Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/_Rnq3umbPJA52vYlMWBeQrbCJiU.roa
File: _Rnq3umbPJA52vYlMWBeQrbCJiU.roa (raw, json)
Hash identifier: XpFntYk38tVwq/7bhBg7/P8pVSrimiRePyyECWjVvRg=
Subject key identifier: FD:19:EA:DE:E9:9B:3C:90:39:DA:F6:25:31:60:5E:42:B6:C2:26:25
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0BB0DDE914B7433231C4BD80A54A
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/_Rnq3umbPJA52vYlMWBeQrbCJiU.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203478
IP address blocks: 2a05:b0c6:688::/48 maxlen: 48
2a05:b0c6:600::/48 maxlen: 48
2a05:b0c6:653::/48 maxlen: 48
2a05:b0c6:642::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0b:b0:dd:e9:14:b7:43:32:31:c4:bd:80:a5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd19eadee99b3c9039daf62531605e42b6c22625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6e:e7:9b:be:58:ff:22:e9:9a:bc:dd:c0:a3:
fc:d7:72:c9:7c:90:16:21:ef:d4:ec:03:36:f0:8b:
61:9c:90:46:2d:fb:da:b0:89:16:cf:e2:bb:3c:e2:
d9:fe:43:5e:63:68:39:c3:67:78:e0:a3:95:c2:c4:
d5:ac:ba:47:b6:53:70:6d:90:fa:07:b2:7f:34:5f:
a3:b2:9a:82:97:d3:9e:c1:7b:9b:90:b2:8c:ba:b8:
dd:e4:8b:2b:11:4f:fd:93:30:1f:2a:3b:cb:75:78:
d7:26:d2:22:55:75:ac:79:71:2d:58:f1:dd:98:35:
6f:42:07:64:9f:e4:54:98:42:38:7f:a2:fe:c3:13:
3e:12:73:5a:3f:72:ac:76:14:5a:47:43:3d:fc:6a:
b7:b4:25:6f:79:1a:5d:2b:c9:23:a1:98:6c:50:fd:
fd:1e:51:09:a3:65:8e:7f:f7:36:8a:1e:9b:1e:87:
9d:18:f4:14:63:93:3f:83:81:18:d0:59:45:bf:d3:
23:8e:a0:5e:b5:e2:90:2b:1a:38:14:1c:02:14:15:
76:c7:62:51:26:2b:b4:39:2a:d4:f3:67:1a:72:3b:
64:26:d4:b1:e8:25:e6:10:c8:c3:fb:10:21:b5:4a:
8e:23:d3:92:7b:bb:a7:5e:10:38:05:4f:6d:bf:c6:
a8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:19:EA:DE:E9:9B:3C:90:39:DA:F6:25:31:60:5E:42:B6:C2:26:25
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/_Rnq3umbPJA52vYlMWBeQrbCJiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:600::/48
2a05:b0c6:642::/48
2a05:b0c6:653::/48
2a05:b0c6:688::/48
Signature Algorithm: sha256WithRSAEncryption
43:19:6e:d2:58:78:61:6e:d7:58:90:e5:82:bb:ad:c8:bc:74:
d7:9c:c3:be:73:e6:6c:9e:50:a3:5e:a1:63:16:53:a7:d0:74:
f5:76:b8:e7:7a:13:96:30:bc:e1:59:c8:39:e9:a7:fd:13:65:
73:ca:cc:e2:09:c6:08:31:54:b8:90:7e:1a:01:80:ac:a7:0a:
2e:46:72:41:28:bf:d3:a2:49:24:42:72:78:a0:83:64:35:80:
48:0f:96:ca:9e:94:1a:53:2e:68:79:3b:2b:13:a8:19:0c:e7:
d4:c0:c0:a9:4c:1b:48:70:28:2c:b4:81:23:b3:4d:d7:4e:ac:
1f:ec:c4:78:c7:41:0c:55:0e:98:39:1f:fc:05:6a:61:98:94:
c6:e0:24:b4:07:82:fb:70:a6:86:71:2b:8d:e5:cd:39:87:43:
98:1b:e8:f9:1d:18:b2:c6:d3:92:a7:b4:d4:cb:47:ad:7b:35:
79:83:0f:cd:8e:28:2e:51:88:ab:07:75:a5:a3:86:1a:56:e5:
d2:d3:37:90:7d:36:80:bc:4d:3c:04:5a:2a:a5:8f:04:28:20:
02:f2:ff:4b:63:94:3e:57:9c:0a:1d:4a:0a:4b:b0:8c:d4:f4:
a5:e9:f2:c4:95:49:be:2c:fb:88:a6:d4:42:61:29:c6:51:f5:
73:ed:3f:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzF3Auw3ekUt0MyMcS9gKVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDE5ZWFkZWU5OWIzYzkwMzlkYWY2MjUzMTYwNWU0MmI2YzIyNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjW7nm75Y/yLpmrzdwKP813LJfJAW
Ie/U7AM28IthnJBGLfvasIkWz+K7POLZ/kNeY2g5w2d44KOVwsTVrLpHtlNwbZD6
B7J/NF+jspqCl9OewXubkLKMurjd5IsrEU/9kzAfKjvLdXjXJtIiVXWseXEtWPHd
mDVvQgdkn+RUmEI4f6L+wxM+EnNaP3KsdhRaR0M9/Gq3tCVveRpdK8kjoZhsUP39
HlEJo2WOf/c2ih6bHoedGPQUY5M/g4EY0FlFv9MjjqBeteKQKxo4FBwCFBV2x2JR
Jiu0OSrU82cacjtkJtSx6CXmEMjD+xAhtUqOI9OSe7unXhA4BU9tv8aopQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP0Z6t7pmzyQOdr2JTFgXkK2wiYlMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvX1JucTN1bWJQSkE1MnZZbE1XQmVRcmJDSmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgWwxgYA
AwcAKgWwxgZCAwcAKgWwxgZTAwcAKgWwxgaIMA0GCSqGSIb3DQEBCwUAA4IBAQBD
GW7SWHhhbtdYkOWCu63IvHTXnMO+c+ZsnlCjXqFjFlOn0HT1drjnehOWMLzhWcg5
6af9E2VzysziCcYIMVS4kH4aAYCspwouRnJBKL/TokkkQnJ4oINkNYBID5bKnpQa
Uy5oeTsrE6gZDOfUwMCpTBtIcCgstIEjs03XTqwf7MR4x0EMVQ6YOR/8BWphmJTG
4CS0B4L7cKaGcSuN5c05h0OYG+j5HRiyxtOSp7TUy0etezV5gw/NjiguUYirB3Wl
o4YaVuXS0zeQfTaAvE08BFoqpY8EKCAC8v9LY5Q+V5wKHUoKS7CM1PSl6fLElUm+
LPuIptRCYSnGUfVz7T8q
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:05:08 2024 by rpki-client on console-fra.rpki-client.org