d:
49:94:ab:ed
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzFARdbStHOmQfUHxhKO0CuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwMTAxMTIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmFkYzUwOWE1MTJiN2E3ZGRlOGUzOTAxZWJiZjNiOThhYTMxY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrHDnVmxUj9JHkzjywbD/X3Y6CE3
Mny9luOT5auC8o3vUAM3w8Pyn2dNPa3YGfItMSRphvFJlNKAFGN/YH8slNK2QME6
id7aDAnqvtlD1ca6goobD9Wcpo4PHOsysn+cUNSnx0ZayjHQEG2PxSGQX1z/+KNT
Zw05rCp6SR0zIVUBrYEyuu+oA7wSMRn5yzjZLOiOM3rokaC+n6/NiW2kr5fhjzLX
1p2QT25JSLVd0hR2vheYu3mSzOao4XlhDWDIXORMoH7f0b6EG2x/SwixrlrFMWOm
uYzPCGl9T6O/o+cUtv5hfh7DKMSWHmbbF3cUxsjUCHv+nVQMUq4xbdrXRQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFGKtxQmlEren3ejjkB6787mKoxygMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWXEzRkNhVVN0NmZkNk9PUUhydnp1WXFqSEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAKgyeBQMF
ACoO60EDBQAqDutDMA4DBQAqDutFAwUDKg7rQDANBgkqhkiG9w0BAQsFAAOCAQEA
pt0hLyl98R3bgGFoEjMKHiCI3n3Tn001UYD1wCcYDz2i47C6WbqKqdJ4x73lXJMg
IC4vzNGa6nnH89tJ+hNznpdoLW+8G6Tz2xISCfer6hMyNIxEgr+eSxK7YnDKSMoz
/EcBvzbsIQ/wMPCs+0Nz3qruQ5or4ptm4TpqZTFM4szNQE1RGfnHM8hOQgS3fXYV
ab6q0TcXddo/i4XRJVSmSUURYIDYqnhf5oXnH2e9ZxaPMtOBMdjWaPcy5mTobgC5
P+QLJbKag08pFmt4E3R+BIOWt+QeaTyFYqr3BTjcuWdmDnn2x/NLiS1vbUdmHjQ3
kF3L34mIu6ITpBpNSZSr7Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:50:55 2024 by rpki-client on console-fra.rpki-client.org