Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5b7387-3aae-497d-aabd-abb7438bc8a5/1/Auz_YhnD-jko2BzJWfDsS5d1580.roa
File: Auz_YhnD-jko2BzJWfDsS5d1580.roa (raw, json)
Hash identifier: CJEKXWvNDahrWIQuEoQapdbVEv+D1nJghdompHDTyhQ=
Subject key identifier: 02:EC:FF:62:19:C3:FA:39:28:D8:1C:C9:59:F0:EC:4B:97:75:E7:CD
Certificate issuer: /CN=c7cfccd68957a0f70439a8d60ff3c8b8d911a308
Certificate serial: 018CC348A8D0AEA7A0EAC31F0F35945D3579
Authority key identifier: C7:CF:CC:D6:89:57:A0:F7:04:39:A8:D6:0F:F3:C8:B8:D9:11:A3:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8_M1olXoPcEOajWD_PIuNkRowg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/5b7387-3aae-497d-aabd-abb7438bc8a5/1/Auz_YhnD-jko2BzJWfDsS5d1580.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20932
IP address blocks: 2001:67c:1368::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/5b7387-3aae-497d-aabd-abb7438bc8a5/1/x8_M1olXoPcEOajWD_PIuNkRowg.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/5b7387-3aae-497d-aabd-abb7438bc8a5/1/x8_M1olXoPcEOajWD_PIuNkRowg.mft
rsync://rpki.ripe.net/repository/DEFAULT/x8_M1olXoPcEOajWD_PIuNkRowg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a8:d0:ae:a7:a0:ea:c3:1f:0f:35:94:5d:35:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7cfccd68957a0f70439a8d60ff3c8b8d911a308
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02ecff6219c3fa3928d81cc959f0ec4b9775e7cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1b:8d:19:70:3f:d0:4d:37:91:81:13:02:3d:
66:a6:03:ea:e0:a4:4f:2c:4f:67:50:b5:f2:c5:7b:
da:e4:3a:06:65:34:78:a9:0c:66:03:28:64:7b:ad:
c8:9f:19:2b:42:ba:9f:c4:d4:45:4d:ff:69:62:45:
33:e1:d5:63:41:67:a8:da:8c:ec:e4:79:94:34:b3:
2e:fc:0f:93:73:22:d0:ab:e8:63:15:12:a4:28:ea:
41:80:ce:99:9e:2b:c5:26:af:87:5e:82:97:6a:14:
2d:c3:e1:85:25:83:0f:e5:ea:74:1e:fb:66:a3:d7:
34:40:7d:28:2d:e9:71:40:6f:98:3c:ef:5c:d7:4d:
38:cb:b9:b5:cc:cd:e1:27:0e:de:06:e9:8d:20:1b:
60:43:b9:4f:2d:16:b1:23:be:b2:c4:c6:5b:a5:62:
ac:92:5d:4d:66:a1:d4:96:81:47:19:5b:b9:c3:d6:
91:9e:ad:0f:5a:9d:42:1f:0e:4e:23:0d:04:f3:ae:
d5:52:32:13:a5:16:49:11:00:02:71:83:64:4f:a6:
98:cb:b7:ce:f3:a6:85:24:52:12:7d:59:7f:92:68:
44:c3:1a:a9:68:52:32:aa:6e:5b:2a:24:5f:c4:76:
fa:41:eb:d9:c5:79:30:9f:af:9c:8b:0a:3b:a3:64:
47:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EC:FF:62:19:C3:FA:39:28:D8:1C:C9:59:F0:EC:4B:97:75:E7:CD
X509v3 Authority Key Identifier:
keyid:C7:CF:CC:D6:89:57:A0:F7:04:39:A8:D6:0F:F3:C8:B8:D9:11:A3:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8_M1olXoPcEOajWD_PIuNkRowg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b7387-3aae-497d-aabd-abb7438bc8a5/1/Auz_YhnD-jko2BzJWfDsS5d1580.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5b7387-3aae-497d-aabd-abb7438bc8a5/1/x8_M1olXoPcEOajWD_PIuNkRowg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1368::/48
Signature Algorithm: sha256WithRSAEncryption
6c:98:e7:b7:a5:bc:3d:92:13:6b:54:eb:50:df:2c:2a:eb:19:
19:3f:81:83:20:89:af:8e:07:a4:da:30:22:3b:5a:ee:c3:5f:
2f:ff:db:79:9d:7c:e7:a0:34:f3:9f:38:e7:1c:0e:97:c4:33:
14:3c:19:ee:09:d4:25:41:55:07:95:ce:49:a8:93:ca:b3:89:
c8:e7:d2:60:61:f1:03:84:8e:bf:b8:da:c3:02:86:2c:28:5c:
72:91:30:d3:2f:c6:20:25:2d:71:c6:c3:42:00:a2:47:92:dc:
57:c4:a5:f9:4f:08:cb:08:f5:80:88:f3:1f:b2:d9:5e:b3:ed:
8d:d0:3f:a5:90:32:9e:37:81:b3:ad:aa:89:1f:34:ae:05:a3:
83:ef:b4:5e:0d:72:45:5d:d8:33:a6:f3:6a:72:a2:5e:67:eb:
7c:b3:89:5b:9b:87:1a:64:d3:48:6e:66:16:bf:2a:36:97:a7:
93:45:da:b0:36:d1:d0:ba:5e:d5:2f:31:28:c0:e6:7d:65:dd:
c9:a0:15:d1:dd:21:a0:89:0a:43:5e:39:45:12:18:3e:e0:c3:
19:65:91:e3:ee:09:90:c8:aa:25:1c:29:94:5b:4d:08:85:4f:
ff:9e:a9:e2:5e:57:19:4a:a2:08:96:6f:b9:23:2f:0c:54:45:
b5:0d:f5:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSKjQrqeg6sMfDzWUXTV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3Y2ZjY2Q2ODk1N2EwZjcwNDM5YThkNjBmZjNjOGI4ZDkx
MWEzMDgwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmVjZmY2MjE5YzNmYTM5MjhkODFjYzk1OWYwZWM0Yjk3NzVlN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBuNGXA/0E03kYETAj1mpgPq4KRP
LE9nULXyxXva5DoGZTR4qQxmAyhke63InxkrQrqfxNRFTf9pYkUz4dVjQWeo2ozs
5HmUNLMu/A+TcyLQq+hjFRKkKOpBgM6ZnivFJq+HXoKXahQtw+GFJYMP5ep0Hvtm
o9c0QH0oLelxQG+YPO9c1004y7m1zM3hJw7eBumNIBtgQ7lPLRaxI76yxMZbpWKs
kl1NZqHUloFHGVu5w9aRnq0PWp1CHw5OIw0E867VUjITpRZJEQACcYNkT6aYy7fO
86aFJFISfVl/kmhEwxqpaFIyqm5bKiRfxHb6QevZxXkwn6+ciwo7o2RHUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFALs/2IZw/o5KNgcyVnw7EuXdefNMB8GA1UdIwQY
MBaAFMfPzNaJV6D3BDmo1g/zyLjZEaMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhfTTFvbFhvUGNFT2FqV0RfUEl1TmtSb3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YjczODctM2FhZS00OTdkLWFhYmQt
YWJiNzQzOGJjOGE1LzEvQXV6X1lobkQtamtvMkJ6SldmRHNTNWQxNTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YjczODctM2FhZS00OTdkLWFhYmQtYWJiNzQzOGJjOGE1
LzEveDhfTTFvbFhvUGNFT2FqV0RfUEl1TmtSb3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBNo
MA0GCSqGSIb3DQEBCwUAA4IBAQBsmOe3pbw9khNrVOtQ3ywq6xkZP4GDIImvjgek
2jAiO1ruw18v/9t5nXznoDTznzjnHA6XxDMUPBnuCdQlQVUHlc5JqJPKs4nI59Jg
YfEDhI6/uNrDAoYsKFxykTDTL8YgJS1xxsNCAKJHktxXxKX5TwjLCPWAiPMfstle
s+2N0D+lkDKeN4GzraqJHzSuBaOD77ReDXJFXdgzpvNqcqJeZ+t8s4lbm4caZNNI
bmYWvyo2l6eTRdqwNtHQul7VLzEowOZ9Zd3JoBXR3SGgiQpDXjlFEhg+4MMZZZHj
7gmQyKolHCmUW00IhU//nqniXlcZSqIIlm+5Iy8MVEW1DfU/
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:43 2024 by rpki-client on console-fra.rpki-client.org