Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1XHfQ64yXfCXcgjpd82KoEvTLgw.roa
File: 1XHfQ64yXfCXcgjpd82KoEvTLgw.roa (raw, json)
Hash identifier: WguD8JwR4VUciqElA6GY/cU2Ayr8bg2wdw09qNPhUV0=
Subject key identifier: D5:71:DF:43:AE:32:5D:F0:97:72:08:E9:77:CD:8A:A0:4B:D3:2E:0C
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018ECD1804847543D39EBEF4F5EC2985CE05
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1XHfQ64yXfCXcgjpd82KoEvTLgw.roa
Signing time: Thu 11 Apr 2024 12:18:07 +0000
ROA not before: Thu 11 Apr 2024 12:18:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a14:7b80::/32 maxlen: 32
2a14:7b81::/32 maxlen: 32
2a14:7b82::/32 maxlen: 32
2a14:7b83::/32 maxlen: 32
2a14:7b84::/32 maxlen: 32
2a14:7b85::/32 maxlen: 32
2a14:7b86::/32 maxlen: 32
2a14:7b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:18:04:84:75:43:d3:9e:be:f4:f5:ec:29:85:ce:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Apr 11 12:18:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d571df43ae325df0977208e977cd8aa04bd32e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:87:48:bf:c8:10:77:a3:7b:aa:3a:f6:69:ee:
82:f5:9c:75:29:09:3e:56:74:9e:ec:e9:d9:3b:ed:
f6:41:00:3b:95:cb:82:6d:ac:7b:16:cc:3d:2e:70:
e2:dd:68:58:38:1c:c2:d7:9a:a5:25:cd:5d:44:94:
3f:a8:15:f3:ca:79:96:af:c3:74:cb:2d:9c:64:bb:
d7:59:9d:bf:9e:e5:de:a9:7e:86:42:e6:7e:bd:50:
ce:3a:f1:01:68:8f:9c:3a:ce:75:fe:b1:e4:f7:c9:
96:92:65:e3:dd:49:fe:5a:e3:8d:78:b2:5c:a3:29:
a2:29:fe:24:03:1e:b8:3d:b8:10:9c:d7:ff:77:78:
94:85:e4:fb:ac:c5:c4:9c:ae:80:bd:2f:13:7d:55:
0e:df:b4:4a:0b:a8:8e:eb:a9:dc:ad:9c:8d:52:e5:
14:8a:33:3c:f4:ab:da:c0:43:50:41:d5:21:84:43:
b8:07:e2:d3:bb:0f:b5:7e:7c:4d:5f:e7:f2:df:af:
65:e7:e1:f8:b7:be:c9:66:51:25:0a:7a:08:78:ad:
1b:96:9f:c6:71:47:58:d9:a7:15:db:7b:56:23:e4:
99:14:b2:04:b9:a6:2a:17:1a:44:ab:47:98:dd:51:
37:2e:bf:97:9b:f6:46:cb:5c:5c:4f:e4:97:0c:39:
9e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:71:DF:43:AE:32:5D:F0:97:72:08:E9:77:CD:8A:A0:4B:D3:2E:0C
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1XHfQ64yXfCXcgjpd82KoEvTLgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7b80::/29
Signature Algorithm: sha256WithRSAEncryption
65:cc:7c:29:2a:51:64:cb:22:a2:eb:fa:8c:f9:94:b0:38:c6:
e7:97:6c:c9:e9:a8:36:e2:8c:1c:94:67:bc:ab:ef:0f:f9:ba:
07:a9:62:e2:d0:9c:96:09:e0:d1:87:33:2f:15:77:5d:74:a2:
d7:14:2b:a8:5c:80:72:2a:8e:0a:78:b6:19:6d:fd:b5:2b:e4:
dc:29:2c:5d:79:a6:eb:70:c5:62:03:f2:52:0c:60:91:33:c1:
bd:71:7d:3b:07:5b:fc:20:8c:36:3e:6a:51:93:cd:37:26:fd:
34:4b:c1:80:eb:bd:f5:6a:52:ef:40:1b:26:2d:3e:0e:d1:79:
b5:fe:d1:ba:68:a1:0c:3f:a8:d2:37:b9:6d:55:e3:b9:e2:33:
9d:de:ad:7a:89:2f:3f:96:6c:b2:44:a0:a2:a7:57:18:67:d9:
a0:74:57:c3:8e:92:37:d2:bb:fb:01:4b:40:74:bd:05:41:0b:
7c:b9:4e:55:ff:62:e8:bf:ce:1f:7e:a2:72:05:c4:3a:30:ad:
a6:7e:b8:a6:34:8f:b6:21:f1:c7:1c:78:85:d3:78:f2:8b:5b:
00:84:bc:15:d0:07:fe:95:b0:29:24:3e:7f:3e:23:0c:33:af:
e8:3b:ed:bf:86:22:d1:52:af:e1:5d:ee:de:68:f3:a8:61:d5:
9f:c0:88:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7NGASEdUPTnr709ewphc4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNDExMTIxODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTcxZGY0M2FlMzI1ZGYwOTc3MjA4ZTk3N2NkOGFhMDRiZDMyZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIdIv8gQd6N7qjr2ae6C9Zx1KQk+
VnSe7OnZO+32QQA7lcuCbax7Fsw9LnDi3WhYOBzC15qlJc1dRJQ/qBXzynmWr8N0
yy2cZLvXWZ2/nuXeqX6GQuZ+vVDOOvEBaI+cOs51/rHk98mWkmXj3Un+WuONeLJc
oymiKf4kAx64PbgQnNf/d3iUheT7rMXEnK6AvS8TfVUO37RKC6iO66ncrZyNUuUU
ijM89KvawENQQdUhhEO4B+LTuw+1fnxNX+fy369l5+H4t77JZlElCnoIeK0blp/G
cUdY2acV23tWI+SZFLIEuaYqFxpEq0eY3VE3Lr+Xm/ZGy1xcT+SXDDme0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNVx30OuMl3wl3II6XfNiqBL0y4MMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMVhIZlE2NHlYZkNYY2dqcGQ4MktvRXZUTGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhR7gDAN
BgkqhkiG9w0BAQsFAAOCAQEAZcx8KSpRZMsiouv6jPmUsDjG55dsyemoNuKMHJRn
vKvvD/m6B6li4tCclgng0YczLxV3XXSi1xQrqFyAciqOCni2GW39tSvk3CksXXmm
63DFYgPyUgxgkTPBvXF9Owdb/CCMNj5qUZPNNyb9NEvBgOu99WpS70AbJi0+DtF5
tf7RumihDD+o0je5bVXjueIznd6teokvP5ZsskSgoqdXGGfZoHRXw46SN9K7+wFL
QHS9BUELfLlOVf9i6L/OH36icgXEOjCtpn64pjSPtiHxxxx4hdN48otbAIS8FdAH
/pWwKSQ+fz4jDDOv6Dvtv4Yi0VKv4V3u3mjzqGHVn8CIbg==
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:08:17 2024 by rpki-client on console-ams.rpki-client.org