Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/YJSFq7kyxvUcN9PXIjBzLP5bcBw.roa
File: YJSFq7kyxvUcN9PXIjBzLP5bcBw.roa (raw, json)
Hash identifier: djcugSr3u7SNUEFx9qvMONsqVlImvmPbP1C+z06Ua2I=
Subject key identifier: 60:94:85:AB:B9:32:C6:F5:1C:37:D3:D7:22:30:73:2C:FE:5B:70:1C
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 01903A623B25C68F88A1695E403A226E47C3
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/YJSFq7kyxvUcN9PXIjBzLP5bcBw.roa
Signing time: Fri 21 Jun 2024 10:40:34 +0000
ROA not before: Fri 21 Jun 2024 10:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a11:f40::/29 maxlen: 29
2a11:1a80::/29 maxlen: 29
2a11:1f00::/29 maxlen: 29
2a11:2140::/29 maxlen: 29
2a11:3fc0::/29 maxlen: 29
2a11:6300::/29 maxlen: 29
2a11:8940::/29 maxlen: 29
2a11:9380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:62:3b:25:c6:8f:88:a1:69:5e:40:3a:22:6e:47:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Jun 21 10:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=609485abb932c6f51c37d3d72230732cfe5b701c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:ca:26:00:85:19:7c:0c:5d:f4:01:5a:75:
31:c4:28:95:30:e5:2f:8f:95:99:3d:89:6a:de:10:
54:fa:1a:5d:0f:11:15:a2:95:60:d2:91:aa:2b:3e:
89:71:47:4e:75:aa:1d:17:92:fb:4d:3d:22:38:34:
56:4e:9d:ee:9a:8c:f0:3d:34:f0:0b:e4:0c:ef:f0:
f8:ea:8e:ad:f5:c0:9f:83:f2:05:bf:f8:96:90:bd:
bf:11:56:5c:97:6f:d2:8c:f1:97:2d:0f:c3:70:3a:
38:30:9b:c8:79:8f:ea:f2:13:c5:db:46:46:a4:3b:
e5:ea:5a:7b:22:ed:87:56:14:6e:89:87:82:6d:f0:
96:fc:37:74:c1:e6:6e:95:fa:2b:ce:7e:4c:89:19:
29:0c:66:25:f7:22:72:9d:88:b8:36:9f:6e:b3:7e:
08:52:49:f5:45:1c:d5:01:b6:bb:f2:d9:76:6e:57:
3a:01:af:6b:e8:0c:60:22:91:09:64:84:e8:0b:96:
79:67:5a:ea:fd:73:ba:ba:c9:94:9c:d5:a3:52:d3:
77:ac:71:cc:65:11:54:e5:3a:db:75:c0:5a:e4:ce:
fe:87:05:90:0f:7d:d0:1b:dd:cd:8b:2d:d8:ed:13:
a3:68:2e:04:f9:bb:1c:1d:b7:a4:ca:f4:32:d3:9e:
2d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:94:85:AB:B9:32:C6:F5:1C:37:D3:D7:22:30:73:2C:FE:5B:70:1C
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/YJSFq7kyxvUcN9PXIjBzLP5bcBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f40::/29
2a11:1a80::/29
2a11:1f00::/29
2a11:2140::/29
2a11:3fc0::/29
2a11:6300::/29
2a11:8940::/29
2a11:9380::/29
Signature Algorithm: sha256WithRSAEncryption
65:05:c3:ad:dd:d8:42:39:f5:0f:0c:8e:b2:7e:c8:ca:41:c1:
41:4c:2c:0a:32:2c:bb:23:e8:14:e6:21:4a:77:40:00:93:42:
98:ff:7a:2d:da:de:0b:48:55:9e:56:05:60:1b:c6:20:20:30:
01:71:3c:ca:31:ea:b0:a0:59:28:32:5b:56:0b:8c:c4:47:c3:
0e:d1:c0:7d:ec:72:a6:50:1f:89:ce:8f:51:71:29:ea:f4:09:
9d:ff:b0:3d:44:1a:16:8d:6a:90:f2:bc:db:88:f4:ac:58:ec:
9a:61:b0:ff:af:34:0d:87:43:8c:92:d8:a3:71:af:70:54:14:
30:aa:a9:f0:a6:93:ba:55:17:ff:a9:75:16:35:41:d6:33:15:
c3:8f:2b:c7:14:87:57:2d:00:5c:63:5d:38:47:3a:58:38:db:
b9:1c:e3:c0:40:cd:b3:8f:c0:46:13:38:f8:19:94:71:ec:1b:
9d:b8:c2:ee:ae:72:74:62:b0:eb:88:cd:48:cf:21:db:15:00:
c9:87:fc:f0:78:32:cd:df:d3:20:3a:71:2e:2a:dd:f9:95:67:
24:18:72:7a:8b:3a:a8:05:29:d9:e1:9f:aa:a2:f1:f3:9e:12:
ba:02:5f:9c:30:96:25:e8:39:6d:3f:03:13:9f:16:5b:d8:be:
cf:f7:51:cc
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZA6Yjslxo+IoWleQDoibkfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwNjIxMTA0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDk0ODVhYmI5MzJjNmY1MWMzN2QzZDcyMjMwNzMyY2ZlNWI3MDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm7KJgCFGXwMXfQBWnUxxCiVMOUv
j5WZPYlq3hBU+hpdDxEVopVg0pGqKz6JcUdOdaodF5L7TT0iODRWTp3umozwPTTw
C+QM7/D46o6t9cCfg/IFv/iWkL2/EVZcl2/SjPGXLQ/DcDo4MJvIeY/q8hPF20ZG
pDvl6lp7Iu2HVhRuiYeCbfCW/Dd0weZulforzn5MiRkpDGYl9yJynYi4Np9us34I
Ukn1RRzVAba78tl2blc6Aa9r6AxgIpEJZIToC5Z5Z1rq/XO6usmUnNWjUtN3rHHM
ZRFU5TrbdcBa5M7+hwWQD33QG93Niy3Y7ROjaC4E+bscHbekyvQy054tgwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGCUhau5Msb1HDfT1yIwcyz+W3AcMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvWUpTRnE3a3l4dlVjTjlQWElqQnpMUDViY0J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKhEPQAMF
AyoRGoADBQMqER8AAwUDKhEhQAMFAyoRP8ADBQMqEWMAAwUDKhGJQAMFAyoRk4Aw
DQYJKoZIhvcNAQELBQADggEBAGUFw63d2EI59Q8MjrJ+yMpBwUFMLAoyLLsj6BTm
IUp3QACTQpj/ei3a3gtIVZ5WBWAbxiAgMAFxPMox6rCgWSgyW1YLjMRHww7RwH3s
cqZQH4nOj1FxKer0CZ3/sD1EGhaNapDyvNuI9KxY7JphsP+vNA2HQ4yS2KNxr3BU
FDCqqfCmk7pVF/+pdRY1QdYzFcOPK8cUh1ctAFxjXThHOlg427kc48BAzbOPwEYT
OPgZlHHsG524wu6ucnRisOuIzUjPIdsVAMmH/PB4Ms3f0yA6cS4q3fmVZyQYcnqL
OqgFKdnhn6qi8fOeEroCX5wwliXoOW0/AxOfFlvYvs/3Ucw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:15:17 2024 by rpki-client on console-fra.rpki-client.org