Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xhgYtoof1j9S2Ehd3hXL56c6IKA.roa
File: xhgYtoof1j9S2Ehd3hXL56c6IKA.roa (raw, json)
Hash identifier: 1Nv5gBmxhIKv5Ix7x8akjZavSIABtGIDzveuw8CuVQM=
Subject key identifier: C6:18:18:B6:8A:1F:D6:3F:52:D8:48:5D:DE:15:CB:E7:A7:3A:20:A0
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8016C49ADFB25634C54388F6ABC8C82
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xhgYtoof1j9S2Ehd3hXL56c6IKA.roa
Signing time: Tue 02 Jan 2024 02:29:45 +0000
ROA not before: Tue 02 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209661
IP address blocks: 2a0c:b641:210::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6c:49:ad:fb:25:63:4c:54:38:8f:6a:bc:8c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c61818b68a1fd63f52d8485dde15cbe7a73a20a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9c:49:cb:57:6d:c8:7f:ae:24:ad:aa:3c:c7:
e3:6a:6f:24:7c:33:bb:d8:87:f0:af:32:2a:2f:09:
06:e0:de:aa:40:da:e5:1a:1f:68:f8:59:85:3c:2e:
8d:16:1e:05:bf:46:4c:14:b0:a2:ba:f8:77:b6:ed:
63:41:ad:89:87:71:71:1a:d7:ad:ad:75:00:c3:f2:
2d:b3:e5:25:8c:37:f3:ca:c6:e0:0a:48:f5:ee:12:
05:7b:54:95:7a:5e:c2:ae:0f:dc:eb:46:9f:1b:f3:
dd:09:e4:7e:7f:d3:fb:db:c1:6d:ef:1e:9d:e4:47:
4c:85:0b:ec:3f:07:56:6e:1a:9f:5e:d0:90:ec:67:
c0:c1:8b:d9:67:38:3c:ba:d6:4a:91:26:88:d0:ea:
ec:01:f5:0d:d4:6a:b0:dc:69:e3:d7:73:5f:13:3c:
df:bf:3f:ad:5c:e9:49:20:49:b5:90:3d:e9:79:f4:
81:e4:2f:d4:ef:76:83:02:68:3b:3f:e7:49:9b:78:
96:2d:1c:aa:6d:53:37:cc:93:f2:3e:c1:d6:30:c3:
6f:94:a2:d2:54:bc:7b:38:52:d2:8b:eb:60:96:d6:
0f:e8:57:3d:c3:ef:21:35:81:bd:75:45:cb:8a:e3:
df:e5:26:2b:42:1a:56:af:39:38:ea:dd:99:14:87:
45:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:18:18:B6:8A:1F:D6:3F:52:D8:48:5D:DE:15:CB:E7:A7:3A:20:A0
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/xhgYtoof1j9S2Ehd3hXL56c6IKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:210::/44
Signature Algorithm: sha256WithRSAEncryption
75:2d:4c:58:90:e8:f9:fc:b1:c9:c9:16:aa:41:c5:42:8a:98:
02:62:3d:34:5d:86:ca:73:99:04:28:ea:39:23:93:0d:0a:4d:
03:8e:d2:95:92:a7:8c:ed:de:9e:39:25:aa:f7:75:7d:32:00:
42:af:ad:37:ff:98:5d:b3:1c:e9:69:e5:37:21:af:2a:67:de:
64:27:4b:4f:5e:a9:06:0c:e5:ba:90:cd:2e:57:91:e6:1a:dc:
36:15:d3:d5:61:90:ab:16:db:9a:25:56:1f:8d:52:b0:e8:bb:
58:0e:dc:0d:ba:f3:40:df:76:b3:88:a7:e1:c2:f7:63:ab:20:
98:c4:e7:21:75:89:ee:58:75:49:3b:a5:4f:90:fb:98:b6:54:
38:35:d0:89:eb:6e:9e:05:f4:ee:86:04:39:4e:d8:91:e0:81:
60:fb:2c:9e:3e:c6:ad:59:3c:08:08:36:94:e6:1f:a9:3e:e1:
53:b0:08:28:15:e3:9b:28:6c:42:56:4b:4f:d8:6a:4d:e9:36:
f4:fb:d5:f5:73:28:dd:3a:bd:d1:62:69:b0:e3:3b:71:b0:0c:
58:e6:51:23:15:b7:db:74:7b:ca:67:2c:67:b6:50:cd:9e:73:
2e:10:29:b6:61:b6:e8:91:0e:e5:f8:ba:0b:00:47:2a:46:7f:
a1:ee:15:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAWxJrfslY0xUOI9qvIyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjE4MThiNjhhMWZkNjNmNTJkODQ4NWRkZTE1Y2JlN2E3M2EyMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZxJy1dtyH+uJK2qPMfjam8kfDO7
2IfwrzIqLwkG4N6qQNrlGh9o+FmFPC6NFh4Fv0ZMFLCiuvh3tu1jQa2Jh3FxGtet
rXUAw/Its+UljDfzysbgCkj17hIFe1SVel7Crg/c60afG/PdCeR+f9P728Ft7x6d
5EdMhQvsPwdWbhqfXtCQ7GfAwYvZZzg8utZKkSaI0OrsAfUN1Gqw3Gnj13NfEzzf
vz+tXOlJIEm1kD3pefSB5C/U73aDAmg7P+dJm3iWLRyqbVM3zJPyPsHWMMNvlKLS
VLx7OFLSi+tgltYP6Fc9w+8hNYG9dUXLiuPf5SYrQhpWrzk46t2ZFIdFgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMYYGLaKH9Y/UthIXd4Vy+enOiCgMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEveGhnWXRvb2YxajlTMkVoZDNoWEw1NmM2SUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB1LUxYkOj5/LHJyRaqQcVCipgCYj00XYbKc5kE
KOo5I5MNCk0DjtKVkqeM7d6eOSWq93V9MgBCr603/5hdsxzpaeU3Ia8qZ95kJ0tP
XqkGDOW6kM0uV5HmGtw2FdPVYZCrFtuaJVYfjVKw6LtYDtwNuvNA33aziKfhwvdj
qyCYxOchdYnuWHVJO6VPkPuYtlQ4NdCJ626eBfTuhgQ5TtiR4IFg+yyePsatWTwI
CDaU5h+pPuFTsAgoFeObKGxCVktP2GpN6Tb0+9X1cyjdOr3RYmmw4ztxsAxY5lEj
FbfbdHvKZyxntlDNnnMuECm2YbbokQ7l+LoLAEcqRn+h7hUp
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:49:19 2024 by rpki-client on console-fra.rpki-client.org