Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/ycMokGvexTq49k-kuhf2PcfmtFs.roa
File: ycMokGvexTq49k-kuhf2PcfmtFs.roa (raw, json)
Hash identifier: jeYn1Df5ySKu+UVY+9R7OHJd8V3YdtE2tBzeMMqj60o=
Subject key identifier: C9:C3:28:90:6B:DE:C5:3A:B8:F6:4F:A4:BA:17:F6:3D:C7:E6:B4:5B
Certificate issuer: /CN=3c859ed693ce3de059caa0a0c1e4245c5e9e37e4
Certificate serial: 018CC72775411071ADBC14F90A008D3A6F6F
Authority key identifier: 3C:85:9E:D6:93:CE:3D:E0:59:CA:A0:A0:C1:E4:24:5C:5E:9E:37:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIWe1pPOPeBZyqCgweQkXF6eN-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/ycMokGvexTq49k-kuhf2PcfmtFs.roa
Signing time: Mon 01 Jan 2024 22:31:41 +0000
ROA not before: Mon 01 Jan 2024 22:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198150
IP address blocks: 2a13:9cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/PIWe1pPOPeBZyqCgweQkXF6eN-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/PIWe1pPOPeBZyqCgweQkXF6eN-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/PIWe1pPOPeBZyqCgweQkXF6eN-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:75:41:10:71:ad:bc:14:f9:0a:00:8d:3a:6f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c859ed693ce3de059caa0a0c1e4245c5e9e37e4
Validity
Not Before: Jan 1 22:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9c328906bdec53ab8f64fa4ba17f63dc7e6b45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:af:f1:56:f8:15:ca:7b:2b:e3:64:49:54:
69:f8:9a:a4:51:6b:c6:69:a8:1e:49:11:d0:b7:c5:
47:ae:a2:88:f5:c5:af:dd:b0:2b:50:8e:f4:fb:83:
5b:69:bb:10:a3:28:0a:8a:b3:6c:b7:94:9b:c6:e1:
c9:7a:44:bd:76:d6:c1:52:3e:e5:c6:ea:5d:78:67:
74:6b:7e:9d:0f:a7:70:24:31:80:32:9b:db:13:8a:
ba:33:58:f2:36:46:ac:49:6e:16:f4:0d:c1:5f:55:
79:2d:06:59:62:de:de:b7:34:cb:fd:f1:cf:f5:07:
9f:41:88:4b:e5:9e:ad:82:c9:4f:07:6d:72:19:ce:
66:64:08:79:a6:d0:c9:79:21:39:b2:83:e6:55:34:
1e:cf:16:3f:09:77:4f:11:57:25:e9:fc:32:6b:e6:
cd:9f:bd:0a:a0:eb:05:d0:e9:84:af:a7:a3:48:88:
b6:02:c7:6e:91:1c:d7:ba:62:69:03:f7:d0:56:d2:
33:e7:5b:02:26:ab:10:5b:d5:b3:62:04:99:9b:77:
de:60:de:58:3a:fb:8f:1d:27:53:75:6a:7c:27:1f:
c0:d4:45:21:8d:55:b0:8b:0f:49:ee:b6:e3:87:dd:
ee:73:1f:4c:73:eb:86:fc:ee:17:bb:a4:89:94:15:
f8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C3:28:90:6B:DE:C5:3A:B8:F6:4F:A4:BA:17:F6:3D:C7:E6:B4:5B
X509v3 Authority Key Identifier:
keyid:3C:85:9E:D6:93:CE:3D:E0:59:CA:A0:A0:C1:E4:24:5C:5E:9E:37:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIWe1pPOPeBZyqCgweQkXF6eN-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/ycMokGvexTq49k-kuhf2PcfmtFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/fd9054-778d-413d-9e95-5511daa72778/1/PIWe1pPOPeBZyqCgweQkXF6eN-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:86:c3:2b:54:fd:f3:43:35:c2:2b:ef:33:31:36:ef:63:0d:
5b:dd:f6:8b:fd:bb:1f:19:3c:70:70:80:45:1d:1a:39:46:da:
12:7f:40:00:8f:31:10:20:4b:bc:38:b6:f8:b4:97:f9:57:ed:
c2:23:fd:ac:b9:a2:62:86:4a:0b:ae:f6:a6:9c:da:25:be:a5:
22:1a:1e:fc:0f:91:6d:63:e4:f1:f4:47:8c:35:cf:d5:4e:f3:
1e:5e:99:5c:cd:e5:be:2f:7b:72:50:87:b5:02:1d:91:55:66:
cb:96:2f:e3:05:7f:b5:ca:9c:40:ae:f2:49:50:16:d5:20:93:
75:82:18:51:eb:c3:cc:80:7e:ce:84:e3:3b:b6:63:0e:02:71:
be:01:0d:bf:2e:1e:0b:45:92:73:bc:68:b8:70:e0:ec:43:db:
a0:bf:9c:35:56:ee:e5:22:cc:21:c0:a1:c6:1c:b2:c0:22:41:
9f:0c:a7:03:33:67:80:1d:a5:90:b2:c8:60:d9:aa:ab:ae:a3:
c7:e1:33:5c:a7:f5:66:62:ea:76:36:cd:6f:d4:47:10:60:33:
fe:7c:8d:6b:93:ae:2e:56:7d:97:03:49:35:77:b2:df:fc:ef:
cc:72:35:fc:96:e8:07:44:58:30:79:ca:61:8b:a1:7b:38:61:
95:f6:87:91
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJ3VBEHGtvBT5CgCNOm9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjODU5ZWQ2OTNjZTNkZTA1OWNhYTBhMGMxZTQyNDVjNWU5
ZTM3ZTQwHhcNMjQwMTAxMjIzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWMzMjg5MDZiZGVjNTNhYjhmNjRmYTRiYTE3ZjYzZGM3ZTZiNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3yv8Vb4Fcp7K+NkSVRp+JqkUWvG
aageSRHQt8VHrqKI9cWv3bArUI70+4NbabsQoygKirNst5SbxuHJekS9dtbBUj7l
xupdeGd0a36dD6dwJDGAMpvbE4q6M1jyNkasSW4W9A3BX1V5LQZZYt7etzTL/fHP
9QefQYhL5Z6tgslPB21yGc5mZAh5ptDJeSE5soPmVTQezxY/CXdPEVcl6fwya+bN
n70KoOsF0OmEr6ejSIi2AsdukRzXumJpA/fQVtIz51sCJqsQW9WzYgSZm3feYN5Y
OvuPHSdTdWp8Jx/A1EUhjVWwiw9J7rbjh93ucx9Mc+uG/O4Xu6SJlBX4MwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMnDKJBr3sU6uPZPpLoX9j3H5rRbMB8GA1UdIwQY
MBaAFDyFntaTzj3gWcqgoMHkJFxenjfkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUElXZTFwUE9QZUJaeXFDZ3dlUWtYRjZlTi1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9mZDkwNTQtNzc4ZC00MTNkLTllOTUt
NTUxMWRhYTcyNzc4LzEveWNNb2tHdmV4VHE0OWsta3VoZjJQY2ZtdEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9mZDkwNTQtNzc4ZC00MTNkLTllOTUtNTUxMWRhYTcyNzc4
LzEvUElXZTFwUE9QZUJaeXFDZ3dlUWtYRjZlTi1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOcwDAN
BgkqhkiG9w0BAQsFAAOCAQEArIbDK1T980M1wivvMzE272MNW932i/27Hxk8cHCA
RR0aOUbaEn9AAI8xECBLvDi2+LSX+VftwiP9rLmiYoZKC672ppzaJb6lIhoe/A+R
bWPk8fRHjDXP1U7zHl6ZXM3lvi97clCHtQIdkVVmy5Yv4wV/tcqcQK7ySVAW1SCT
dYIYUevDzIB+zoTjO7ZjDgJxvgENvy4eC0WSc7xouHDg7EPboL+cNVbu5SLMIcCh
xhyywCJBnwynAzNngB2lkLLIYNmqq66jx+EzXKf1ZmLqdjbNb9RHEGAz/nyNa5Ou
LlZ9lwNJNXey3/zvzHI1/JboB0RYMHnKYYuhezhhlfaHkQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:49:37 2024 by rpki-client on console-fra.rpki-client.org