Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/KCAKH_j3rSTpqGJF3Lpver6GqsI.roa
File: KCAKH_j3rSTpqGJF3Lpver6GqsI.roa (raw, json)
Hash identifier: 5hDTED83zDkbWVpMXRb5LC5dWoXwylCSmxhKf/vtQB8=
Subject key identifier: 28:20:0A:1F:F8:F7:AD:24:E9:A8:62:45:DC:BA:6F:7A:BE:86:AA:C2
Certificate issuer: /CN=62beaa57c67aeb5bafd99793ab4846850a796c28
Certificate serial: 018CC5DBE0A09F8311BFA5DDDE272499266D
Authority key identifier: 62:BE:AA:57:C6:7A:EB:5B:AF:D9:97:93:AB:48:46:85:0A:79:6C:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/KCAKH_j3rSTpqGJF3Lpver6GqsI.roa
Signing time: Mon 01 Jan 2024 16:29:30 +0000
ROA not before: Mon 01 Jan 2024 16:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56687
IP address blocks: 2a13:d000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 16:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e0:a0:9f:83:11:bf:a5:dd:de:27:24:99:26:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62beaa57c67aeb5bafd99793ab4846850a796c28
Validity
Not Before: Jan 1 16:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28200a1ff8f7ad24e9a86245dcba6f7abe86aac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:cd:6c:a8:43:87:cc:53:6f:ee:ff:f9:35:
07:cc:18:1a:9b:63:f5:7c:1a:f7:4b:3b:04:43:15:
62:fc:61:4f:66:c0:c2:56:43:a6:20:87:17:c9:3c:
e2:a6:46:e5:e7:80:22:c9:5e:c1:be:53:80:a9:f5:
66:4d:b4:a8:31:e0:0d:4b:1a:68:b5:c1:d9:55:c0:
43:c4:74:18:cd:fb:21:84:42:b0:74:65:18:f9:ad:
85:23:a7:60:b8:1e:c4:ce:5a:d2:b0:a8:3f:86:2b:
4f:a0:86:71:0e:1c:3c:3e:2f:b1:9d:03:43:17:44:
d0:63:1d:0f:0c:0e:04:14:20:71:e6:dd:ad:c3:f9:
0b:f8:a4:8f:cc:ca:3e:61:42:cf:95:0d:7a:0e:67:
4a:64:d3:4e:9a:d3:bf:80:dc:bb:6f:44:d6:c0:91:
3d:4c:da:18:ff:a4:ef:f5:d2:cf:ca:3e:60:4c:1d:
79:d4:0a:74:18:c8:86:f3:3d:b8:9d:5b:17:7d:94:
40:c7:aa:a8:af:04:56:6b:f8:1a:80:02:a1:43:1c:
fa:26:39:d6:0a:74:49:d9:9a:ff:f6:25:a3:bf:0e:
55:dd:22:64:38:34:7b:2e:c7:ea:9b:67:9b:94:43:
04:69:bd:5f:c1:ca:ec:26:c8:e1:df:80:15:7b:3e:
3c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:20:0A:1F:F8:F7:AD:24:E9:A8:62:45:DC:BA:6F:7A:BE:86:AA:C2
X509v3 Authority Key Identifier:
keyid:62:BE:AA:57:C6:7A:EB:5B:AF:D9:97:93:AB:48:46:85:0A:79:6C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/KCAKH_j3rSTpqGJF3Lpver6GqsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/22581e-fe8c-4fb8-9585-9880f04db94a/1/Yr6qV8Z661uv2ZeTq0hGhQp5bCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d000::/29
Signature Algorithm: sha256WithRSAEncryption
3c:d6:83:37:13:f4:6c:45:ff:d1:76:22:20:44:30:da:17:3c:
2f:83:fc:48:03:bb:0b:2a:3c:33:55:e3:04:9f:81:26:84:19:
a6:dc:7c:5f:7c:2a:fa:b0:03:a9:30:48:a2:74:f7:6c:63:e4:
b5:d9:84:9c:5c:11:09:d1:ba:64:13:73:5e:39:c4:85:ee:05:
5e:91:6b:0f:64:73:9e:19:cd:e8:4c:2e:95:dc:69:86:7f:57:
2c:7b:75:c4:db:e3:9c:8e:54:73:74:8f:45:0a:7a:95:98:aa:
6b:18:c3:33:b3:f0:19:45:d2:c2:47:ae:82:10:2e:aa:8f:5f:
94:f0:b2:93:5f:4a:23:c4:6f:e3:da:24:1d:13:f0:55:14:6e:
b6:29:b1:d5:6e:a9:00:18:74:7a:97:64:9e:8e:b2:5e:b8:c3:
68:3a:21:ce:75:a7:9e:a2:30:99:87:96:38:53:cc:5c:0e:fb:
ab:85:90:d7:77:41:72:ff:48:4b:32:30:41:57:7a:db:68:5e:
4c:6b:64:69:23:73:aa:fb:b8:e4:74:ed:5b:67:84:ad:1e:5e:
cc:6b:e9:86:5b:7a:d6:e7:07:32:aa:1a:fc:a4:a2:34:74:c3:
cf:00:51:09:f2:24:ec:a2:cb:ef:0d:f4:c6:d6:65:09:72:d4:
f9:0f:b7:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF2+Cgn4MRv6Xd3ickmSZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVhYTU3YzY3YWViNWJhZmQ5OTc5M2FiNDg0Njg1MGE3
OTZjMjgwHhcNMjQwMTAxMTYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODIwMGExZmY4ZjdhZDI0ZTlhODYyNDVkY2JhNmY3YWJlODZhYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkvNbKhDh8xTb+7/+TUHzBgam2P1
fBr3SzsEQxVi/GFPZsDCVkOmIIcXyTzipkbl54AiyV7BvlOAqfVmTbSoMeANSxpo
tcHZVcBDxHQYzfshhEKwdGUY+a2FI6dguB7EzlrSsKg/hitPoIZxDhw8Pi+xnQND
F0TQYx0PDA4EFCBx5t2tw/kL+KSPzMo+YULPlQ16DmdKZNNOmtO/gNy7b0TWwJE9
TNoY/6Tv9dLPyj5gTB151Ap0GMiG8z24nVsXfZRAx6qorwRWa/gagAKhQxz6JjnW
CnRJ2Zr/9iWjvw5V3SJkODR7Lsfqm2eblEMEab1fwcrsJsjh34AVez48IwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCggCh/4960k6ahiRdy6b3q+hqrCMB8GA1UdIwQY
MBaAFGK+qlfGeutbr9mXk6tIRoUKeWwoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI2cVY4WjY2MXV2MlplVHEwaEdoUXA1YkNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8yMjU4MWUtZmU4Yy00ZmI4LTk1ODUt
OTg4MGYwNGRiOTRhLzEvS0NBS0hfajNyU1RwcUdKRjNMcHZlcjZHcXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8yMjU4MWUtZmU4Yy00ZmI4LTk1ODUtOTg4MGYwNGRiOTRh
LzEvWXI2cVY4WjY2MXV2MlplVHEwaEdoUXA1YkNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPQADAN
BgkqhkiG9w0BAQsFAAOCAQEAPNaDNxP0bEX/0XYiIEQw2hc8L4P8SAO7Cyo8M1Xj
BJ+BJoQZptx8X3wq+rADqTBIonT3bGPktdmEnFwRCdG6ZBNzXjnEhe4FXpFrD2Rz
nhnN6Ewuldxphn9XLHt1xNvjnI5Uc3SPRQp6lZiqaxjDM7PwGUXSwkeughAuqo9f
lPCyk19KI8Rv49okHRPwVRRutimx1W6pABh0epdkno6yXrjDaDohznWnnqIwmYeW
OFPMXA77q4WQ13dBcv9ISzIwQVd622heTGtkaSNzqvu45HTtW2eErR5ezGvphlt6
1ucHMqoa/KSiNHTDzwBRCfIk7KLL7w30xtZlCXLU+Q+3Qg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:22:02 2024 by rpki-client on console-fra.rpki-client.org