Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/yxcAa88C4fDvrPgfLGVac5AT0p0.roa
File: yxcAa88C4fDvrPgfLGVac5AT0p0.roa (raw, json)
Hash identifier: fntuugOz+3akrKBWRer5Ua4hUZf97mfltkHqaFB+jrw=
Subject key identifier: CB:17:00:6B:CF:02:E1:F0:EF:AC:F8:1F:2C:65:5A:73:90:13:D2:9D
Certificate issuer: /CN=87de085975de6588e07fed135513aa38acedb763
Certificate serial: 018CC5DBE472E159F075760AC9FCBCAD729D
Authority key identifier: 87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/yxcAa88C4fDvrPgfLGVac5AT0p0.roa
Signing time: Mon 01 Jan 2024 16:29:31 +0000
ROA not before: Mon 01 Jan 2024 16:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 2001:67c:2350::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e4:72:e1:59:f0:75:76:0a:c9:fc:bc:ad:72:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87de085975de6588e07fed135513aa38acedb763
Validity
Not Before: Jan 1 16:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb17006bcf02e1f0efacf81f2c655a739013d29d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5c:a1:a2:92:5e:c2:64:04:e6:47:f3:01:f6:
6c:1b:eb:94:70:25:d5:30:95:cd:8e:94:0c:c2:a4:
69:69:e7:d1:a0:c8:2d:07:ed:8e:5a:90:6c:2c:e1:
63:9b:61:0b:25:64:6e:b4:9e:10:5a:56:1b:9d:1d:
60:05:ff:ee:09:cb:8c:b1:d2:aa:a9:47:78:9f:b8:
20:dc:20:c3:ae:4c:d4:e4:7a:6e:27:3c:98:ff:bd:
45:1d:31:31:75:fe:f7:04:9a:dc:14:2c:00:da:4b:
4c:a3:58:b6:ec:1c:8c:28:a2:0e:8f:64:f7:51:ba:
23:b8:c9:2c:f2:34:f5:d4:8a:10:5d:ec:12:70:be:
49:00:9f:a2:f5:24:1e:af:1e:2a:4d:a8:be:29:8d:
94:95:cf:ae:5c:51:e3:56:3b:d7:23:e4:9e:b1:4b:
c8:d1:53:55:1d:3f:ee:c4:d9:4c:de:46:19:97:da:
50:50:08:71:7c:6a:5f:f6:5f:e7:0c:6e:04:ef:b5:
f7:08:58:4f:6b:e6:82:02:36:4f:80:1e:18:63:46:
84:43:b0:de:53:52:3a:19:23:62:da:ee:02:27:91:
73:c1:b3:ed:d3:05:b2:fd:58:4d:d5:fc:67:71:ac:
41:df:8e:05:de:fc:f2:fc:82:33:ed:e2:c3:10:ea:
d3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:17:00:6B:CF:02:E1:F0:EF:AC:F8:1F:2C:65:5A:73:90:13:D2:9D
X509v3 Authority Key Identifier:
keyid:87:DE:08:59:75:DE:65:88:E0:7F:ED:13:55:13:AA:38:AC:ED:B7:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h94IWXXeZYjgf-0TVROqOKztt2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/yxcAa88C4fDvrPgfLGVac5AT0p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/04ef71-f122-47ce-8a40-cc0f9707140e/1/h94IWXXeZYjgf-0TVROqOKztt2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2350::/48
Signature Algorithm: sha256WithRSAEncryption
39:9b:76:f7:11:cd:cd:ab:4c:eb:48:a2:c0:d8:4a:eb:d4:fb:
4e:fd:09:11:c2:6d:41:a7:5d:be:cb:89:b4:de:60:91:94:90:
f1:0f:6f:9f:6b:34:cb:02:47:16:c8:98:dc:93:10:75:9a:91:
ea:d1:63:9b:39:8f:af:85:dd:0c:e8:66:8b:d1:c7:7d:0c:a8:
e8:cf:e7:1e:f6:8e:e8:8f:e8:71:43:5e:a2:fb:3d:22:0f:a5:
dc:96:03:3a:b4:b3:dd:81:a3:5a:a3:8d:05:95:7e:93:b8:c6:
ce:47:3a:1d:6e:44:00:28:ce:c0:db:66:bc:c7:e5:ae:1d:c7:
02:ea:e5:ce:4c:16:ae:e6:9f:f6:b1:e8:d8:f2:b9:9d:b7:32:
20:fa:aa:56:ca:08:26:8f:05:66:5f:34:44:ee:5c:68:28:3b:
4f:e0:ce:16:94:31:ca:28:cd:7e:90:8b:62:1b:76:ba:c9:93:
66:f1:44:20:98:66:79:11:76:b0:f0:79:ba:58:25:58:44:e5:
1f:76:d7:b5:fc:01:bc:a6:04:b7:4d:e6:82:44:e3:5a:74:34:
8b:15:f3:07:af:40:3b:0e:de:1e:28:ea:5c:21:6c:7e:f5:46:
2e:58:15:69:a5:9e:3f:29:2f:5f:df:80:46:70:51:49:12:2a:
cc:aa:72:5a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF2+Ry4VnwdXYKyfy8rXKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGUwODU5NzVkZTY1ODhlMDdmZWQxMzU1MTNhYTM4YWNl
ZGI3NjMwHhcNMjQwMTAxMTYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE3MDA2YmNmMDJlMWYwZWZhY2Y4MWYyYzY1NWE3MzkwMTNkMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1yhopJewmQE5kfzAfZsG+uUcCXV
MJXNjpQMwqRpaefRoMgtB+2OWpBsLOFjm2ELJWRutJ4QWlYbnR1gBf/uCcuMsdKq
qUd4n7gg3CDDrkzU5HpuJzyY/71FHTExdf73BJrcFCwA2ktMo1i27ByMKKIOj2T3
UbojuMks8jT11IoQXewScL5JAJ+i9SQerx4qTai+KY2Ulc+uXFHjVjvXI+SesUvI
0VNVHT/uxNlM3kYZl9pQUAhxfGpf9l/nDG4E77X3CFhPa+aCAjZPgB4YY0aEQ7De
U1I6GSNi2u4CJ5FzwbPt0wWy/VhN1fxncaxB344F3vzy/IIz7eLDEOrTJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMsXAGvPAuHw76z4HyxlWnOQE9KdMB8GA1UdIwQY
MBaAFIfeCFl13mWI4H/tE1UTqjis7bdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAt
Y2MwZjk3MDcxNDBlLzEveXhjQWE4OEM0ZkR2clBnZkxHVmFjNUFUMHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNGVmNzEtZjEyMi00N2NlLThhNDAtY2MwZjk3MDcxNDBl
LzEvaDk0SVdYWGVaWWpnZi0wVFZST3FPS3p0dDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCNQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA5m3b3Ec3Nq0zrSKLA2Err1PtO/QkRwm1Bp12+
y4m03mCRlJDxD2+fazTLAkcWyJjckxB1mpHq0WObOY+vhd0M6GaL0cd9DKjoz+ce
9o7oj+hxQ16i+z0iD6XclgM6tLPdgaNao40FlX6TuMbORzodbkQAKM7A22a8x+Wu
HccC6uXOTBau5p/2sejY8rmdtzIg+qpWyggmjwVmXzRE7lxoKDtP4M4WlDHKKM1+
kItiG3a6yZNm8UQgmGZ5EXaw8Hm6WCVYROUfdte1/AG8pgS3TeaCRONadDSLFfMH
r0A7Dt4eKOpcIWx+9UYuWBVppZ4/KS9f34BGcFFJEirMqnJa
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:10:27 2024 by rpki-client on console-fra.rpki-client.org