Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/j6zlr_8YCZvo-u4JIZQlED_dIdA.roa
File: j6zlr_8YCZvo-u4JIZQlED_dIdA.roa (raw, json)
Hash identifier: aKoAogHsEhWmTAbLDco7DFk9w0C+/L+CfP0b2eSuAKE=
Subject key identifier: 8F:AC:E5:AF:FF:18:09:9B:E8:FA:EE:09:21:94:25:10:3F:DD:21:D0
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0E84F08102381A36578C7795B223
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/j6zlr_8YCZvo-u4JIZQlED_dIdA.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211358
IP address blocks: 2a05:b0c6:5006::/48 maxlen: 48
2a05:b0c6:5001::/48 maxlen: 48
2a05:b0c6:5009::/48 maxlen: 48
2a05:b0c6:5008::/48 maxlen: 48
2a05:b0c6:500f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0e:84:f0:81:02:38:1a:36:57:8c:77:95:b2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8face5afff18099be8faee09219425103fdd21d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:07:6f:72:00:3f:1b:4d:18:01:bd:6f:01:f8:
b5:33:32:86:1f:fb:2e:fa:09:27:3a:e0:6f:df:0c:
85:c6:e2:c5:45:84:47:25:f2:2d:7a:77:e3:dc:bc:
cc:dd:89:2e:45:3e:36:64:44:c6:fd:a5:ed:77:01:
5a:ce:f5:bd:87:d1:22:a5:e4:40:17:e1:af:ab:97:
e9:ac:36:c8:ba:95:00:53:44:04:dc:2d:c1:c4:c0:
28:80:db:1b:c6:31:77:66:7b:fa:fc:63:85:d1:10:
97:f1:35:9c:40:29:d5:95:61:c3:c1:d6:be:5b:04:
7e:36:80:3e:ce:5a:e8:ca:93:27:7c:82:6c:75:54:
e2:f8:89:0a:f6:08:ca:38:25:c0:73:23:ac:ca:ca:
3d:91:fa:19:c7:87:a8:86:58:62:41:65:6f:b7:d7:
b4:75:78:46:6e:7e:81:02:8e:69:42:0a:ab:9e:85:
5c:a0:90:4f:9b:a8:0a:04:d9:80:6b:6d:c0:34:f7:
83:61:5f:78:8b:f8:35:d4:21:18:d4:7f:f2:1a:f9:
b1:d3:74:d6:50:09:74:4f:d9:13:0d:4c:37:b5:e2:
e4:c7:d3:30:2d:f9:64:5b:42:c8:64:40:71:ef:87:
39:2b:23:cb:7b:14:cb:9c:cb:f3:80:bc:6f:ae:f7:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:AC:E5:AF:FF:18:09:9B:E8:FA:EE:09:21:94:25:10:3F:DD:21:D0
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/j6zlr_8YCZvo-u4JIZQlED_dIdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:5001::/48
2a05:b0c6:5006::/48
2a05:b0c6:5008::/47
2a05:b0c6:500f::/48
Signature Algorithm: sha256WithRSAEncryption
0f:ed:38:ed:fc:ac:ad:a1:48:8b:6c:4f:66:e4:2f:47:ce:cc:
c0:23:ac:6f:cc:5f:25:5b:a6:2f:48:f7:14:06:84:bd:0e:92:
51:1e:b7:08:25:c0:c6:f1:14:35:d9:42:52:99:e7:e5:53:ee:
ac:81:77:85:75:f8:02:2b:75:c4:5f:4c:5b:15:11:42:ec:86:
e1:1f:c3:98:c1:fd:77:65:f9:00:93:f1:96:00:5f:f6:92:fe:
ec:a6:7a:59:6f:cd:3f:ea:44:a5:ee:9e:22:a7:29:62:fb:0c:
97:8e:4f:dd:ca:e3:72:4c:cf:1c:68:a4:85:67:1d:6b:06:05:
fd:e1:9d:de:df:e6:27:0f:f0:0c:79:24:92:87:40:da:9a:80:
71:f0:5f:62:39:9f:e2:21:54:a7:02:35:3c:9b:5e:8f:da:29:
a7:b6:a8:1a:c0:83:e7:27:27:b0:7e:6f:65:6c:2d:55:65:3e:
02:d2:3f:ed:90:72:8e:61:e2:94:fb:d3:86:05:23:9a:e8:57:
3b:02:22:da:2d:43:35:bc:a0:c2:25:35:bd:dd:45:5f:9e:ab:
c3:dd:fe:40:e4:73:f7:d7:9a:f2:b0:23:48:68:bf:5b:6d:a0:
92:97:19:d1:b5:e3:f8:2a:54:dd:ac:27:50:1f:98:07:07:1d:
48:f8:4d:dd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzF3A6E8IECOBo2V4x3lbIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmFjZTVhZmZmMTgwOTliZThmYWVlMDkyMTk0MjUxMDNmZGQyMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigdvcgA/G00YAb1vAfi1MzKGH/su
+gknOuBv3wyFxuLFRYRHJfItenfj3LzM3YkuRT42ZETG/aXtdwFazvW9h9EipeRA
F+Gvq5fprDbIupUAU0QE3C3BxMAogNsbxjF3Znv6/GOF0RCX8TWcQCnVlWHDwda+
WwR+NoA+zlroypMnfIJsdVTi+IkK9gjKOCXAcyOsyso9kfoZx4eohlhiQWVvt9e0
dXhGbn6BAo5pQgqrnoVcoJBPm6gKBNmAa23ANPeDYV94i/g11CEY1H/yGvmx03TW
UAl0T9kTDUw3teLkx9MwLflkW0LIZEBx74c5KyPLexTLnMvzgLxvrvdEGQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI+s5a//GAmb6PruCSGUJRA/3SHQMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvajZ6bHJfOFlDWnZvLXU0SklaUWxFRF9kSWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgWwxlAB
AwcAKgWwxlAGAwcBKgWwxlAIAwcAKgWwxlAPMA0GCSqGSIb3DQEBCwUAA4IBAQAP
7Tjt/KytoUiLbE9m5C9HzszAI6xvzF8lW6YvSPcUBoS9DpJRHrcIJcDG8RQ12UJS
meflU+6sgXeFdfgCK3XEX0xbFRFC7IbhH8OYwf13ZfkAk/GWAF/2kv7spnpZb80/
6kSl7p4ipyli+wyXjk/dyuNyTM8caKSFZx1rBgX94Z3e3+YnD/AMeSSSh0DamoBx
8F9iOZ/iIVSnAjU8m16P2imntqgawIPnJyewfm9lbC1VZT4C0j/tkHKOYeKU+9OG
BSOa6Fc7AiLaLUM1vKDCJTW93UVfnqvD3f5A5HP315rysCNIaL9bbaCSlxnRteP4
KlTdrCdQH5gHBx1I+E3d
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:21 2024 by rpki-client on console-ams.rpki-client.org