Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/vHwM7wdSGCzqZGT3PQVMmgcgq-0.roa
File: vHwM7wdSGCzqZGT3PQVMmgcgq-0.roa (raw, json)
Hash identifier: lxXc3Ic7U9QN/qAasUTdeXNkM4spGtFzK1kkhA1DEkw=
Subject key identifier: BC:7C:0C:EF:07:52:18:2C:EA:64:64:F7:3D:05:4C:9A:07:20:AB:ED
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018ECD18041CEC1F0A6C4C5BE3DBDA8922AF
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/vHwM7wdSGCzqZGT3PQVMmgcgq-0.roa
Signing time: Thu 11 Apr 2024 12:18:06 +0000
ROA not before: Thu 11 Apr 2024 12:18:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a13:ba80::/32 maxlen: 32
2a13:ba81::/32 maxlen: 32
2a13:ba82::/32 maxlen: 32
2a13:ba83::/32 maxlen: 32
2a13:ba84::/32 maxlen: 32
2a13:ba85::/32 maxlen: 32
2a13:ba86::/32 maxlen: 32
2a13:ba87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 22:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:18:04:1c:ec:1f:0a:6c:4c:5b:e3:db:da:89:22:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Apr 11 12:18:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc7c0cef0752182cea6464f73d054c9a0720abed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d8:85:35:ba:6d:12:54:cd:d5:47:8c:ce:3f:
45:1c:6a:0c:ef:44:75:a5:48:95:93:19:2a:d7:e4:
f0:73:38:47:77:74:7e:41:5a:bd:22:08:e2:8e:5c:
d2:4b:a4:d1:8c:8a:f6:81:78:32:4b:71:24:8b:ea:
fc:3b:b8:9a:75:1f:eb:f6:1d:c1:08:8b:90:4c:29:
6e:55:3c:2d:99:2b:e2:1f:5d:1b:a9:4b:22:d9:c6:
3f:97:19:9d:f3:1b:31:77:d5:20:f5:e7:45:64:7b:
06:38:76:85:ee:a3:66:77:b8:bd:ec:93:61:9d:32:
87:36:39:ac:96:36:fb:ea:4e:d1:ee:50:a1:a7:8c:
e3:98:0c:9d:fc:a1:57:70:d3:b8:be:ca:6d:11:f8:
66:2c:fd:24:86:45:dd:0f:42:b9:25:95:f7:2f:89:
d7:85:c3:d0:dc:1f:e3:33:33:82:29:73:aa:e1:e5:
69:4d:71:61:dd:6d:c4:32:36:94:8b:3c:2b:48:d3:
0e:ba:ca:52:b7:04:a2:88:50:a2:22:05:2f:08:41:
4d:8b:35:a6:54:d8:a8:54:95:77:f4:9b:18:a4:ca:
b9:d0:31:a9:24:c3:22:48:04:0c:d9:68:61:6a:2e:
71:e4:ef:d4:80:39:f4:36:b3:c9:bb:f3:b8:dc:67:
98:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:7C:0C:EF:07:52:18:2C:EA:64:64:F7:3D:05:4C:9A:07:20:AB:ED
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/vHwM7wdSGCzqZGT3PQVMmgcgq-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
4b:49:bc:77:be:6b:0e:62:c3:23:f0:0c:29:28:60:eb:f8:9b:
af:b8:16:6d:04:d9:47:af:97:3a:fe:52:b7:c5:10:f3:0d:1c:
06:07:3c:e2:c7:99:54:bf:ea:5c:64:97:c2:c8:4c:4a:68:6f:
d8:c3:35:85:e5:2e:bd:e7:92:67:fc:60:8b:96:02:db:34:56:
95:01:8c:aa:c6:d8:09:9b:21:30:17:bb:0f:83:5e:3f:e7:8c:
55:97:61:43:fd:5a:e1:e9:3d:0f:a0:cd:a6:fc:aa:54:78:05:
cf:14:8a:27:cb:05:fd:ad:15:ad:77:b7:5d:7a:ec:21:5a:e2:
74:9c:64:69:44:8d:e0:fc:61:e0:5d:e3:8a:57:e9:ae:ea:34:
d8:5a:1a:b1:c7:7a:ae:14:a1:ad:50:e7:84:6c:01:ed:7e:f3:
d3:9e:ce:d3:72:d0:4d:24:02:f1:c8:13:8c:ca:c3:ff:4f:5c:
d1:fc:ac:3a:83:12:bc:68:6b:bf:c1:58:92:e0:ba:5a:9e:63:
0d:26:26:56:c2:d9:c1:1d:fa:d1:a5:fa:0c:9e:cc:c3:b3:1c:
87:f1:91:26:0d:c5:7c:a5:7a:93:8d:49:37:b1:7a:42:82:16:
7b:ea:42:19:21:db:ee:40:a8:10:98:9e:3f:43:d1:61:8c:07:
a7:27:55:54
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7NGAQc7B8KbExb49vaiSKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNDExMTIxODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzdjMGNlZjA3NTIxODJjZWE2NDY0ZjczZDA1NGM5YTA3MjBhYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9iFNbptElTN1UeMzj9FHGoM70R1
pUiVkxkq1+TwczhHd3R+QVq9IgjijlzSS6TRjIr2gXgyS3Eki+r8O7iadR/r9h3B
CIuQTCluVTwtmSviH10bqUsi2cY/lxmd8xsxd9Ug9edFZHsGOHaF7qNmd7i97JNh
nTKHNjmsljb76k7R7lChp4zjmAyd/KFXcNO4vsptEfhmLP0khkXdD0K5JZX3L4nX
hcPQ3B/jMzOCKXOq4eVpTXFh3W3EMjaUizwrSNMOuspStwSiiFCiIgUvCEFNizWm
VNioVJV39JsYpMq50DGpJMMiSAQM2Whhai5x5O/UgDn0NrPJu/O43GeY2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLx8DO8HUhgs6mRk9z0FTJoHIKvtMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvdkh3TTd3ZFNHQ3pxWkdUM1BRVk1tZ2NncS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAS0m8d75rDmLDI/AMKShg6/ibr7gWbQTZR6+XOv5S
t8UQ8w0cBgc84seZVL/qXGSXwshMSmhv2MM1heUuveeSZ/xgi5YC2zRWlQGMqsbY
CZshMBe7D4NeP+eMVZdhQ/1a4ek9D6DNpvyqVHgFzxSKJ8sF/a0VrXe3XXrsIVri
dJxkaUSN4Pxh4F3jilfpruo02Foascd6rhShrVDnhGwB7X7z057O03LQTSQC8cgT
jMrD/09c0fysOoMSvGhrv8FYkuC6Wp5jDSYmVsLZwR360aX6DJ7Mw7Mch/GRJg3F
fKV6k41JN7F6QoIWe+pCGSHb7kCoEJieP0PRYYwHpydVVA==
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:33:23 2024 by rpki-client on console-ams.rpki-client.org