Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/K_rxazhoxIH6k5GYZwu7TZnctyQ.roa
File: K_rxazhoxIH6k5GYZwu7TZnctyQ.roa (raw, json)
Hash identifier: Wvb2Sfx4gfTLaCZB4M+Pp5XRrbhpcxJUcm2Lb8sqW/k=
Subject key identifier: 2B:FA:F1:6B:38:68:C4:81:FA:93:91:98:67:0B:BB:4D:99:DC:B7:24
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 018CC8DE106798CEE85C8AA143CD1D852A40
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/K_rxazhoxIH6k5GYZwu7TZnctyQ.roa
Signing time: Tue 02 Jan 2024 06:30:45 +0000
ROA not before: Tue 02 Jan 2024 06:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48011
IP address blocks: 2a01:4ac0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:10:67:98:ce:e8:5c:8a:a1:43:cd:1d:85:2a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 2 06:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bfaf16b3868c481fa939198670bbb4d99dcb724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2a:d3:f3:0c:e2:1f:3a:a8:eb:62:7a:7b:9b:
40:01:68:96:18:87:02:63:91:65:c3:3a:72:ce:5d:
b4:33:f4:61:a2:e4:6b:c8:c2:fa:bb:f7:a3:0d:af:
06:d3:ec:8c:db:cf:b9:94:77:d6:43:13:d7:5b:cd:
4e:9c:87:9c:01:d3:c0:02:3c:8c:59:75:88:6b:f9:
a4:72:8d:31:82:7a:73:3c:34:f7:03:29:aa:28:9a:
f5:71:58:ab:65:fc:b4:7f:51:06:d2:d1:b3:49:3e:
1b:76:63:b7:ea:be:75:1f:ef:51:4f:f7:c8:5f:64:
07:2f:3a:ed:bd:40:a6:b6:f2:67:9a:b1:e8:99:25:
39:38:43:46:71:7d:63:f0:94:a8:1f:24:4b:59:2c:
87:a2:69:21:8e:eb:a9:97:f8:d5:52:5d:22:de:3e:
3a:e4:c9:37:1a:0c:60:70:d4:b0:af:db:04:02:aa:
04:f0:cf:73:dd:da:ab:a5:9d:be:40:3b:6f:bf:19:
a3:8c:14:5f:a5:66:89:a1:89:7b:6a:b1:09:b0:e7:
ef:59:6c:06:4f:b0:4b:2e:81:50:9e:21:d8:47:4d:
3b:b1:01:41:d1:17:fc:f4:15:70:e2:fc:97:ff:03:
19:c4:cc:63:75:e0:b2:6e:58:6b:d3:82:f2:1e:7e:
31:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FA:F1:6B:38:68:C4:81:FA:93:91:98:67:0B:BB:4D:99:DC:B7:24
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/K_rxazhoxIH6k5GYZwu7TZnctyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:4ac0::/48
Signature Algorithm: sha256WithRSAEncryption
9e:1c:5c:c1:e3:20:4b:61:8f:11:0e:7c:4f:64:6c:42:9f:06:
96:dc:db:e9:a5:d8:86:0e:a6:07:e0:2c:fa:01:89:74:37:97:
56:ec:a0:51:85:9d:84:9b:47:25:87:04:a3:61:18:66:ea:cd:
7a:12:34:e2:66:57:dc:4e:00:ea:e6:75:cb:a8:e6:13:ce:88:
0c:55:dc:24:0f:6b:58:2c:6c:f3:af:82:cf:11:25:67:78:29:
2c:bb:8f:a0:4d:74:fc:78:c0:21:86:fa:e9:6f:c1:52:3c:e2:
9f:66:00:8c:a9:b0:42:10:2a:7d:9c:bb:74:16:10:95:ee:ff:
9a:ec:6e:31:44:57:43:69:d7:b0:c0:db:29:53:ea:c6:d8:29:
33:de:09:fe:b0:30:f3:bf:e3:33:22:fe:5c:f7:03:88:f3:e4:
72:b5:42:dd:97:b5:36:15:b8:41:65:12:41:7c:42:ae:96:2e:
66:02:8e:84:da:07:95:d7:33:47:0b:89:38:7c:a3:ac:75:86:
8d:21:e9:2b:c8:12:1e:64:98:ce:71:ab:88:e7:fc:a9:85:20:
4d:69:81:e4:6b:83:60:2c:2d:41:4c:2b:f0:fe:0b:7e:10:ef:
36:c2:8d:9a:a2:23:2f:e0:bd:73:36:52:36:3a:d2:b2:cc:62:
f0:16:25:9c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzI3hBnmM7oXIqhQ80dhSpAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjQwMTAyMDYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZhZjE2YjM4NjhjNDgxZmE5MzkxOTg2NzBiYmI0ZDk5ZGNiNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyrT8wziHzqo62J6e5tAAWiWGIcC
Y5Flwzpyzl20M/RhouRryML6u/ejDa8G0+yM28+5lHfWQxPXW81OnIecAdPAAjyM
WXWIa/mkco0xgnpzPDT3AymqKJr1cVirZfy0f1EG0tGzST4bdmO36r51H+9RT/fI
X2QHLzrtvUCmtvJnmrHomSU5OENGcX1j8JSoHyRLWSyHomkhjuupl/jVUl0i3j46
5Mk3GgxgcNSwr9sEAqoE8M9z3dqrpZ2+QDtvvxmjjBRfpWaJoYl7arEJsOfvWWwG
T7BLLoFQniHYR007sQFB0Rf89BVw4vyX/wMZxMxjdeCyblhr04LyHn4xeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCv68Ws4aMSB+pORmGcLu02Z3LckMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvS19yeGF6aG94SUg2azVHWVp3dTdUWm5jdHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgFKwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCeHFzB4yBLYY8RDnxPZGxCnwaW3NvppdiGDqYH
4Cz6AYl0N5dW7KBRhZ2Em0clhwSjYRhm6s16EjTiZlfcTgDq5nXLqOYTzogMVdwk
D2tYLGzzr4LPESVneCksu4+gTXT8eMAhhvrpb8FSPOKfZgCMqbBCECp9nLt0FhCV
7v+a7G4xRFdDadewwNspU+rG2Ckz3gn+sDDzv+MzIv5c9wOI8+RytULdl7U2FbhB
ZRJBfEKuli5mAo6E2geV1zNHC4k4fKOsdYaNIekryBIeZJjOcauI5/yphSBNaYHk
a4NgLC1BTCvw/gt+EO82wo2aoiMv4L1zNlI2OtKyzGLwFiWc
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:03:20 2024 by rpki-client on console-ams.rpki-client.org