Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/YI0Zob-2lWY9ulUqxy-D1HjBST4.roa
File: YI0Zob-2lWY9ulUqxy-D1HjBST4.roa (raw, json)
Hash identifier: IcoBeMr/TtXwAimt9iRtVkJBOjdvdhaObkeUvM6HcJE=
Subject key identifier: 60:8D:19:A1:BF:B6:95:66:3D:BA:55:2A:C7:2F:83:D4:78:C1:49:3E
Certificate issuer: /CN=b58522dac6bcde8c481333599132a16200e6a5be
Certificate serial: 018CC34943F16692BD896F66E725B5004F15
Authority key identifier: B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/YI0Zob-2lWY9ulUqxy-D1HjBST4.roa
Signing time: Mon 01 Jan 2024 04:30:07 +0000
ROA not before: Mon 01 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49825
IP address blocks: 2001:67c:12d4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:43:f1:66:92:bd:89:6f:66:e7:25:b5:00:4f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b58522dac6bcde8c481333599132a16200e6a5be
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=608d19a1bfb695663dba552ac72f83d478c1493e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:03:b5:7f:08:34:b4:f9:d0:a5:6e:86:2e:f6:
40:a6:f4:89:16:e4:05:ac:f7:6c:bb:8c:51:6e:ed:
34:42:09:29:78:b2:90:47:2f:fb:92:d5:25:61:8d:
2f:e3:b9:6c:e0:6c:09:fd:73:7c:32:19:79:b7:2e:
1b:86:7a:35:e6:9d:1c:34:15:87:d6:23:f0:62:a0:
1d:cc:02:1d:8a:14:52:25:9c:2e:fe:c2:f6:93:04:
7d:6f:06:b1:56:73:e5:1d:7b:c4:24:c0:bb:d0:3b:
b8:e9:f8:63:17:f7:e4:92:6c:1b:82:a0:80:a5:57:
a0:c6:98:8d:63:1b:64:b0:63:2d:45:b8:9e:6c:35:
10:6d:60:fd:c1:de:fd:28:0c:c0:b5:29:87:8a:a8:
ee:5b:91:a0:72:69:48:ab:57:12:dd:5f:54:55:7a:
db:80:30:8e:00:d0:68:ef:8e:eb:90:bc:1f:4e:b4:
c2:30:e9:3b:28:64:51:6f:e8:30:0f:bb:da:b3:ae:
ba:88:36:b8:87:b5:91:43:c7:37:07:72:5d:b5:b7:
57:b5:89:2e:4e:e7:ef:df:6a:72:88:db:b8:9a:83:
71:04:fc:e0:cd:f9:ea:39:f4:ef:2f:0e:94:05:3d:
8f:6e:66:af:18:55:43:c9:ee:93:74:67:63:fd:49:
80:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8D:19:A1:BF:B6:95:66:3D:BA:55:2A:C7:2F:83:D4:78:C1:49:3E
X509v3 Authority Key Identifier:
keyid:B5:85:22:DA:C6:BC:DE:8C:48:13:33:59:91:32:A1:62:00:E6:A5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYUi2sa83oxIEzNZkTKhYgDmpb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/YI0Zob-2lWY9ulUqxy-D1HjBST4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8b5d2a-4bc4-406f-97d5-ba3947c9b22b/1/tYUi2sa83oxIEzNZkTKhYgDmpb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:12d4::/48
Signature Algorithm: sha256WithRSAEncryption
20:dc:4e:f3:e2:d3:b0:a1:c0:39:b7:9f:88:5e:cc:ab:5b:e3:
3d:3b:23:18:71:ec:96:7f:d0:c0:3c:ba:6b:b3:3b:25:60:1f:
45:12:18:a7:03:33:4e:19:7e:0e:a0:bb:d5:fd:df:ca:4f:8f:
aa:98:0b:8a:83:4f:81:e9:a1:b2:5b:3f:98:db:53:d6:cd:86:
c3:30:60:7d:d8:30:9f:3e:75:52:c0:64:90:17:12:04:fd:ec:
fd:55:a4:8b:e2:32:b2:66:65:3a:2a:46:5a:bf:40:e9:03:3e:
db:ad:a9:ec:b9:dc:c5:ce:7d:42:ee:8d:f9:55:25:4d:4f:f6:
2c:4b:04:22:5c:6c:5e:88:43:00:34:c2:b6:20:6e:7c:31:23:
43:ef:86:30:99:a5:23:a9:16:02:60:c5:3b:7b:21:64:0a:a0:
96:e3:6c:6c:7e:a3:1c:37:b9:23:d2:2c:0d:0f:98:7d:87:8e:
f8:ad:b0:a5:77:01:f5:cc:ae:d4:3b:59:c4:1e:88:4b:e0:a4:
aa:72:3d:7f:58:ab:e3:49:f0:04:dd:d9:f8:54:3c:1f:77:ff:
ff:5a:61:b0:5f:38:e3:e5:1c:97:25:8f:50:7b:fc:ba:4e:10:
84:7c:ac:df:73:2f:72:0f:65:b7:91:33:6c:9d:6f:27:db:12:
0f:04:5b:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSUPxZpK9iW9m5yW1AE8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODUyMmRhYzZiY2RlOGM0ODEzMzM1OTkxMzJhMTYyMDBl
NmE1YmUwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhkMTlhMWJmYjY5NTY2M2RiYTU1MmFjNzJmODNkNDc4YzE0OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gO1fwg0tPnQpW6GLvZApvSJFuQF
rPdsu4xRbu00QgkpeLKQRy/7ktUlYY0v47ls4GwJ/XN8Mhl5ty4bhno15p0cNBWH
1iPwYqAdzAIdihRSJZwu/sL2kwR9bwaxVnPlHXvEJMC70Du46fhjF/fkkmwbgqCA
pVegxpiNYxtksGMtRbiebDUQbWD9wd79KAzAtSmHiqjuW5GgcmlIq1cS3V9UVXrb
gDCOANBo747rkLwfTrTCMOk7KGRRb+gwD7vas666iDa4h7WRQ8c3B3JdtbdXtYku
Tufv32pyiNu4moNxBPzgzfnqOfTvLw6UBT2PbmavGFVDye6TdGdj/UmAJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGCNGaG/tpVmPbpVKscvg9R4wUk+MB8GA1UdIwQY
MBaAFLWFItrGvN6MSBMzWZEyoWIA5qW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUt
YmEzOTQ3YzliMjJiLzEvWUkwWm9iLTJsV1k5dWxVcXh5LUQxSGpCU1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YjVkMmEtNGJjNC00MDZmLTk3ZDUtYmEzOTQ3YzliMjJi
LzEvdFlVaTJzYTgzb3hJRXpOWmtUS2hZZ0RtcGI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBLU
MA0GCSqGSIb3DQEBCwUAA4IBAQAg3E7z4tOwocA5t5+IXsyrW+M9OyMYceyWf9DA
PLprszslYB9FEhinAzNOGX4OoLvV/d/KT4+qmAuKg0+B6aGyWz+Y21PWzYbDMGB9
2DCfPnVSwGSQFxIE/ez9VaSL4jKyZmU6KkZav0DpAz7bransudzFzn1C7o35VSVN
T/YsSwQiXGxeiEMANMK2IG58MSND74YwmaUjqRYCYMU7eyFkCqCW42xsfqMcN7kj
0iwND5h9h474rbCldwH1zK7UO1nEHohL4KSqcj1/WKvjSfAE3dn4VDwfd///WmGw
Xzjj5RyXJY9Qe/y6ThCEfKzfcy9yD2W3kTNsnW8n2xIPBFuq
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:44 2024 by rpki-client on console-ams.rpki-client.org