Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/uystX69ATkOt30x3TGXK_Q7tWZE.roa
File: uystX69ATkOt30x3TGXK_Q7tWZE.roa (raw, json)
Hash identifier: 1AEpHU/d5H//gYkxpN3j/MKiE8zA6+P5L+ID3gfTTt8=
Subject key identifier: BB:2B:2D:5F:AF:40:4E:43:AD:DF:4C:77:4C:65:CA:FD:0E:ED:59:91
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCCFA190EBE81D2822B5A5E0604105
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/uystX69ATkOt30x3TGXK_Q7tWZE.roa
Signing time: Tue 02 Jan 2024 10:34:03 +0000
ROA not before: Tue 02 Jan 2024 10:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34533
IP address blocks: 2a02:2698:6800::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cf:a1:90:eb:e8:1d:28:22:b5:a5:e0:60:41:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb2b2d5faf404e43addf4c774c65cafd0eed5991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:19:58:ec:5b:a4:f5:43:04:f9:59:19:e9:34:
24:65:69:8c:ad:b1:97:46:fb:0d:2c:f5:59:0c:22:
7e:17:fe:e3:44:96:de:d1:8b:83:e3:bd:f8:2d:2b:
87:a5:1f:1d:5a:d7:6d:5f:e1:b1:ee:17:74:ed:d1:
52:18:f7:62:23:c7:08:fa:3a:93:f3:06:fc:29:a3:
96:eb:bd:54:db:dc:f6:61:f6:45:01:dc:da:4c:75:
4f:58:f0:e8:19:2a:e6:81:a0:1e:27:80:57:60:9c:
13:07:39:85:5e:22:65:4e:a4:41:fb:77:cf:31:86:
0f:72:1f:1d:d0:86:d4:4f:ce:47:1c:4e:f8:b1:ab:
5a:91:3b:e8:36:43:95:55:d1:6d:8b:00:ea:9c:90:
16:7f:a1:8c:cb:a3:82:34:a4:36:24:fa:7a:f1:2a:
63:9c:51:cc:3e:4b:47:db:4c:fd:89:a7:7e:d6:81:
e9:0b:53:d1:85:81:1a:ff:dc:87:10:df:9b:79:b9:
b5:f2:71:63:99:57:18:38:cc:cf:58:38:a7:ce:82:
d1:bd:d7:15:71:17:59:3e:a1:b9:6d:7a:58:04:a2:
c9:bc:8e:19:c5:16:e6:15:e4:d7:58:43:6a:d9:3f:
8a:fb:a2:23:f0:8b:49:1f:1d:a3:ac:9c:9a:68:e2:
bf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2B:2D:5F:AF:40:4E:43:AD:DF:4C:77:4C:65:CA:FD:0E:ED:59:91
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/uystX69ATkOt30x3TGXK_Q7tWZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6800::/38
Signature Algorithm: sha256WithRSAEncryption
9f:14:3c:48:05:0d:b0:e3:69:f2:8a:06:c2:d0:05:f0:db:ac:
07:f8:eb:f1:5e:06:04:12:fb:52:e2:d5:e9:f9:90:c5:1c:e7:
00:40:9d:7f:c8:89:a7:40:b5:09:0a:4a:e8:d7:e4:e9:41:90:
70:45:9c:96:0c:65:a5:fc:6e:36:c0:84:95:0b:bf:89:25:14:
e7:eb:4c:67:4f:48:52:9c:4c:16:e4:79:6d:e7:be:18:08:c5:
62:7d:90:73:43:75:e3:ff:21:d9:4c:a0:d3:61:fb:a1:86:e7:
a3:f4:70:44:d0:54:c2:ea:c2:aa:d2:bb:03:6c:b2:d2:3b:0b:
77:59:8b:66:b2:a9:ed:41:0b:29:4b:11:70:62:c3:39:dc:5c:
08:6a:de:76:b7:34:a3:23:b4:be:78:d7:6b:c8:b0:04:ac:19:
e2:86:33:39:98:d7:a1:cc:28:36:48:44:4c:f9:dc:3c:d5:32:
cc:79:d6:6e:d4:26:d0:f1:76:e9:77:5d:3c:be:2f:ad:b1:aa:
08:b3:24:0f:02:53:50:fe:1b:16:63:1b:4d:c8:5a:c1:9f:96:
81:bf:ff:24:0b:2d:e2:ad:70:3b:71:36:0e:df:65:34:c1:4f:
f8:e0:32:20:0a:ab:45:9b:71:84:40:12:eb:12:38:e0:1e:d2:
4e:53:f7:c0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvM+hkOvoHSgitaXgYEEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJiMmQ1ZmFmNDA0ZTQzYWRkZjRjNzc0YzY1Y2FmZDBlZWQ1OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihlY7Fuk9UME+VkZ6TQkZWmMrbGX
RvsNLPVZDCJ+F/7jRJbe0YuD4734LSuHpR8dWtdtX+Gx7hd07dFSGPdiI8cI+jqT
8wb8KaOW671U29z2YfZFAdzaTHVPWPDoGSrmgaAeJ4BXYJwTBzmFXiJlTqRB+3fP
MYYPch8d0IbUT85HHE74satakTvoNkOVVdFtiwDqnJAWf6GMy6OCNKQ2JPp68Spj
nFHMPktH20z9iad+1oHpC1PRhYEa/9yHEN+bebm18nFjmVcYOMzPWDinzoLRvdcV
cRdZPqG5bXpYBKLJvI4ZxRbmFeTXWENq2T+K+6Ij8ItJHx2jrJyaaOK/ZQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLsrLV+vQE5Drd9Md0xlyv0O7VmRMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvdXlzdFg2OUFUa090MzB4M1RHWEtfUTd0V1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGgw
DQYJKoZIhvcNAQELBQADggEBAJ8UPEgFDbDjafKKBsLQBfDbrAf46/FeBgQS+1Li
1en5kMUc5wBAnX/IiadAtQkKSujX5OlBkHBFnJYMZaX8bjbAhJULv4klFOfrTGdP
SFKcTBbkeW3nvhgIxWJ9kHNDdeP/IdlMoNNh+6GG56P0cETQVMLqwqrSuwNsstI7
C3dZi2ayqe1BCylLEXBiwzncXAhq3na3NKMjtL5412vIsASsGeKGMzmY16HMKDZI
REz53DzVMsx51m7UJtDxdul3XTy+L62xqgizJA8CU1D+GxZjG03IWsGfloG//yQL
LeKtcDtxNg7fZTTBT/jgMiAKq0WbcYRAEusSOOAe0k5T98A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:31 2024 by rpki-client on console-fra.rpki-client.org