Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/K0pYXl6_B-WbLl-3d57pPmYbfwg.roa
File: K0pYXl6_B-WbLl-3d57pPmYbfwg.roa (raw, json)
Hash identifier: jnb8rl358xnPZctxA+uad+jeQjEHt2w+YxT5micfxo4=
Subject key identifier: 2B:4A:58:5E:5E:BF:07:E5:9B:2E:5F:B7:77:9E:E9:3E:66:1B:7F:08
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCD64DD8F3E1259D13739975A5121A
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/K0pYXl6_B-WbLl-3d57pPmYbfwg.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42682
IP address blocks: 2a02:2698:4c00::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d6:4d:d8:f3:e1:25:9d:13:73:99:75:a5:12:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b4a585e5ebf07e59b2e5fb7779ee93e661b7f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:62:0c:f2:3a:0e:82:1f:e2:9e:17:6e:b0:b5:
9b:41:be:3e:10:d5:3f:42:60:b8:30:8f:c3:f5:c8:
66:60:62:30:2c:7a:e5:52:88:22:e8:08:9a:7e:66:
ed:4c:de:65:42:6f:31:b7:27:29:9b:d8:6a:bf:6a:
f8:df:ec:af:0e:3f:2f:45:2a:e2:92:68:34:aa:5d:
47:da:54:09:7e:b5:23:e9:f3:ed:73:b0:41:a0:d8:
a3:6f:fe:e0:db:36:f0:32:d9:74:7e:cf:7e:a0:b2:
85:1f:67:3e:d9:89:35:17:6c:eb:30:3e:06:8f:a7:
73:c9:c9:0f:f2:22:59:59:df:a4:82:b2:90:b7:30:
8f:4a:3f:bd:5b:61:3e:2b:24:e4:c5:8b:94:51:dd:
f4:97:15:0b:74:f0:15:52:df:11:47:3f:a7:8a:7c:
95:3b:31:f1:e7:a4:ac:bc:52:bd:45:79:94:a1:82:
cc:6a:39:90:94:33:f2:b5:d1:24:24:20:c4:01:e4:
dc:d9:0e:7b:c2:fc:40:3f:6d:0e:62:57:21:46:19:
95:b8:68:68:68:7d:26:57:7b:9a:65:91:db:4b:9d:
8a:2f:4f:8f:a2:3e:e5:54:aa:e0:de:a1:57:88:5b:
15:be:ba:23:fb:0c:dd:16:88:b4:a6:1f:b9:94:1f:
f4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4A:58:5E:5E:BF:07:E5:9B:2E:5F:B7:77:9E:E9:3E:66:1B:7F:08
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/K0pYXl6_B-WbLl-3d57pPmYbfwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:4c00::/38
Signature Algorithm: sha256WithRSAEncryption
45:bd:5d:be:04:18:8e:87:66:0d:fb:f8:40:d0:ee:fc:85:be:
0c:c5:2e:a5:a2:c6:3f:ac:da:5e:59:fe:ce:fb:6e:4a:60:99:
d2:95:3b:d9:86:8c:04:36:d4:bc:a5:e9:c8:c0:a6:95:b5:75:
be:ff:6a:2a:0a:3e:bb:2a:c3:f4:e8:00:34:6b:2c:3a:ab:38:
a9:68:c2:72:7a:99:4f:a2:8e:59:19:b2:58:3e:72:c0:b6:f5:
59:95:86:f0:2c:30:6f:89:d1:d9:36:b5:6c:87:84:39:2e:ea:
da:37:ec:b0:dd:ca:67:a2:39:57:7d:ab:9a:bb:55:ec:5a:a2:
51:41:a6:65:fa:40:52:eb:cc:77:1b:7e:af:dd:1d:b7:73:10:
12:99:e2:0e:99:59:7c:40:72:62:44:15:7a:f1:c9:0a:af:2a:
e8:31:43:5a:a3:0f:14:ce:c3:3e:bf:28:a7:23:80:b4:81:1d:
a6:67:2f:3e:d3:00:0a:67:55:46:bd:1f:cc:16:c7:a5:5c:39:
a5:4b:79:58:4e:2b:e8:c4:98:dd:cd:32:61:10:f7:59:6a:13:
49:4f:71:b3:b5:2b:f7:dc:33:73:7c:6d:f7:d3:63:56:26:40:
2c:cb:7d:ac:a4:2f:90:15:c2:d8:ce:1d:1c:7a:61:11:26:a8:
d6:a4:f1:9e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvNZN2PPhJZ0Tc5l1pRIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRhNTg1ZTVlYmYwN2U1OWIyZTVmYjc3NzllZTkzZTY2MWI3ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGIM8joOgh/inhdusLWbQb4+ENU/
QmC4MI/D9chmYGIwLHrlUogi6AiafmbtTN5lQm8xtycpm9hqv2r43+yvDj8vRSri
kmg0ql1H2lQJfrUj6fPtc7BBoNijb/7g2zbwMtl0fs9+oLKFH2c+2Yk1F2zrMD4G
j6dzyckP8iJZWd+kgrKQtzCPSj+9W2E+KyTkxYuUUd30lxULdPAVUt8RRz+ninyV
OzHx56SsvFK9RXmUoYLMajmQlDPytdEkJCDEAeTc2Q57wvxAP20OYlchRhmVuGho
aH0mV3uaZZHbS52KL0+Poj7lVKrg3qFXiFsVvroj+wzdFoi0ph+5lB/0mwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCtKWF5evwflmy5ft3ee6T5mG38IMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvSzBwWVhsNl9CLVdiTGwtM2Q1N3BQbVliZndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmEww
DQYJKoZIhvcNAQELBQADggEBAEW9Xb4EGI6HZg37+EDQ7vyFvgzFLqWixj+s2l5Z
/s77bkpgmdKVO9mGjAQ21Lyl6cjAppW1db7/aioKPrsqw/ToADRrLDqrOKlownJ6
mU+ijlkZslg+csC29VmVhvAsMG+J0dk2tWyHhDku6to37LDdymeiOVd9q5q7Vexa
olFBpmX6QFLrzHcbfq/dHbdzEBKZ4g6ZWXxAcmJEFXrxyQqvKugxQ1qjDxTOwz6/
KKcjgLSBHaZnLz7TAApnVUa9H8wWx6VcOaVLeVhOK+jEmN3NMmEQ91lqE0lPcbO1
K/fcM3N8bffTY1YmQCzLfaykL5AVwtjOHRx6YREmqNak8Z4=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:13:54 2024 by rpki-client on console-ams.rpki-client.org