Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/xbRByagCwxRoh84NZ6wOarhyjig.roa
File: xbRByagCwxRoh84NZ6wOarhyjig.roa (raw, json)
Hash identifier: kkoD4E8kGEs8dWMfYTr1mtqi7fbxHIYapAzpdOtv4cc=
Subject key identifier: C5:B4:41:C9:A8:02:C3:14:68:87:CE:0D:67:AC:0E:6A:B8:72:8E:28
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA29862BF9EB7FBD67B6A3540BED8996
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/xbRByagCwxRoh84NZ6wOarhyjig.roa
Signing time: Tue 02 Jan 2024 12:32:48 +0000
ROA not before: Tue 02 Jan 2024 12:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60703
IP address blocks: 2a02:a10::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:86:2b:f9:eb:7f:bd:67:b6:a3:54:0b:ed:89:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5b441c9a802c3146887ce0d67ac0e6ab8728e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:10:f7:d6:3d:bb:f2:24:7c:16:85:84:d8:39:
cc:e6:ee:bd:41:4b:96:53:4b:29:e3:aa:c7:d3:3f:
d4:07:07:d3:27:a3:a9:2b:b5:c9:ea:4f:ac:74:9b:
b2:30:07:ce:8d:11:6c:c3:46:18:68:10:48:43:f9:
6e:1b:7f:c7:04:e5:65:c1:9c:95:3d:d5:17:de:d7:
bf:5b:80:e4:3f:34:3c:49:52:ff:c8:34:dc:e0:ab:
38:d4:f9:35:36:0e:92:75:2e:b9:9a:de:16:3d:8e:
21:50:65:c7:6a:fd:b8:96:32:d6:5b:fe:34:88:9e:
b3:8d:a5:a1:5c:a1:49:19:f0:c6:d7:14:b2:33:8a:
8c:ad:29:58:c1:31:73:17:af:96:a6:70:c2:0a:fb:
9c:de:ce:19:e4:97:62:fe:7d:e6:a8:a8:e4:0f:f9:
d6:b0:81:eb:ae:9a:8c:a6:06:1d:ef:07:94:f3:1f:
bc:07:45:dd:3d:06:db:65:66:57:d0:31:89:24:f3:
ce:6c:8c:44:0e:ed:82:1c:b0:93:47:cc:18:60:9b:
07:da:5c:cb:c5:4b:b4:81:d5:aa:ac:1d:54:17:4b:
01:b4:83:51:0e:f5:95:ae:97:24:35:45:a9:aa:fc:
e6:8b:9d:cb:a7:e1:70:fc:2e:bf:da:0a:28:f5:35:
94:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B4:41:C9:A8:02:C3:14:68:87:CE:0D:67:AC:0E:6A:B8:72:8E:28
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/xbRByagCwxRoh84NZ6wOarhyjig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:a10::/32
Signature Algorithm: sha256WithRSAEncryption
7d:1a:67:90:72:c8:44:8f:19:7c:71:3d:e9:fe:3e:e2:38:d3:
47:95:bf:a2:a8:68:9a:04:dd:c1:5c:9c:e7:31:e5:e5:f9:8a:
13:49:9f:ee:04:e6:9c:af:2f:ed:fa:d1:95:0a:ad:8f:5a:18:
48:d4:e2:4b:ca:63:72:43:9f:7c:58:53:9c:73:c0:f4:0a:08:
89:9d:4e:77:bd:e1:1c:44:73:a6:d5:ea:bd:cc:60:d2:c3:aa:
6f:cc:d7:a0:97:72:24:4c:fb:1d:1b:ba:11:bc:2a:5d:33:8c:
3f:af:52:08:55:70:6e:49:0b:12:be:8f:f0:08:e5:a2:41:a9:
36:31:65:2e:62:8a:c4:b2:fe:55:7a:40:dd:c8:9b:0e:34:ed:
d4:6a:d6:12:f5:f5:0f:54:56:ed:32:41:3f:b8:1b:37:78:c8:
15:6e:d0:28:70:29:52:14:88:bd:0a:39:d0:c3:04:d1:58:f0:
9f:a9:1d:f2:f6:bc:6c:12:cf:ef:7a:2b:7c:37:dc:04:e9:f2:
ac:00:7f:ea:69:d6:eb:bd:4a:50:b4:e7:8c:08:e2:d3:c1:77:
1e:93:8e:d6:32:92:cb:4a:ec:b1:f9:c4:05:06:ec:0f:d0:cb:
4b:73:d2:c2:c7:b3:f8:89:59:2d:f9:f6:df:cf:37:f5:d5:e5:
ac:55:ff:e7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKYYr+et/vWe2o1QL7YmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWI0NDFjOWE4MDJjMzE0Njg4N2NlMGQ2N2FjMGU2YWI4NzI4ZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBD31j278iR8FoWE2DnM5u69QUuW
U0sp46rH0z/UBwfTJ6OpK7XJ6k+sdJuyMAfOjRFsw0YYaBBIQ/luG3/HBOVlwZyV
PdUX3te/W4DkPzQ8SVL/yDTc4Ks41Pk1Ng6SdS65mt4WPY4hUGXHav24ljLWW/40
iJ6zjaWhXKFJGfDG1xSyM4qMrSlYwTFzF6+WpnDCCvuc3s4Z5Jdi/n3mqKjkD/nW
sIHrrpqMpgYd7weU8x+8B0XdPQbbZWZX0DGJJPPObIxEDu2CHLCTR8wYYJsH2lzL
xUu0gdWqrB1UF0sBtINRDvWVrpckNUWpqvzmi53Lp+Fw/C6/2goo9TWUVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMW0QcmoAsMUaIfODWesDmq4co4oMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEveGJSQnlhZ0N3eFJvaDg0Tlo2d09hcmh5amlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIKEDAN
BgkqhkiG9w0BAQsFAAOCAQEAfRpnkHLIRI8ZfHE96f4+4jjTR5W/oqhomgTdwVyc
5zHl5fmKE0mf7gTmnK8v7frRlQqtj1oYSNTiS8pjckOffFhTnHPA9AoIiZ1Od73h
HERzptXqvcxg0sOqb8zXoJdyJEz7HRu6EbwqXTOMP69SCFVwbkkLEr6P8AjlokGp
NjFlLmKKxLL+VXpA3cibDjTt1GrWEvX1D1RW7TJBP7gbN3jIFW7QKHApUhSIvQo5
0MME0Vjwn6kd8va8bBLP73orfDfcBOnyrAB/6mnW671KULTnjAji08F3HpOO1jKS
y0rssfnEBQbsD9DLS3PSwsez+IlZLfn238839dXlrFX/5w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:09 2024 by rpki-client on console-ams.rpki-client.org