Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/bOO9l7bJ1THRYR2RSXoaD8fqWY0.roa
File: bOO9l7bJ1THRYR2RSXoaD8fqWY0.roa (raw, json)
Hash identifier: zqlRXPQZ0PUUJSp/4FKSJl64B5z68U8lg9WF2d5tXsU=
Subject key identifier: 6C:E3:BD:97:B6:C9:D5:31:D1:61:1D:91:49:7A:1A:0F:C7:EA:59:8D
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0D267ACE33F8C205E59A86B62417
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/bOO9l7bJ1THRYR2RSXoaD8fqWY0.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205432
IP address blocks: 2a05:b0c6::/31 maxlen: 31
2a05:b0c6::/32 maxlen: 32
2a05:b0c6:400::/40 maxlen: 40
2a05:b0c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 Nov 2024 13:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0d:26:7a:ce:33:f8:c2:05:e5:9a:86:b6:24:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ce3bd97b6c9d531d1611d91497a1a0fc7ea598d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:34:e6:32:65:9f:4c:fa:b9:55:36:bb:b4:92:
15:8e:15:5b:4d:7d:fe:78:82:5d:e7:fc:ce:66:7c:
7b:a0:08:41:c8:09:76:28:f7:da:28:44:03:6d:47:
b6:9d:5a:e6:be:11:a3:ec:c5:51:5a:a2:24:0f:ba:
2f:6a:d1:95:b7:4e:18:46:d9:01:bd:c5:d4:ea:22:
e3:4c:c2:13:f1:88:e4:4f:cb:2a:bf:30:1a:d7:d0:
d6:5a:03:34:a8:01:95:b4:4b:f7:d9:d6:a2:1f:14:
05:6e:44:7a:c4:b7:b5:bf:95:74:49:14:15:03:5c:
14:ab:10:6a:4f:be:e7:07:a5:45:1c:23:06:72:02:
2e:9d:8b:87:a1:97:85:de:67:05:2e:c7:8b:98:9f:
03:79:ae:bc:36:93:38:98:12:dd:5b:e4:09:0a:4f:
c2:10:c6:84:d4:e4:3f:fe:0f:ac:ee:4e:e4:e6:5f:
0c:4b:5c:6f:21:73:c6:96:42:51:d6:7d:eb:9b:e5:
d8:6c:19:63:2e:fe:43:bd:97:46:94:94:85:46:9e:
69:3e:71:4d:1b:dc:3b:99:45:ab:1c:59:2e:9a:34:
46:de:3b:f2:5c:59:3d:ce:1c:ff:19:70:5d:e9:28:
59:10:54:da:5b:33:73:5c:86:cf:32:fe:d4:13:1d:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E3:BD:97:B6:C9:D5:31:D1:61:1D:91:49:7A:1A:0F:C7:EA:59:8D
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/bOO9l7bJ1THRYR2RSXoaD8fqWY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6::/31
Signature Algorithm: sha256WithRSAEncryption
77:62:05:c4:b0:30:cb:60:30:63:aa:10:cc:be:40:b5:15:91:
4c:05:27:3c:56:bc:eb:12:64:38:da:e7:95:27:b6:51:15:8d:
71:03:0c:8c:30:4e:21:03:b3:d6:74:cd:5a:15:55:c5:34:94:
bd:4c:58:03:1a:da:f6:30:50:a4:42:f8:23:5a:d3:10:af:eb:
c7:23:02:9c:10:f5:27:f6:61:f1:ec:ba:3f:fb:2c:df:7b:ae:
f3:bb:d2:a2:7e:ec:62:28:80:6a:ab:60:4b:c6:b7:e6:6e:26:
69:c6:df:bc:42:30:e1:c7:18:80:cd:1b:d1:8a:67:7d:ea:bd:
48:02:bb:34:ff:10:94:9c:42:80:c9:45:e1:80:85:51:ce:87:
82:f6:21:0e:81:e2:34:29:23:a5:69:77:b2:83:40:82:dc:99:
5a:24:77:0d:b6:8b:43:58:ad:15:96:6c:e4:7f:1f:3b:32:53:
18:76:40:ff:ac:02:9e:f9:4a:a2:bd:5f:42:9f:cb:aa:a2:ec:
8f:e5:b1:3f:41:88:a8:cf:6b:b5:e0:39:5d:74:40:67:ec:80:
af:50:73:7f:f3:c6:cf:82:35:46:43:a0:66:80:df:93:32:c1:
10:2e:25:77:5c:c0:ff:6b:18:a0:22:97:1a:ce:c3:46:47:4f:
d8:8a:80:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF3A0mes4z+MIF5ZqGtiQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2UzYmQ5N2I2YzlkNTMxZDE2MTFkOTE0OTdhMWEwZmM3ZWE1OThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jTmMmWfTPq5VTa7tJIVjhVbTX3+
eIJd5/zOZnx7oAhByAl2KPfaKEQDbUe2nVrmvhGj7MVRWqIkD7ovatGVt04YRtkB
vcXU6iLjTMIT8YjkT8sqvzAa19DWWgM0qAGVtEv32daiHxQFbkR6xLe1v5V0SRQV
A1wUqxBqT77nB6VFHCMGcgIunYuHoZeF3mcFLseLmJ8Dea68NpM4mBLdW+QJCk/C
EMaE1OQ//g+s7k7k5l8MS1xvIXPGlkJR1n3rm+XYbBljLv5DvZdGlJSFRp5pPnFN
G9w7mUWrHFkumjRG3jvyXFk9zhz/GXBd6ShZEFTaWzNzXIbPMv7UEx24uwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGzjvZe2ydUx0WEdkUl6Gg/H6lmNMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvYk9POWw3YkoxVEhSWVIyUlNYb2FEOGZxV1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKgWwxjAN
BgkqhkiG9w0BAQsFAAOCAQEAd2IFxLAwy2AwY6oQzL5AtRWRTAUnPFa86xJkONrn
lSe2URWNcQMMjDBOIQOz1nTNWhVVxTSUvUxYAxra9jBQpEL4I1rTEK/rxyMCnBD1
J/Zh8ey6P/ss33uu87vSon7sYiiAaqtgS8a35m4macbfvEIw4ccYgM0b0Ypnfeq9
SAK7NP8QlJxCgMlF4YCFUc6HgvYhDoHiNCkjpWl3soNAgtyZWiR3DbaLQ1itFZZs
5H8fOzJTGHZA/6wCnvlKor1fQp/LqqLsj+WxP0GIqM9rteA5XXRAZ+yAr1Bzf/PG
z4I1RkOgZoDfkzLBEC4ld1zA/2sYoCKXGs7DRkdP2IqAAQ==
-----END CERTIFICATE-----
Generated at Thu Oct 31 18:58:24 2024 by rpki-client on console-fra.rpki-client.org