Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/b8JteDtAIyabQ2XPpQvIXxQ6Fkk.roa
File: b8JteDtAIyabQ2XPpQvIXxQ6Fkk.roa (raw, json)
Hash identifier: cYBG0w/fc8aCRPa9w+hRL0wNTUrKpVFz9MBXwHDT9Os=
Subject key identifier: 6F:C2:6D:78:3B:40:23:26:9B:43:65:CF:A5:0B:C8:5F:14:3A:16:49
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018CC80137456F08103B5BACC765AB1578D7
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/b8JteDtAIyabQ2XPpQvIXxQ6Fkk.roa
Signing time: Tue 02 Jan 2024 02:29:32 +0000
ROA not before: Tue 02 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60939
IP address blocks: 2a05:f300::/29 maxlen: 64
2a12:4b40::/29 maxlen: 64
2a13:c800::/29 maxlen: 64
2a13:c400::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:37:45:6f:08:10:3b:5b:ac:c7:65:ab:15:78:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fc26d783b4023269b4365cfa50bc85f143a1649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1a:ce:51:70:6a:7f:c2:c3:b3:b5:09:b2:da:
1b:68:54:9c:f7:5a:91:d1:62:9b:50:64:a3:33:20:
91:25:93:ef:91:0a:6d:a1:f9:ae:77:59:81:3b:4e:
a9:99:65:1d:93:69:03:33:92:7a:c1:7e:54:23:87:
dc:03:0a:2c:6f:88:50:d5:6d:45:94:09:e6:6a:89:
b6:e0:d5:a8:26:95:8d:9e:d8:56:b1:40:9b:c4:55:
f9:64:4a:61:cd:56:25:81:cc:64:7f:ae:08:6f:72:
09:b6:29:df:a1:df:c7:cc:04:2a:c2:d6:3e:2d:77:
2e:f6:b8:31:0c:35:af:a4:4d:c8:ab:10:d5:3a:8b:
ad:49:96:09:ed:55:5e:7c:d3:34:2a:3a:0f:e2:44:
d3:6e:44:9d:6b:83:56:3c:fd:f6:af:c3:2b:fb:d6:
62:14:3c:9f:cb:36:05:48:2c:6e:7b:97:49:4d:e0:
af:b5:e3:8e:0d:e0:5c:58:80:68:3d:c6:84:ab:15:
27:73:cc:e8:ac:27:55:d7:d1:02:9b:b8:a2:64:2c:
82:70:8e:15:74:32:34:41:f7:c2:20:b0:f4:39:f8:
32:1e:d0:23:91:2b:01:9b:1a:fb:39:f1:00:4d:bb:
ac:5a:25:41:fa:df:40:76:ac:eb:41:dd:c9:d5:2b:
52:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C2:6D:78:3B:40:23:26:9B:43:65:CF:A5:0B:C8:5F:14:3A:16:49
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/b8JteDtAIyabQ2XPpQvIXxQ6Fkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:f300::/29
2a12:4b40::/29
2a13:c400::/29
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
b8:26:05:0e:ee:54:56:07:4f:f5:d5:73:a5:d3:15:56:74:f5:
b6:0b:54:14:b1:a5:57:7f:d4:27:29:ed:9c:8e:dc:4c:a1:15:
92:69:ed:cf:06:80:cd:ba:ef:eb:c2:93:26:83:8d:10:64:8e:
9e:4c:db:1d:06:2a:b4:d1:5f:6f:3c:42:7b:28:67:34:2d:09:
e0:b9:70:a1:a8:c5:e5:84:2f:b8:08:0b:3d:3e:c1:fe:02:fe:
15:35:69:2e:02:3b:ed:1f:94:5b:e5:46:c0:d4:c9:11:52:25:
28:30:3e:4c:83:f6:c6:a6:a1:2b:02:55:81:11:d1:96:e8:3a:
4d:85:5f:b1:0b:17:36:f2:39:e5:fe:57:e5:34:b5:26:09:85:
6e:6e:c9:93:b8:a3:92:63:7b:20:be:fd:89:31:24:a1:69:07:
20:66:ad:38:7a:ab:d0:15:cd:99:3e:af:4f:14:68:7b:9e:70:
c0:d9:80:de:7e:ce:87:87:54:35:1a:d6:cd:ff:79:7f:d2:b3:
32:0f:25:f1:15:ae:38:f9:c2:1c:1b:08:35:71:e1:83:8e:24:
6e:bf:d6:f6:43:af:41:cb:e8:a6:11:c7:c0:a5:14:c0:f6:06:
80:4b:04:b2:ee:4d:43:18:25:6f:05:28:4f:72:eb:25:ba:8b:
99:eb:2d:fa
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzIATdFbwgQO1usx2WrFXjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMTAyMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmMyNmQ3ODNiNDAyMzI2OWI0MzY1Y2ZhNTBiYzg1ZjE0M2ExNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhrOUXBqf8LDs7UJstobaFSc91qR
0WKbUGSjMyCRJZPvkQptofmud1mBO06pmWUdk2kDM5J6wX5UI4fcAwosb4hQ1W1F
lAnmaom24NWoJpWNnthWsUCbxFX5ZEphzVYlgcxkf64Ib3IJtinfod/HzAQqwtY+
LXcu9rgxDDWvpE3IqxDVOoutSZYJ7VVefNM0KjoP4kTTbkSda4NWPP32r8Mr+9Zi
FDyfyzYFSCxue5dJTeCvteOODeBcWIBoPcaEqxUnc8zorCdV19ECm7iiZCyCcI4V
dDI0QffCILD0OfgyHtAjkSsBmxr7OfEATbusWiVB+t9AdqzrQd3J1StSjQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG/CbXg7QCMmm0Nlz6ULyF8UOhZJMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvYjhKdGVEdEFJeWFiUTJYUHBRdklYeFE2RmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgXzAAMF
AyoSS0ADBQMqE8QAAwUDKhPIADANBgkqhkiG9w0BAQsFAAOCAQEAuCYFDu5UVgdP
9dVzpdMVVnT1tgtUFLGlV3/UJyntnI7cTKEVkmntzwaAzbrv68KTJoONEGSOnkzb
HQYqtNFfbzxCeyhnNC0J4LlwoajF5YQvuAgLPT7B/gL+FTVpLgI77R+UW+VGwNTJ
EVIlKDA+TIP2xqahKwJVgRHRlug6TYVfsQsXNvI55f5X5TS1JgmFbm7Jk7ijkmN7
IL79iTEkoWkHIGatOHqr0BXNmT6vTxRoe55wwNmA3n7Oh4dUNRrWzf95f9KzMg8l
8RWuOPnCHBsINXHhg44kbr/W9kOvQcvophHHwKUUwPYGgEsEsu5NQxglbwUoT3Lr
JbqLmest+g==
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:46:09 2024 by rpki-client on console-fra.rpki-client.org