Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Xm4knbvbNyy-YfJmrsCd5rjz_C8.roa
File: Xm4knbvbNyy-YfJmrsCd5rjz_C8.roa (raw, json)
Hash identifier: Cvt6FBHSds5nduA7d4VAxrNl1zII2W8Yo6yRjYRWZaY=
Subject key identifier: 5E:6E:24:9D:BB:DB:37:2C:BE:61:F2:66:AE:C0:9D:E6:B8:F3:FC:2F
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 018CC8013E45543222A14BE16616DE2F859C
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Xm4knbvbNyy-YfJmrsCd5rjz_C8.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398106
IP address blocks: 2a01:488:bb1a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3e:45:54:32:22:a1:4b:e1:66:16:de:2f:85:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e6e249dbbdb372cbe61f266aec09de6b8f3fc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:72:c3:61:3c:08:86:5d:84:18:a1:a9:47:da:
2e:8f:c0:1d:68:2b:49:bb:53:62:a2:a4:75:42:a2:
8a:6c:66:41:33:95:74:64:7f:49:db:31:80:1a:bc:
5b:d4:9d:b8:01:47:0e:df:37:a5:47:a7:83:69:48:
a2:a0:56:b0:f9:12:df:5b:de:b4:27:cd:09:a0:5a:
3f:88:05:8b:d2:d2:9a:84:da:ac:43:d9:83:79:ec:
98:ff:df:11:05:40:57:80:44:2a:81:75:ac:fd:bc:
50:be:38:bf:ce:4f:c9:2a:15:43:36:4c:01:65:e1:
e8:14:80:4d:b8:c8:3a:df:86:6e:94:ab:db:30:c5:
43:77:e3:e9:13:89:cd:bb:1f:56:24:ea:88:98:af:
2a:50:3a:93:54:11:15:b3:da:35:72:b5:bf:20:d1:
1d:84:e2:cd:16:e1:14:8c:6a:4c:48:94:93:30:30:
6d:3f:0d:83:57:34:84:04:e1:97:41:f3:fd:f2:0a:
a2:8a:5a:57:1a:a9:22:2a:a5:76:9e:21:e6:32:68:
b2:4d:c2:ab:25:98:b6:ef:0a:37:67:5b:a6:26:8e:
f9:f8:b3:ca:8d:69:c1:0f:bf:bc:ae:41:5b:37:15:
bc:d8:95:25:cc:e3:a0:03:ba:e9:4d:e7:b8:6b:fd:
61:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6E:24:9D:BB:DB:37:2C:BE:61:F2:66:AE:C0:9D:E6:B8:F3:FC:2F
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/Xm4knbvbNyy-YfJmrsCd5rjz_C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb1a::/48
Signature Algorithm: sha256WithRSAEncryption
b7:05:3a:d2:80:7a:07:8f:ff:89:60:de:32:a9:16:0b:97:75:
09:7f:04:a1:6b:f4:e3:da:84:3a:3a:63:ac:7a:2e:e9:44:a6:
88:4b:16:29:e2:a6:c9:53:9f:06:90:1e:82:3e:5b:88:ab:b2:
d5:9d:f9:08:b7:40:d2:11:34:0b:62:92:fe:87:d6:74:80:5c:
49:85:88:98:42:68:de:06:fc:4f:a6:6c:8e:db:05:43:2b:9f:
09:60:f0:1e:6a:c2:c7:72:b3:46:8b:2a:bd:59:66:37:49:d3:
cb:20:fc:b4:53:37:93:aa:6c:3d:b5:47:ab:af:c9:fa:99:e5:
0f:be:1b:05:38:a7:db:59:27:5d:85:a5:07:a7:57:59:23:d6:
15:74:d1:c0:ae:1b:04:1d:6b:99:e2:cb:8f:20:39:9b:4f:b7:
bb:25:e9:6d:2d:63:8a:02:fe:5e:4d:fb:10:9a:b2:5f:67:51:
e9:45:17:53:00:e1:58:08:71:31:3f:f5:a0:83:d6:74:20:4a:
ab:89:a9:2d:8c:47:6d:04:bf:cb:9f:bc:9f:88:88:02:4e:d6:
f1:d1:2f:c4:74:e8:36:10:8d:b6:4c:9b:c5:c2:3d:6c:7d:4b:
b6:96:40:89:8b:e0:30:52:04:41:15:a0:5f:a5:34:6e:a5:8e:
da:4a:b8:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAT5FVDIioUvhZhbeL4WcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZlMjQ5ZGJiZGIzNzJjYmU2MWYyNjZhZWMwOWRlNmI4ZjNmYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3LDYTwIhl2EGKGpR9ouj8AdaCtJ
u1NioqR1QqKKbGZBM5V0ZH9J2zGAGrxb1J24AUcO3zelR6eDaUiioFaw+RLfW960
J80JoFo/iAWL0tKahNqsQ9mDeeyY/98RBUBXgEQqgXWs/bxQvji/zk/JKhVDNkwB
ZeHoFIBNuMg634ZulKvbMMVDd+PpE4nNux9WJOqImK8qUDqTVBEVs9o1crW/INEd
hOLNFuEUjGpMSJSTMDBtPw2DVzSEBOGXQfP98gqiilpXGqkiKqV2niHmMmiyTcKr
JZi27wo3Z1umJo75+LPKjWnBD7+8rkFbNxW82JUlzOOgA7rpTee4a/1hlQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF5uJJ272zcsvmHyZq7Anea48/wvMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvWG00a25idmJOeXktWWZKbXJzQ2Q1cmp6X0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsa
MA0GCSqGSIb3DQEBCwUAA4IBAQC3BTrSgHoHj/+JYN4yqRYLl3UJfwSha/Tj2oQ6
OmOsei7pRKaISxYp4qbJU58GkB6CPluIq7LVnfkIt0DSETQLYpL+h9Z0gFxJhYiY
QmjeBvxPpmyO2wVDK58JYPAeasLHcrNGiyq9WWY3SdPLIPy0UzeTqmw9tUerr8n6
meUPvhsFOKfbWSddhaUHp1dZI9YVdNHArhsEHWuZ4suPIDmbT7e7JeltLWOKAv5e
TfsQmrJfZ1HpRRdTAOFYCHExP/Wgg9Z0IEqriaktjEdtBL/Ln7yfiIgCTtbx0S/E
dOg2EI22TJvFwj1sfUu2lkCJi+AwUgRBFaBfpTRupY7aSrjU
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:25:11 2024 by rpki-client on console-ams.rpki-client.org