Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UaAHJ6D2lzYdvmvWzROgAuW1lCY.roa
File: UaAHJ6D2lzYdvmvWzROgAuW1lCY.roa (raw, json)
Hash identifier: 6tXA/zIteAqsA2QwMdSmiHNXhWZsdvzAVt3Bfz7meVQ=
Subject key identifier: 51:A0:07:27:A0:F6:97:36:1D:BE:6B:D6:CD:13:A0:02:E5:B5:94:26
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0192568FE184F69FEAAFC37FFDD667A49B7C
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UaAHJ6D2lzYdvmvWzROgAuW1lCY.roa
Signing time: Fri 04 Oct 2024 08:05:22 +0000
ROA not before: Fri 04 Oct 2024 08:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204490
IP address blocks: 2a06:d644::/32 maxlen: 32
2a0d:afc5::/32 maxlen: 32
2a0d:afc7::/32 maxlen: 32
2a0d:c102::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:11:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:8f:e1:84:f6:9f:ea:af:c3:7f:fd:d6:67:a4:9b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 4 08:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51a00727a0f697361dbe6bd6cd13a002e5b59426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ca:c4:64:8b:35:fa:39:0a:93:de:70:3a:8f:
81:2c:be:d4:03:2d:a0:75:6a:d1:27:bf:21:13:8e:
97:d4:81:21:cf:a4:08:dd:11:5e:92:f8:5e:cc:f9:
18:5e:bc:ee:02:c9:06:90:b4:68:a7:bb:2e:3e:a8:
a4:59:f6:0c:d6:7f:35:f4:16:00:53:c2:6d:43:f4:
f5:27:5a:f8:04:4c:3f:f9:70:6c:38:cf:57:f1:b9:
d9:fd:fc:ba:7a:b2:4d:a7:c2:ce:51:16:81:a4:96:
3b:3f:69:ad:7e:d3:7d:13:7e:c4:27:ab:87:d2:dc:
9f:96:56:5b:d3:a2:0e:85:e6:97:f3:bd:af:35:1a:
b4:49:fe:81:1c:af:ca:93:94:67:c1:7d:40:bf:73:
42:e6:a1:7b:b4:92:87:12:6b:8b:51:c8:d3:01:12:
f9:8a:81:60:8f:ff:72:9e:71:9f:f0:45:9c:81:73:
aa:97:ca:fa:f1:17:e1:5c:26:31:07:31:60:1b:c6:
19:03:75:ff:ac:e8:1a:7e:08:44:01:a5:b2:f9:e9:
2e:23:15:5e:c9:c5:f6:c7:46:9d:f1:f8:9a:0d:1d:
6e:18:51:6c:41:83:8b:54:a4:80:af:a6:9a:51:0e:
d0:c1:af:41:ff:61:46:fe:d3:b3:eb:a5:97:83:ed:
ae:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A0:07:27:A0:F6:97:36:1D:BE:6B:D6:CD:13:A0:02:E5:B5:94:26
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/UaAHJ6D2lzYdvmvWzROgAuW1lCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d644::/32
2a0d:afc5::/32
2a0d:afc7::/32
2a0d:c102::/32
Signature Algorithm: sha256WithRSAEncryption
1f:d5:2d:10:66:8b:7f:48:1b:29:b3:ec:65:4e:7b:a7:6f:e6:
20:77:29:57:62:d1:ae:8e:28:68:4c:f8:1f:33:60:37:d0:15:
02:fc:85:03:e5:58:4a:b4:a7:c3:af:ad:87:dd:d1:41:da:92:
45:ce:88:ec:90:9b:78:c3:49:ae:56:b7:0e:41:5b:4b:a6:91:
fc:34:12:ba:e7:4a:34:cc:4e:5f:e8:72:73:71:76:16:c4:c1:
98:c6:8f:5f:76:f5:e4:c0:44:44:f8:67:1a:03:3c:cc:10:74:
7d:89:31:61:5e:06:b6:f4:3d:d1:6d:88:aa:95:10:65:09:2a:
08:e6:59:de:68:d8:47:aa:91:74:67:8b:fc:ef:d9:aa:c7:2a:
58:73:9c:ae:e6:7e:a4:43:c5:f1:e1:91:2f:f5:05:f5:8c:f4:
a9:23:a3:3b:08:45:07:e4:36:09:77:c5:49:8c:72:97:13:a5:
3a:be:1a:55:03:dc:d0:c5:20:03:bd:f7:c7:89:fe:0d:69:c5:
f3:34:15:d5:99:04:96:71:2c:f2:8d:d7:ca:1d:d0:7f:62:94:
93:d0:40:ae:72:02:f1:30:38:3c:4c:63:d8:5f:b6:13:73:c4:
07:02:0f:e8:23:1f:85:be:b7:ef:32:8d:02:6b:ad:2b:72:67:
4d:5f:7e:f9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZJWj+GE9p/qr8N//dZnpJt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMDA0MDgwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWEwMDcyN2EwZjY5NzM2MWRiZTZiZDZjZDEzYTAwMmU1YjU5NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9MrEZIs1+jkKk95wOo+BLL7UAy2g
dWrRJ78hE46X1IEhz6QI3RFekvhezPkYXrzuAskGkLRop7suPqikWfYM1n819BYA
U8JtQ/T1J1r4BEw/+XBsOM9X8bnZ/fy6erJNp8LOURaBpJY7P2mtftN9E37EJ6uH
0tyfllZb06IOheaX872vNRq0Sf6BHK/Kk5RnwX1Av3NC5qF7tJKHEmuLUcjTARL5
ioFgj/9ynnGf8EWcgXOql8r68RfhXCYxBzFgG8YZA3X/rOgafghEAaWy+ekuIxVe
ycX2x0ad8fiaDR1uGFFsQYOLVKSAr6aaUQ7Qwa9B/2FG/tOz66WXg+2uqQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFGgByeg9pc2Hb5r1s0ToALltZQmMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVWFBSEo2RDJsellkdm12V3pST2dBdVcxbENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgbWRAMF
ACoNr8UDBQAqDa/HAwUAKg3BAjANBgkqhkiG9w0BAQsFAAOCAQEAH9UtEGaLf0gb
KbPsZU57p2/mIHcpV2LRro4oaEz4HzNgN9AVAvyFA+VYSrSnw6+th93RQdqSRc6I
7JCbeMNJrla3DkFbS6aR/DQSuudKNMxOX+hyc3F2FsTBmMaPX3b15MBERPhnGgM8
zBB0fYkxYV4GtvQ90W2IqpUQZQkqCOZZ3mjYR6qRdGeL/O/ZqscqWHOcruZ+pEPF
8eGRL/UF9Yz0qSOjOwhFB+Q2CXfFSYxylxOlOr4aVQPc0MUgA733x4n+DWnF8zQV
1ZkElnEs8o3Xyh3Qf2KUk9BArnIC8TA4PExj2F+2E3PEBwIP6CMfhb637zKNAmut
K3JnTV9++Q==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:36:10 2024 by rpki-client on console-ams.rpki-client.org