Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/6b-FIqSVwRpiO4sj8kOVJLzcmwM.roa
File: 6b-FIqSVwRpiO4sj8kOVJLzcmwM.roa (raw, json)
Hash identifier: V+LarSb2aaxxFMaRD2Nhc82+hZWb6z+a519wZhaA3zI=
Subject key identifier: E9:BF:85:22:A4:95:C1:1A:62:3B:8B:23:F2:43:95:24:BC:DC:9B:03
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018F5883B1126FCFA1F94268B873577D6149
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/6b-FIqSVwRpiO4sj8kOVJLzcmwM.roa
Signing time: Wed 08 May 2024 14:02:56 +0000
ROA not before: Wed 08 May 2024 14:02:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a12:6740::/29 maxlen: 30
2a12:8ec0::/29 maxlen: 30
2a12:ccc0::/29 maxlen: 30
2a12:d3c0::/29 maxlen: 30
2a12:e240::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:83:b1:12:6f:cf:a1:f9:42:68:b8:73:57:7d:61:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: May 8 14:02:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9bf8522a495c11a623b8b23f2439524bcdc9b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a8:94:3f:15:fb:5b:1e:3b:dd:3d:e4:7c:b0:
51:dc:34:2c:dd:ef:38:70:c8:68:2e:f0:49:72:0c:
ec:e9:dc:aa:e3:d4:84:3b:d7:00:c8:d4:e2:9c:3b:
ca:bd:5b:50:a5:f6:f6:85:89:54:ab:1b:f0:1a:d1:
d0:20:d9:0f:02:64:48:56:73:86:18:d6:8f:74:2b:
83:db:24:c8:bf:30:6d:05:ac:c3:69:81:83:73:90:
99:b9:c1:ec:a9:7b:3e:e1:bc:0b:77:75:ba:76:a1:
6b:bc:2e:55:63:20:d3:ce:f2:79:ef:4f:4c:c1:e4:
ad:ad:4e:e6:8c:5e:9b:aa:5b:86:67:0c:ed:8d:50:
e2:ab:ad:22:65:97:dc:83:e7:c4:e4:b9:7c:8e:8e:
eb:fe:da:ee:08:08:0f:95:5b:44:37:d1:8f:b2:55:
55:6b:ee:6d:a2:e5:31:d7:04:66:d5:83:da:41:e6:
81:4b:7d:cb:a3:72:48:40:f4:b6:5f:67:8c:17:e8:
1c:9a:d8:cf:52:a3:74:f6:11:75:47:ba:c5:04:43:
70:28:89:7d:4b:43:84:8c:b3:97:ea:a0:16:3e:b2:
e9:ec:dc:12:f8:89:0b:7c:73:fb:ac:f0:e3:27:63:
f4:c3:fd:e5:30:2c:d0:3f:ea:1a:39:85:d1:aa:d0:
bc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:BF:85:22:A4:95:C1:1A:62:3B:8B:23:F2:43:95:24:BC:DC:9B:03
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/6b-FIqSVwRpiO4sj8kOVJLzcmwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
Signature Algorithm: sha256WithRSAEncryption
10:ca:8c:66:fc:3d:c5:bb:a5:88:ac:d0:f5:fe:da:e1:eb:ba:
2b:03:85:80:8b:0c:23:d9:92:d9:a2:17:30:9f:7b:e7:83:25:
10:fc:d0:08:ec:18:e0:5e:c6:94:da:10:85:99:d0:13:db:23:
ee:81:f4:87:08:6c:54:58:8f:8e:b8:98:f5:53:b2:9b:a3:1a:
0d:f7:f3:1e:43:fe:34:9a:f7:f3:fd:8b:58:22:25:43:00:b6:
ca:99:6b:62:ae:a3:ca:21:55:87:d6:3f:b9:12:36:9e:a2:fd:
58:dc:2f:b3:32:ff:56:42:2c:b1:9a:2b:84:9b:74:2c:01:ac:
61:86:76:35:5f:2e:ca:20:5f:ea:21:0e:58:bc:c8:63:1e:f7:
6b:eb:6d:a0:58:b7:6e:39:ec:68:4a:c6:eb:ec:41:eb:13:9a:
0f:71:43:a5:88:17:a4:1e:6b:ad:23:c7:ad:0f:be:9f:94:5b:
e0:6d:f4:e3:50:b3:6d:c7:90:03:1c:4d:95:ae:54:d7:2b:97:
a0:3b:6a:e7:01:41:52:b4:32:38:ff:ca:85:d6:d9:2a:ab:00:
fd:a1:f7:e7:ba:b4:cf:10:79:a7:ff:76:05:89:54:2c:ac:ec:
3f:37:b7:44:ff:2e:35:be:15:3e:33:dd:ee:34:37:2f:e8:6e:
17:d5:fe:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY9Yg7ESb8+h+UJouHNXfWFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNTA4MTQwMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWJmODUyMmE0OTVjMTFhNjIzYjhiMjNmMjQzOTUyNGJjZGM5YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaiUPxX7Wx473T3kfLBR3DQs3e84
cMhoLvBJcgzs6dyq49SEO9cAyNTinDvKvVtQpfb2hYlUqxvwGtHQINkPAmRIVnOG
GNaPdCuD2yTIvzBtBazDaYGDc5CZucHsqXs+4bwLd3W6dqFrvC5VYyDTzvJ5709M
weStrU7mjF6bqluGZwztjVDiq60iZZfcg+fE5Ll8jo7r/truCAgPlVtEN9GPslVV
a+5touUx1wRm1YPaQeaBS33Lo3JIQPS2X2eMF+gcmtjPUqN09hF1R7rFBENwKIl9
S0OEjLOX6qAWPrLp7NwS+IkLfHP7rPDjJ2P0w/3lMCzQP+oaOYXRqtC81wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOm/hSKklcEaYjuLI/JDlSS83JsDMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvNmItRklxU1Z3UnBpTzRzajhrT1ZKTHpjbXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhJnQAMF
AyoSjsADBQMqEszAAwUDKhLTwAMFAyoS4kAwDQYJKoZIhvcNAQELBQADggEBABDK
jGb8PcW7pYis0PX+2uHruisDhYCLDCPZktmiFzCfe+eDJRD80AjsGOBexpTaEIWZ
0BPbI+6B9IcIbFRYj464mPVTspujGg338x5D/jSa9/P9i1giJUMAtsqZa2Kuo8oh
VYfWP7kSNp6i/VjcL7My/1ZCLLGaK4SbdCwBrGGGdjVfLsogX+ohDli8yGMe92vr
baBYt2457GhKxuvsQesTmg9xQ6WIF6Qea60jx60Pvp+UW+Bt9ONQs23HkAMcTZWu
VNcrl6A7aucBQVK0Mjj/yoXW2SqrAP2h9+e6tM8Qeaf/dgWJVCys7D83t0T/LjW+
FT4z3e40Ny/obhfV/pw=
-----END CERTIFICATE-----
Generated at Mon May 20 20:08:03 2024 by rpki-client on console-ams.rpki-client.org