Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/2c2ig1U6hdOZPqIb0OxeKOZZ6As.roa
File: 2c2ig1U6hdOZPqIb0OxeKOZZ6As.roa (raw, json)
Hash identifier: SVtvqLV6mp20hYm2biWZ4kq/cbqwDvNf0nYs1XSV4X0=
Subject key identifier: D9:CD:A2:83:55:3A:85:D3:99:3E:A2:1B:D0:EC:5E:28:E6:59:E8:0B
Certificate issuer: /CN=8b423e1d72b103070bed579c40597ed20b84c16e
Certificate serial: 018F99D32C43F8AA81A46AE4A79E83855C44
Authority key identifier: 8B:42:3E:1D:72:B1:03:07:0B:ED:57:9C:40:59:7E:D2:0B:84:C1:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0I-HXKxAwcL7VecQFl-0guEwW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/2c2ig1U6hdOZPqIb0OxeKOZZ6As.roa
Signing time: Tue 21 May 2024 06:25:04 +0000
ROA not before: Tue 21 May 2024 06:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214904
IP address blocks: 2a06:7f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/i0I-HXKxAwcL7VecQFl-0guEwW4.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/i0I-HXKxAwcL7VecQFl-0guEwW4.mft
rsync://rpki.ripe.net/repository/DEFAULT/i0I-HXKxAwcL7VecQFl-0guEwW4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 15:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:99:d3:2c:43:f8:aa:81:a4:6a:e4:a7:9e:83:85:5c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b423e1d72b103070bed579c40597ed20b84c16e
Validity
Not Before: May 21 06:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9cda283553a85d3993ea21bd0ec5e28e659e80b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:df:c8:25:f3:06:96:55:cc:a2:8a:fa:dd:41:
b2:e8:3d:e8:31:7d:8a:68:5c:ca:4f:10:83:fe:cd:
44:e2:06:0d:9b:54:92:14:b6:75:cd:7b:cd:29:d3:
70:bd:f4:bb:8c:31:3b:7e:35:a9:24:de:1a:17:95:
93:4e:12:60:cf:eb:dc:59:16:b6:9b:43:89:f9:b4:
7f:20:1a:91:8c:4d:e3:08:0a:13:45:42:89:f7:fc:
96:44:81:82:ce:fb:25:ff:23:f3:5d:2e:f6:7a:7c:
3f:a0:1c:8e:c7:05:19:d0:50:84:97:81:04:b6:fb:
67:65:02:29:90:d5:8e:84:c4:1b:29:23:e1:1d:c4:
87:36:5c:46:1d:7b:0f:05:14:ed:6d:55:d8:0e:3d:
c0:1e:1f:af:88:03:bb:df:4b:26:ef:50:ba:48:82:
11:d4:13:b5:28:4b:98:f4:41:25:c0:47:7d:d4:5c:
c9:a9:a4:ca:50:90:b4:d5:5b:c5:e3:4d:90:6d:b5:
98:48:53:09:92:db:62:33:6d:b0:e1:0a:b5:1e:7a:
66:15:84:1b:af:1f:c8:65:57:91:51:b7:be:b7:5e:
8d:63:68:08:be:2c:3e:02:dc:5c:17:af:71:a0:92:
82:8e:b8:76:f2:ac:94:1e:f9:8c:17:bb:b7:f0:2b:
26:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CD:A2:83:55:3A:85:D3:99:3E:A2:1B:D0:EC:5E:28:E6:59:E8:0B
X509v3 Authority Key Identifier:
keyid:8B:42:3E:1D:72:B1:03:07:0B:ED:57:9C:40:59:7E:D2:0B:84:C1:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0I-HXKxAwcL7VecQFl-0guEwW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/2c2ig1U6hdOZPqIb0OxeKOZZ6As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/6758a0-3bb2-475e-a9b8-b909ed202b64/1/i0I-HXKxAwcL7VecQFl-0guEwW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
36:bb:8e:19:74:a0:6a:08:ba:f2:93:2c:34:1d:a9:10:88:b9:
59:b1:29:f0:d6:58:ec:63:68:25:09:28:55:75:88:c4:dd:37:
7f:e2:29:ec:6b:7d:0c:59:eb:0f:51:35:2f:61:17:74:66:c6:
df:68:3a:d5:07:3a:e7:5b:39:58:94:53:15:58:38:2d:d5:cb:
8f:0f:ac:5f:5f:cb:ee:5c:e0:b8:a8:b0:c7:11:5a:a1:4f:2c:
e1:80:0e:ae:45:ab:fd:72:66:ee:e0:d4:bd:1c:97:3c:9a:40:
32:1b:83:d1:ad:cd:8d:d4:0e:0e:1e:66:40:25:bb:01:04:68:
4d:11:53:6b:23:4f:66:21:97:00:8d:a1:73:a2:a6:31:9e:f6:
00:0f:4e:c0:cb:c0:da:ba:14:68:2a:c5:5a:ad:2f:47:21:ea:
35:76:e0:db:95:71:e1:bb:b9:8a:03:00:04:92:91:24:c9:ae:
c6:da:e8:36:1a:47:48:df:b5:a0:9d:d9:1d:bf:c1:e2:e1:ff:
dd:18:a0:d8:d4:49:c5:88:96:75:9a:73:7f:31:97:82:06:12:
17:29:c9:a9:7f:26:61:3f:c0:4c:08:c3:50:8a:c6:89:f5:b3:
5a:6f:12:78:a8:52:41:17:04:fa:65:d3:e6:22:c8:01:b1:71:
c2:97:b1:19
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY+Z0yxD+KqBpGrkp56DhVxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDIzZTFkNzJiMTAzMDcwYmVkNTc5YzQwNTk3ZWQyMGI4
NGMxNmUwHhcNMjQwNTIxMDYyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWNkYTI4MzU1M2E4NWQzOTkzZWEyMWJkMGVjNWUyOGU2NTllODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd/IJfMGllXMoor63UGy6D3oMX2K
aFzKTxCD/s1E4gYNm1SSFLZ1zXvNKdNwvfS7jDE7fjWpJN4aF5WTThJgz+vcWRa2
m0OJ+bR/IBqRjE3jCAoTRUKJ9/yWRIGCzvsl/yPzXS72enw/oByOxwUZ0FCEl4EE
tvtnZQIpkNWOhMQbKSPhHcSHNlxGHXsPBRTtbVXYDj3AHh+viAO730sm71C6SIIR
1BO1KEuY9EElwEd91FzJqaTKUJC01VvF402QbbWYSFMJkttiM22w4Qq1HnpmFYQb
rx/IZVeRUbe+t16NY2gIviw+AtxcF69xoJKCjrh28qyUHvmMF7u38Csm8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNnNooNVOoXTmT6iG9DsXijmWegLMB8GA1UdIwQY
MBaAFItCPh1ysQMHC+1XnEBZftILhMFuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBJLUhYS3hBd2NMN1ZlY1FGbC0wZ3VFd1c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82NzU4YTAtM2JiMi00NzVlLWE5Yjgt
YjkwOWVkMjAyYjY0LzEvMmMyaWcxVTZoZE9aUHFJYjBPeGVLT1paNkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82NzU4YTAtM2JiMi00NzVlLWE5YjgtYjkwOWVkMjAyYjY0
LzEvaTBJLUhYS3hBd2NMN1ZlY1FGbC0wZ3VFd1c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgZ/ADAN
BgkqhkiG9w0BAQsFAAOCAQEANruOGXSgagi68pMsNB2pEIi5WbEp8NZY7GNoJQko
VXWIxN03f+Ip7Gt9DFnrD1E1L2EXdGbG32g61Qc651s5WJRTFVg4LdXLjw+sX1/L
7lzguKiwxxFaoU8s4YAOrkWr/XJm7uDUvRyXPJpAMhuD0a3NjdQODh5mQCW7AQRo
TRFTayNPZiGXAI2hc6KmMZ72AA9OwMvA2roUaCrFWq0vRyHqNXbg25Vx4bu5igMA
BJKRJMmuxtroNhpHSN+1oJ3ZHb/B4uH/3Rig2NRJxYiWdZpzfzGXggYSFynJqX8m
YT/ATAjDUIrGifWzWm8SeKhSQRcE+mXT5iLIAbFxwpexGQ==
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:21:38 2024 by rpki-client on console-ams.rpki-client.org