Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/jyd2TlVXjwv1zRwTsPtE8JZfIqY.roa
File: jyd2TlVXjwv1zRwTsPtE8JZfIqY.roa (raw, json)
Hash identifier: heSrz/Q6rC0ujuN/kLFt5MiAK+nHt/TeJQNYONrbkKQ=
Subject key identifier: 8F:27:76:4E:55:57:8F:0B:F5:CD:1C:13:B0:FB:44:F0:96:5F:22:A6
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA295FAAEF77CA5F9F70973DF1686A76
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/jyd2TlVXjwv1zRwTsPtE8JZfIqY.roa
Signing time: Tue 02 Jan 2024 12:32:38 +0000
ROA not before: Tue 02 Jan 2024 12:32:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207314
IP address blocks: 2a0e:8f02:2230::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:5f:aa:ef:77:ca:5f:9f:70:97:3d:f1:68:6a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f27764e55578f0bf5cd1c13b0fb44f0965f22a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d9:ad:57:7e:02:37:24:09:e1:35:a1:77:43:
dc:f9:c7:8f:82:5d:4d:f1:38:20:c8:c0:84:77:55:
42:d8:e5:b2:ec:25:78:94:c0:4f:3e:90:f9:09:66:
82:f5:38:f8:01:6e:ac:b6:35:54:f8:9b:47:a3:fb:
5e:db:d2:96:dc:c0:c3:9d:7e:4c:a7:2d:f1:d5:a3:
d9:6d:48:9a:21:52:b4:12:f5:d4:42:cb:b6:e4:cf:
45:44:aa:b6:63:ae:d7:c9:15:55:80:1f:24:31:e7:
90:c6:04:c3:31:f6:dd:df:bd:df:6a:f5:69:ed:05:
80:6e:d1:6c:77:12:c5:ee:eb:32:2d:5f:66:7f:8f:
e0:a5:52:b8:6a:63:a9:19:76:5c:03:7d:76:eb:92:
03:06:6d:dd:05:cb:94:ec:c9:e8:16:5a:25:7e:cd:
bb:c5:d7:09:35:d3:4d:24:3a:46:0e:d9:9c:b3:3b:
4f:ba:9a:13:7c:39:e2:72:8c:52:d3:b5:b1:6b:8a:
83:86:66:5e:77:dc:85:41:c6:22:97:81:de:cd:19:
89:eb:0e:49:bf:53:0c:6b:e5:e6:a1:87:d5:af:86:
93:62:57:93:ca:e0:2d:4b:ba:6b:48:de:cc:41:7f:
69:1d:11:84:93:e4:6c:47:3a:90:e8:c4:c8:74:5a:
c8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:27:76:4E:55:57:8F:0B:F5:CD:1C:13:B0:FB:44:F0:96:5F:22:A6
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/jyd2TlVXjwv1zRwTsPtE8JZfIqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2230::/44
Signature Algorithm: sha256WithRSAEncryption
29:30:89:d5:8c:21:73:62:a1:ef:6f:3f:17:65:57:2e:75:1e:
03:9f:34:49:d7:ba:d9:f2:97:51:40:28:db:77:47:c5:7e:bc:
0c:82:d1:61:8b:b0:de:aa:76:17:0b:db:4e:e6:ca:06:b2:2a:
ab:fc:a4:44:ba:b6:ab:b9:77:e4:f8:e8:fb:eb:73:0c:a2:1f:
a1:7c:e9:57:dd:75:9c:f1:d6:4b:f2:f3:1b:c9:f8:e8:29:65:
e2:ac:12:fc:ff:f5:22:02:2e:51:21:b1:63:76:83:d7:8d:20:
aa:f9:5c:88:e3:a1:5c:ad:16:fd:25:24:39:37:cf:a1:3a:90:
6d:9c:a0:92:fa:03:1c:9e:72:1e:72:70:64:a1:80:f7:7e:30:
66:bd:ef:07:86:e7:25:d3:1f:d4:57:aa:86:dc:78:af:01:7a:
fa:4f:ed:f4:8f:10:c8:ea:6e:79:6a:a9:ec:8d:18:6d:0d:e2:
c0:c7:7e:57:fa:ee:b2:02:56:5d:ae:33:75:da:5a:2a:5f:11:
80:fb:da:2a:2a:d5:75:1b:be:c3:49:26:2b:de:01:a2:34:2d:
49:58:79:26:89:63:18:99:9c:a4:7f:79:59:1e:c0:4e:0d:f6:
eb:68:8a:f4:86:5d:46:a6:70:78:9d:02:fc:45:79:05:6e:dc:
21:63:ce:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKV+q73fKX59wlz3xaGp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjI3NzY0ZTU1NTc4ZjBiZjVjZDFjMTNiMGZiNDRmMDk2NWYyMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdmtV34CNyQJ4TWhd0Pc+cePgl1N
8TggyMCEd1VC2OWy7CV4lMBPPpD5CWaC9Tj4AW6stjVU+JtHo/te29KW3MDDnX5M
py3x1aPZbUiaIVK0EvXUQsu25M9FRKq2Y67XyRVVgB8kMeeQxgTDMfbd373favVp
7QWAbtFsdxLF7usyLV9mf4/gpVK4amOpGXZcA31265IDBm3dBcuU7MnoFlolfs27
xdcJNdNNJDpGDtmcsztPupoTfDnicoxS07Wxa4qDhmZed9yFQcYil4HezRmJ6w5J
v1MMa+XmoYfVr4aTYleTyuAtS7prSN7MQX9pHRGEk+RsRzqQ6MTIdFrIPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI8ndk5VV48L9c0cE7D7RPCWXyKmMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvanlkMlRsVlhqd3YxelJ3VHNQdEU4SlpmSXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiIw
MA0GCSqGSIb3DQEBCwUAA4IBAQApMInVjCFzYqHvbz8XZVcudR4DnzRJ17rZ8pdR
QCjbd0fFfrwMgtFhi7DeqnYXC9tO5soGsiqr/KREuraruXfk+Oj763MMoh+hfOlX
3XWc8dZL8vMbyfjoKWXirBL8//UiAi5RIbFjdoPXjSCq+VyI46FcrRb9JSQ5N8+h
OpBtnKCS+gMcnnIecnBkoYD3fjBmve8Hhucl0x/UV6qG3HivAXr6T+30jxDI6m55
aqnsjRhtDeLAx35X+u6yAlZdrjN12loqXxGA+9oqKtV1G77DSSYr3gGiNC1JWHkm
iWMYmZykf3lZHsBODfbraIr0hl1GpnB4nQL8RXkFbtwhY86N
-----END CERTIFICATE-----
Generated at Tue May 21 20:28:28 2024 by rpki-client on console-ams.rpki-client.org