Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/YxOtOgnU8cB_r8ppQ7zt7Yn1h8E.roa
File: YxOtOgnU8cB_r8ppQ7zt7Yn1h8E.roa (raw, json)
Hash identifier: hJKrCqMArUUFLmdCBbP2zXvFwtLGr52qkPC83BZ9tdo=
Subject key identifier: 63:13:AD:3A:09:D4:F1:C0:7F:AF:CA:69:43:BC:ED:ED:89:F5:87:C1
Certificate issuer: /CN=d604e49e928305abcb8f32def3fefc03ebbcde44
Certificate serial: 018CC424EDE50E256366FF7F3266972E2D4C
Authority key identifier: D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/YxOtOgnU8cB_r8ppQ7zt7Yn1h8E.roa
Signing time: Mon 01 Jan 2024 08:30:03 +0000
ROA not before: Mon 01 Jan 2024 08:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 141.19.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ed:e5:0e:25:63:66:ff:7f:32:66:97:2e:2d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d604e49e928305abcb8f32def3fefc03ebbcde44
Validity
Not Before: Jan 1 08:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6313ad3a09d4f1c07fafca6943bceded89f587c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:39:aa:ee:2c:6a:f9:d8:61:ab:75:24:2c:c0:
d9:73:aa:15:67:7e:16:96:d9:47:30:22:36:0a:f4:
93:15:fa:bf:d2:a7:bd:0f:2b:08:bd:53:58:61:c1:
b2:b3:23:19:58:31:f5:96:d4:95:09:1b:61:16:8c:
6d:9c:38:ed:d6:6e:99:b4:ca:ff:50:fa:5b:92:84:
2c:80:29:7e:7e:7b:56:21:84:df:8a:eb:f4:a0:6d:
d9:f2:09:ea:65:f3:b8:af:90:c3:4a:1b:5f:01:7e:
9a:a4:4e:9c:f5:65:5b:02:cf:11:d8:66:2d:ba:a0:
38:e5:a6:ce:24:6d:0f:29:bf:ae:de:99:5b:0d:16:
85:65:8f:30:f7:10:1c:58:94:e0:fb:68:5b:31:ad:
1d:d4:6d:90:3a:b4:9a:c5:48:e1:92:39:2a:8c:02:
55:fc:72:5a:b7:c5:ff:73:b9:60:f3:b1:c3:73:cc:
9c:70:80:89:b5:5e:ee:9c:4f:b4:2d:f8:30:d6:dd:
65:4c:d7:6f:ae:6c:c7:0e:b7:8e:d6:b8:d3:1f:87:
bd:c5:4a:ab:00:63:42:ec:5c:7a:0a:fa:3f:35:51:
d5:bd:33:dd:3e:0e:b6:a2:1f:a4:ef:51:ce:d1:df:
34:0a:4e:63:4f:ab:db:88:23:68:59:18:e8:04:b0:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:13:AD:3A:09:D4:F1:C0:7F:AF:CA:69:43:BC:ED:ED:89:F5:87:C1
X509v3 Authority Key Identifier:
keyid:D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/YxOtOgnU8cB_r8ppQ7zt7Yn1h8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.19.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:d6:f7:2c:b2:ba:5a:af:02:78:cf:34:92:e4:60:cb:c5:94:
69:d1:3c:ec:4a:b0:f7:e7:11:c7:da:6c:d4:c7:c0:e4:44:cb:
26:bb:8e:ff:c3:eb:4c:6b:62:c1:30:88:92:14:ae:50:38:ef:
78:e0:73:c8:08:8f:3e:16:e7:49:ef:c8:b7:be:f3:fc:5f:8d:
55:d7:fb:34:04:7e:66:c6:ef:11:3c:00:2c:fa:e8:e9:fa:86:
e5:a6:7e:3c:47:7d:88:6b:6d:48:65:35:a0:f2:03:5a:f0:4c:
73:5b:f6:f2:b5:c5:09:e3:75:40:13:ee:ce:bd:94:d7:19:21:
5e:fb:c3:75:60:00:03:76:d7:2f:3b:99:fb:29:6b:8a:7f:e2:
16:1c:96:b6:3f:79:9f:06:ec:57:27:68:c1:75:09:83:2e:9d:
a0:e4:a8:ec:98:19:c3:d4:e4:7b:5f:c7:74:70:86:3c:c7:3e:
9a:72:08:18:5a:f0:bb:7e:40:93:71:71:73:b8:a4:90:cc:67:
e5:e2:d3:d4:ad:e5:e5:c3:3d:f8:c5:f4:d4:c5:ae:ac:80:1a:
e3:06:32:fc:32:5c:32:65:7a:04:b8:b9:71:f8:c0:54:97:9d:
fc:e1:d6:b5:03:3d:d8:b1:05:1f:49:2e:52:77:b7:a1:86:2c:
6b:13:df:e6
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzEJO3lDiVjZv9/MmaXLi1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDRlNDllOTI4MzA1YWJjYjhmMzJkZWYzZmVmYzAzZWJi
Y2RlNDQwHhcNMjQwMTAxMDgzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzEzYWQzYTA5ZDRmMWMwN2ZhZmNhNjk0M2JjZWRlZDg5ZjU4N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTmq7ixq+dhhq3UkLMDZc6oVZ34W
ltlHMCI2CvSTFfq/0qe9DysIvVNYYcGysyMZWDH1ltSVCRthFoxtnDjt1m6ZtMr/
UPpbkoQsgCl+fntWIYTfiuv0oG3Z8gnqZfO4r5DDShtfAX6apE6c9WVbAs8R2GYt
uqA45abOJG0PKb+u3plbDRaFZY8w9xAcWJTg+2hbMa0d1G2QOrSaxUjhkjkqjAJV
/HJat8X/c7lg87HDc8yccICJtV7unE+0Lfgw1t1lTNdvrmzHDreO1rjTH4e9xUqr
AGNC7Fx6Cvo/NVHVvTPdPg62oh+k71HO0d80Ck5jT6vbiCNoWRjoBLDdDwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGMTrToJ1PHAf6/KaUO87e2J9YfBMB8GA1UdIwQY
MBaAFNYE5J6SgwWry48y3vP+/APrvN5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgt
MDNjODIxNTc0MjFhLzEvWXhPdE9nblU4Y0JfcjhwcFE3enQ3WW4xaDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgtMDNjODIxNTc0MjFh
LzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjRMwDQYJ
KoZIhvcNAQELBQADggEBAEDW9yyyulqvAnjPNJLkYMvFlGnRPOxKsPfnEcfabNTH
wOREyya7jv/D60xrYsEwiJIUrlA473jgc8gIjz4W50nvyLe+8/xfjVXX+zQEfmbG
7xE8ACz66On6huWmfjxHfYhrbUhlNaDyA1rwTHNb9vK1xQnjdUAT7s69lNcZIV77
w3VgAAN21y87mfspa4p/4hYclrY/eZ8G7FcnaMF1CYMunaDkqOyYGcPU5Htfx3Rw
hjzHPppyCBha8Lt+QJNxcXO4pJDMZ+Xi09St5eXDPfjF9NTFrqyAGuMGMvwyXDJl
egS4uXH4wFSXnfzh1rUDPdixBR9JLlJ3t6GGLGsT3+Y=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:56 2024 by rpki-client on console-fra.rpki-client.org