Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/nZCbq98MlHrgjTuHW9ggPCz4cIQ.roa
File: nZCbq98MlHrgjTuHW9ggPCz4cIQ.roa (raw, json)
Hash identifier: cGxafpUBEgZE/ooU9SRBvx9mvfh5I/C7g8YSNzrUJrY=
Subject key identifier: 9D:90:9B:AB:DF:0C:94:7A:E0:8D:3B:87:5B:D8:20:3C:2C:F8:70:84
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 018CC7274D4E0B41AA78D3C0E2D09BDF14DF
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/nZCbq98MlHrgjTuHW9ggPCz4cIQ.roa
Signing time: Mon 01 Jan 2024 22:31:30 +0000
ROA not before: Mon 01 Jan 2024 22:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216355
IP address blocks: 2a06:d1c1:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.mft
rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4d:4e:0b:41:aa:78:d3:c0:e2:d0:9b:df:14:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 1 22:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d909babdf0c947ae08d3b875bd8203c2cf87084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e1:34:2c:8a:6a:70:7c:81:29:d9:cc:15:b0:
29:56:a5:17:05:af:e7:9e:02:e3:5d:76:1d:fe:af:
f7:e0:2b:9d:13:f9:0e:a4:c0:14:82:c7:18:fc:96:
af:77:21:92:e7:e6:f9:80:67:dc:d8:49:14:93:cb:
e1:42:8e:e2:48:ea:f4:f7:46:81:5c:f6:19:26:00:
2c:31:de:d0:9a:28:33:6c:12:8a:3d:0d:d6:7f:0a:
b3:66:e2:c0:8c:8b:bd:f7:67:d3:c8:f4:26:14:eb:
ea:80:ef:cb:e7:62:f3:72:67:54:8a:37:e7:0b:d8:
3a:99:e3:e5:88:96:2a:1d:c3:25:08:8c:16:e9:71:
7e:85:ab:84:30:53:af:e7:af:73:17:0c:4e:81:aa:
7e:0f:03:fa:ea:27:d5:da:fa:a8:15:9c:ef:3a:fb:
b3:5e:d3:84:1d:3b:2f:43:66:69:1d:da:3f:0a:1f:
ab:88:fb:c8:25:3a:7d:fe:d9:9a:69:8d:b9:e8:69:
41:b3:37:32:d2:56:6e:42:96:76:ee:92:d2:8a:e8:
42:70:62:c7:5d:96:ee:bd:6e:60:39:a9:fd:6c:8d:
ef:2c:b5:2d:85:82:15:62:cb:fb:a4:86:8e:16:14:
e5:e0:51:e4:c8:d3:15:9c:be:e1:ca:43:e1:ce:6d:
f0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:90:9B:AB:DF:0C:94:7A:E0:8D:3B:87:5B:D8:20:3C:2C:F8:70:84
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/nZCbq98MlHrgjTuHW9ggPCz4cIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d1c1:1f::/48
Signature Algorithm: sha256WithRSAEncryption
14:08:02:d6:51:75:a4:21:e4:36:7a:d8:6f:c5:21:9c:d4:50:
8c:5f:05:20:39:c0:d1:cd:af:c4:40:e8:25:93:c1:b6:06:0b:
e9:3b:1e:a2:49:d6:50:61:90:2c:41:35:f1:ee:fd:d9:00:2b:
23:a4:5e:94:0d:ab:67:8e:16:24:0a:5e:9f:03:8b:6c:94:60:
7a:56:cf:47:7c:66:60:0a:90:44:81:1f:ad:b4:40:d2:c4:15:
ee:ee:d1:ba:9f:59:f8:30:5f:18:c1:28:aa:3d:94:14:a0:d1:
b1:76:f1:ca:78:ae:1d:da:04:e8:8e:ea:d8:3a:10:41:2e:22:
3f:1f:ec:f6:ea:d4:01:0e:67:23:27:4b:01:9b:57:21:c0:5b:
52:a9:fb:ec:9c:5a:fe:fd:e0:f4:88:96:e2:5b:e9:a8:5f:87:
a0:79:e0:12:86:09:4f:67:83:f7:bc:50:b6:ba:90:1c:2f:26:
4c:6d:5a:59:10:06:2e:6a:ac:33:52:80:b7:8c:fc:14:08:aa:
d5:d0:34:fd:a6:0a:96:d0:1c:cb:ca:0d:47:75:14:31:37:7e:
1e:56:97:16:61:1b:53:97:b7:f6:a9:eb:44:4f:23:b9:fd:33:
4a:5b:00:27:54:b9:57:18:8c:49:c9:ac:85:04:8c:9e:b1:42:
a0:7f:b9:9d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJ01OC0GqeNPA4tCb3xTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjQwMTAxMjIzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDkwOWJhYmRmMGM5NDdhZTA4ZDNiODc1YmQ4MjAzYzJjZjg3MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuE0LIpqcHyBKdnMFbApVqUXBa/n
ngLjXXYd/q/34CudE/kOpMAUgscY/JavdyGS5+b5gGfc2EkUk8vhQo7iSOr090aB
XPYZJgAsMd7QmigzbBKKPQ3WfwqzZuLAjIu992fTyPQmFOvqgO/L52LzcmdUijfn
C9g6mePliJYqHcMlCIwW6XF+hauEMFOv569zFwxOgap+DwP66ifV2vqoFZzvOvuz
XtOEHTsvQ2ZpHdo/Ch+riPvIJTp9/tmaaY256GlBszcy0lZuQpZ27pLSiuhCcGLH
XZbuvW5gOan9bI3vLLUthYIVYsv7pIaOFhTl4FHkyNMVnL7hykPhzm3w2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ2Qm6vfDJR64I07h1vYIDws+HCEMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvblpDYnE5OE1sSHJnalR1SFc5Z2dQQ3o0Y0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbRwQAf
MA0GCSqGSIb3DQEBCwUAA4IBAQAUCALWUXWkIeQ2ethvxSGc1FCMXwUgOcDRza/E
QOglk8G2BgvpOx6iSdZQYZAsQTXx7v3ZACsjpF6UDatnjhYkCl6fA4tslGB6Vs9H
fGZgCpBEgR+ttEDSxBXu7tG6n1n4MF8YwSiqPZQUoNGxdvHKeK4d2gTojurYOhBB
LiI/H+z26tQBDmcjJ0sBm1chwFtSqfvsnFr+/eD0iJbiW+moX4egeeAShglPZ4P3
vFC2upAcLyZMbVpZEAYuaqwzUoC3jPwUCKrV0DT9pgqW0BzLyg1HdRQxN34eVpcW
YRtTl7f2qetETyO5/TNKWwAnVLlXGIxJyayFBIyesUKgf7md
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:59:22 2024 by rpki-client on console-fra.rpki-client.org