Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9d7141-60a4-42b6-92e7-c8b02f4b36ce/1/HaQRygg9DyEk1Psj9LcMnWQL1zs.roa
File: HaQRygg9DyEk1Psj9LcMnWQL1zs.roa (raw, json)
Hash identifier: Q8qEeqhpb52dkAvgidhHFptkjDapgmwBMOieosmtCb8=
Subject key identifier: 1D:A4:11:CA:08:3D:0F:21:24:D4:FB:23:F4:B7:0C:9D:64:0B:D7:3B
Certificate issuer: /CN=c2fa527fa586cab2f56700cdce8d8f512c0f18a9
Certificate serial: 018CC7942C23DA09E6E3B75720A70BF2671D
Authority key identifier: C2:FA:52:7F:A5:86:CA:B2:F5:67:00:CD:CE:8D:8F:51:2C:0F:18:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wvpSf6WGyrL1ZwDNzo2PUSwPGKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9d7141-60a4-42b6-92e7-c8b02f4b36ce/1/HaQRygg9DyEk1Psj9LcMnWQL1zs.roa
Signing time: Tue 02 Jan 2024 00:30:25 +0000
ROA not before: Tue 02 Jan 2024 00:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48635
IP address blocks: 2001:678:3a4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/9d7141-60a4-42b6-92e7-c8b02f4b36ce/1/wvpSf6WGyrL1ZwDNzo2PUSwPGKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/9d7141-60a4-42b6-92e7-c8b02f4b36ce/1/wvpSf6WGyrL1ZwDNzo2PUSwPGKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wvpSf6WGyrL1ZwDNzo2PUSwPGKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:2c:23:da:09:e6:e3:b7:57:20:a7:0b:f2:67:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2fa527fa586cab2f56700cdce8d8f512c0f18a9
Validity
Not Before: Jan 2 00:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1da411ca083d0f2124d4fb23f4b70c9d640bd73b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ad:14:be:e0:c3:a0:51:a3:6d:0d:89:46:5e:
57:8f:82:b4:53:34:4a:a8:76:8c:eb:58:b4:be:4e:
26:07:c1:67:15:dc:b8:14:df:07:74:3f:4c:cb:30:
c6:27:c2:d7:87:af:20:11:4c:64:f7:c1:f6:11:bc:
0c:a5:ca:06:3c:28:06:cc:73:32:b8:b1:96:5d:93:
48:27:98:e3:1b:78:64:69:67:b5:51:69:f2:1b:14:
ad:6b:38:7c:2a:60:28:76:dd:05:24:f1:44:d6:17:
bd:0c:1f:32:2c:ea:5f:14:c2:a0:5b:fa:2f:63:fc:
63:ce:09:e1:1a:e9:6d:79:5a:e4:db:67:de:de:b7:
c5:d1:6c:b2:e1:b3:f7:98:89:0a:e3:e2:0a:c6:27:
8b:81:f4:2d:c1:03:ab:d6:33:1b:da:e8:a8:b1:39:
67:80:a4:b9:d3:88:e9:14:ef:c9:8d:c4:3b:48:bb:
46:75:6e:a7:ac:bb:ba:47:7b:3a:53:82:bc:c5:4d:
58:e4:3b:ec:08:49:e5:19:aa:0b:40:aa:98:80:99:
86:9c:d1:fc:65:64:5e:aa:ae:1b:02:39:f7:1d:dc:
3a:72:14:9b:2d:ae:c2:02:cf:9f:e2:1f:97:bd:a2:
c5:f1:93:e3:66:f3:6d:d9:ce:2c:a0:5b:30:1a:4f:
90:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A4:11:CA:08:3D:0F:21:24:D4:FB:23:F4:B7:0C:9D:64:0B:D7:3B
X509v3 Authority Key Identifier:
keyid:C2:FA:52:7F:A5:86:CA:B2:F5:67:00:CD:CE:8D:8F:51:2C:0F:18:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wvpSf6WGyrL1ZwDNzo2PUSwPGKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9d7141-60a4-42b6-92e7-c8b02f4b36ce/1/HaQRygg9DyEk1Psj9LcMnWQL1zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9d7141-60a4-42b6-92e7-c8b02f4b36ce/1/wvpSf6WGyrL1ZwDNzo2PUSwPGKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:3a4::/48
Signature Algorithm: sha256WithRSAEncryption
e3:5f:60:a7:71:20:e5:f9:ca:65:ce:9f:d0:31:63:e4:16:a8:
90:29:32:3b:f7:e4:73:6c:ae:7a:92:7a:4e:24:39:b0:30:8c:
8e:1e:70:d8:5d:54:77:0e:ed:0e:4f:bb:40:44:7f:d6:9a:85:
23:2f:f9:e0:47:5c:d4:2d:02:08:97:39:f3:54:b9:6a:75:17:
bf:f9:6f:3c:9c:96:4b:47:8c:d0:68:71:71:35:3b:2f:af:f3:
0d:93:c2:9a:ef:63:e5:5f:66:eb:94:f0:8a:27:15:78:a3:4f:
fd:e7:39:ee:92:79:95:db:7f:de:4f:04:c7:8a:54:ae:72:58:
6d:19:ae:fe:85:8e:7d:7d:c8:68:fd:e9:1a:ca:4c:a0:06:d4:
12:83:f7:2f:f6:2e:38:c7:2c:33:eb:61:c9:f3:6a:35:bf:d5:
66:9d:60:4d:f3:cf:59:ac:6a:e1:b5:25:44:ab:02:43:6c:61:
f7:23:25:df:e5:45:db:05:32:54:06:d3:3a:92:f4:15:98:6a:
dc:59:8b:bd:5e:c9:6d:06:3e:a7:c8:2f:29:f6:f9:c1:cc:e0:
75:88:d5:db:d5:37:e7:c2:b4:09:60:92:ea:9b:01:96:5a:5b:
10:45:d1:fa:8c:8d:ef:e2:6e:11:81:fd:27:7f:22:3c:0a:b6:
47:39:17:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHlCwj2gnm47dXIKcL8mcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZmE1MjdmYTU4NmNhYjJmNTY3MDBjZGNlOGQ4ZjUxMmMw
ZjE4YTkwHhcNMjQwMTAyMDAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE0MTFjYTA4M2QwZjIxMjRkNGZiMjNmNGI3MGM5ZDY0MGJkNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy60UvuDDoFGjbQ2JRl5Xj4K0UzRK
qHaM61i0vk4mB8FnFdy4FN8HdD9MyzDGJ8LXh68gEUxk98H2EbwMpcoGPCgGzHMy
uLGWXZNIJ5jjG3hkaWe1UWnyGxStazh8KmAodt0FJPFE1he9DB8yLOpfFMKgW/ov
Y/xjzgnhGulteVrk22fe3rfF0Wyy4bP3mIkK4+IKxieLgfQtwQOr1jMb2uiosTln
gKS504jpFO/JjcQ7SLtGdW6nrLu6R3s6U4K8xU1Y5DvsCEnlGaoLQKqYgJmGnNH8
ZWReqq4bAjn3Hdw6chSbLa7CAs+f4h+XvaLF8ZPjZvNt2c4soFswGk+QNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB2kEcoIPQ8hJNT7I/S3DJ1kC9c7MB8GA1UdIwQY
MBaAFML6Un+lhsqy9WcAzc6Nj1EsDxipMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3ZwU2Y2V0d5ckwxWndETnpvMlBVU3dQR0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85ZDcxNDEtNjBhNC00MmI2LTkyZTct
YzhiMDJmNGIzNmNlLzEvSGFRUnlnZzlEeUVrMVBzajlMY01uV1FMMXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85ZDcxNDEtNjBhNC00MmI2LTkyZTctYzhiMDJmNGIzNmNl
LzEvd3ZwU2Y2V0d5ckwxWndETnpvMlBVU3dQR0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAOk
MA0GCSqGSIb3DQEBCwUAA4IBAQDjX2CncSDl+cplzp/QMWPkFqiQKTI79+RzbK56
knpOJDmwMIyOHnDYXVR3Du0OT7tARH/WmoUjL/ngR1zULQIIlznzVLlqdRe/+W88
nJZLR4zQaHFxNTsvr/MNk8Ka72PlX2brlPCKJxV4o0/95znuknmV23/eTwTHilSu
clhtGa7+hY59fcho/ekaykygBtQSg/cv9i44xywz62HJ82o1v9VmnWBN889ZrGrh
tSVEqwJDbGH3IyXf5UXbBTJUBtM6kvQVmGrcWYu9XsltBj6nyC8p9vnBzOB1iNXb
1TfnwrQJYJLqmwGWWlsQRdH6jI3v4m4Rgf0nfyI8CrZHORf8
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:08:01 2024 by rpki-client on console-fra.rpki-client.org