Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/aktxosgal4QJyxHc9O_25p1jtvQ.roa
File: aktxosgal4QJyxHc9O_25p1jtvQ.roa (raw, json)
Hash identifier: 9vh8YSTb8YSMTAg9DS0UqbRhaduqGRGUub+JZGBzKA8=
Subject key identifier: 6A:4B:71:A2:C8:1A:97:84:09:CB:11:DC:F4:EF:F6:E6:9D:63:B6:F4
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018CC7948A594985922BE5BAB5ECFE8734BC
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/aktxosgal4QJyxHc9O_25p1jtvQ.roa
Signing time: Tue 02 Jan 2024 00:30:49 +0000
ROA not before: Tue 02 Jan 2024 00:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 2a10:6080::/29 maxlen: 29
2a10:6680::/29 maxlen: 29
2a10:5e80::/29 maxlen: 29
2a10:6480::/29 maxlen: 29
2a10:6780::/29 maxlen: 29
2a10:5f80::/29 maxlen: 29
2a10:6580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:8a:59:49:85:92:2b:e5:ba:b5:ec:fe:87:34:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 2 00:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a4b71a2c81a978409cb11dcf4eff6e69d63b6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1f:60:56:51:b8:2e:36:91:37:0a:f5:30:38:
59:9c:40:b1:c2:71:5a:93:48:e0:f0:8d:dd:10:bb:
25:8c:5a:ac:b6:23:15:1d:65:7e:52:76:86:69:6b:
03:ef:7e:3f:55:3f:c0:8b:64:7e:23:cd:2f:33:76:
b6:75:5a:d1:57:84:5b:87:44:a7:ba:6c:c9:fc:37:
f7:fa:bd:be:f3:d4:18:c9:75:87:f2:f1:4c:fd:b3:
0a:8a:b6:0c:39:d5:37:1f:e5:39:35:18:35:88:11:
b8:79:52:01:a3:cf:b9:6a:3a:8e:46:5f:30:f2:8f:
a7:67:19:41:e0:8a:a4:ea:7c:51:82:53:51:97:f5:
ae:58:db:55:d6:de:11:cf:a7:35:80:e3:53:53:aa:
f4:4c:a7:3b:5c:09:5b:c4:5c:aa:a5:8e:17:5f:57:
07:c7:10:f6:35:99:8b:2c:10:bd:ea:8b:19:1e:ed:
31:ed:ba:c8:1a:c6:8f:79:db:bd:91:3d:a8:0f:38:
7b:c0:38:97:c8:88:c8:77:e3:7c:2b:ef:7e:45:b0:
ad:8e:03:2d:fa:2e:0d:eb:cf:f7:9b:e7:7a:a5:bb:
e0:0b:64:9a:a5:f0:16:5a:88:e3:48:55:4f:9d:91:
7f:a9:d1:2f:c0:3a:12:d2:3d:a5:07:46:e7:84:bb:
8f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:4B:71:A2:C8:1A:97:84:09:CB:11:DC:F4:EF:F6:E6:9D:63:B6:F4
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/aktxosgal4QJyxHc9O_25p1jtvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:5e80::/29
2a10:5f80::/29
2a10:6080::/29
2a10:6480::/29
2a10:6580::/29
2a10:6680::/29
2a10:6780::/29
Signature Algorithm: sha256WithRSAEncryption
6f:80:b3:a4:38:89:51:d2:77:5a:2c:e0:cc:95:42:dc:cd:eb:
ae:bf:24:d3:2b:5a:4c:f9:c6:c4:f2:f8:ee:bb:01:1b:3f:ef:
e2:72:4c:99:be:b2:a7:b4:e6:8c:92:a1:43:c6:2b:ee:11:ee:
9b:91:c2:8f:a8:d9:d7:6b:05:4c:11:52:de:31:1f:fc:86:6d:
62:dd:1a:f5:d3:41:ed:01:e8:b2:0b:fd:f2:8a:6e:2b:e1:fb:
21:80:39:ea:2c:cc:f8:6d:16:3a:13:0f:7d:b6:67:18:ea:4f:
6e:ca:93:e0:a5:43:88:51:c6:a5:49:6b:4f:61:c3:3d:df:04:
f0:96:86:1c:96:83:8a:3c:2a:05:7d:5c:1e:d9:9f:c3:a4:c0:
01:43:b4:b2:d8:6e:55:a3:36:2b:e8:2b:79:eb:0d:e8:da:b9:
2d:7a:dd:53:7d:5c:5c:68:ee:30:29:38:57:53:b9:4f:ad:2a:
03:d4:aa:c9:fb:a6:a6:7a:36:39:14:4c:73:a9:a9:b3:e8:73:
8a:bb:07:38:42:22:64:d1:10:cf:0b:c0:3a:18:11:d4:65:8b:
91:8e:a3:80:bf:99:17:9e:b0:16:cd:83:33:fe:f2:e9:55:90:
5e:b4:6b:31:57:df:91:91:22:10:8b:f4:6d:01:7c:7f:40:aa:
34:25:a4:11
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzHlIpZSYWSK+W6tez+hzS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwMTAyMDAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTRiNzFhMmM4MWE5Nzg0MDljYjExZGNmNGVmZjZlNjlkNjNiNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix9gVlG4LjaRNwr1MDhZnECxwnFa
k0jg8I3dELsljFqstiMVHWV+UnaGaWsD734/VT/Ai2R+I80vM3a2dVrRV4Rbh0Sn
umzJ/Df3+r2+89QYyXWH8vFM/bMKirYMOdU3H+U5NRg1iBG4eVIBo8+5ajqORl8w
8o+nZxlB4Iqk6nxRglNRl/WuWNtV1t4Rz6c1gONTU6r0TKc7XAlbxFyqpY4XX1cH
xxD2NZmLLBC96osZHu0x7brIGsaPedu9kT2oDzh7wDiXyIjId+N8K+9+RbCtjgMt
+i4N68/3m+d6pbvgC2SapfAWWojjSFVPnZF/qdEvwDoS0j2lB0bnhLuPZQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGpLcaLIGpeECcsR3PTv9uadY7b0MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvYWt0eG9zZ2FsNFFKeXhIYzlPXzI1cDFqdHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKhBegAMF
AyoQX4ADBQMqEGCAAwUDKhBkgAMFAyoQZYADBQMqEGaAAwUDKhBngDANBgkqhkiG
9w0BAQsFAAOCAQEAb4CzpDiJUdJ3WizgzJVC3M3rrr8k0ytaTPnGxPL47rsBGz/v
4nJMmb6yp7TmjJKhQ8Yr7hHum5HCj6jZ12sFTBFS3jEf/IZtYt0a9dNB7QHosgv9
8opuK+H7IYA56izM+G0WOhMPfbZnGOpPbsqT4KVDiFHGpUlrT2HDPd8E8JaGHJaD
ijwqBX1cHtmfw6TAAUO0sthuVaM2K+greesN6Nq5LXrdU31cXGjuMCk4V1O5T60q
A9Sqyfumpno2ORRMc6mps+hzirsHOEIiZNEQzwvAOhgR1GWLkY6jgL+ZF56wFs2D
M/7y6VWQXrRrMVffkZEiEIv0bQF8f0CqNCWkEQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:34:15 2024 by rpki-client on console-fra.rpki-client.org