Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/ycpU21rHrhmJfhjTxcFUMtfS0V4.roa
File: ycpU21rHrhmJfhjTxcFUMtfS0V4.roa (raw, json)
Hash identifier: LS6GkjBcYkOswxq0klkFPa931B4JxCPeNS4Nvd8e6W0=
Subject key identifier: C9:CA:54:DB:5A:C7:AE:19:89:7E:18:D3:C5:C1:54:32:D7:D2:D1:5E
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0192B93147D91F15F1340116645A8861EE8A
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/ycpU21rHrhmJfhjTxcFUMtfS0V4.roa
Signing time: Wed 23 Oct 2024 11:44:27 +0000
ROA not before: Wed 23 Oct 2024 11:44:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198923
IP address blocks: 2a07:2486:ef0::/44 maxlen: 44
2a07:2486:ef0::/48 maxlen: 48
2a07:2486:ef2::/48 maxlen: 48
2a07:2486:ef4::/48 maxlen: 48
2a07:2486:fd0::/44 maxlen: 44
2a07:2486:fda::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:31:47:d9:1f:15:f1:34:01:16:64:5a:88:61:ee:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Oct 23 11:44:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9ca54db5ac7ae19897e18d3c5c15432d7d2d15e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d9:65:b8:0f:5b:f7:80:43:d5:41:b7:e7:cb:
de:13:29:58:d2:57:ed:10:e0:95:d0:a5:ec:4d:45:
02:6c:2d:ac:54:12:6b:57:e0:ad:72:75:c4:18:6c:
09:0e:73:a9:22:1a:72:ce:63:e9:33:f6:2d:2b:2c:
61:a9:c1:5c:78:de:a0:93:a7:da:ba:b2:cf:fe:00:
2a:80:19:a1:e5:01:ae:6e:6e:7a:a3:50:30:59:4f:
a1:e0:74:3d:fd:83:fd:d0:07:41:fd:c3:e6:83:de:
a4:c6:de:a7:a8:c0:16:dc:79:fa:2b:ba:e0:a2:e0:
c7:69:49:4a:37:68:d2:81:9d:30:20:6f:78:28:b6:
e7:5d:c3:06:48:5b:22:f9:0d:41:f4:fa:5f:af:ff:
84:62:d9:aa:5d:9e:5b:0b:91:a4:5b:3c:03:ce:a6:
f6:e4:16:3f:44:39:bf:53:3f:22:c8:f5:ec:a7:51:
9b:73:45:20:a8:0a:71:ab:3d:7a:30:87:53:0c:61:
d6:f0:97:54:81:04:57:56:24:fe:36:41:a6:a1:34:
e0:94:0e:55:00:b1:70:6c:2d:6b:9b:a7:e0:95:66:
73:07:5f:b2:b4:ab:5b:f3:31:27:76:4a:e6:8b:16:
e1:a7:92:2a:64:04:1a:e5:0c:70:d6:fd:b2:63:f0:
ce:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CA:54:DB:5A:C7:AE:19:89:7E:18:D3:C5:C1:54:32:D7:D2:D1:5E
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/ycpU21rHrhmJfhjTxcFUMtfS0V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486:ef0::/44
2a07:2486:fd0::/44
Signature Algorithm: sha256WithRSAEncryption
74:76:68:3b:dd:0a:ef:83:d0:3a:31:6e:59:44:bd:89:dd:08:
a6:69:0d:fc:34:22:ab:ce:3a:22:c3:19:d4:7e:fc:44:04:8d:
eb:76:d6:c6:b0:8d:1d:04:95:48:5e:b4:2c:c3:f4:1a:6c:25:
8c:fc:8e:76:aa:48:cc:eb:d2:65:26:dc:9f:b0:aa:74:3d:ae:
7c:5f:7a:7c:d1:4f:5d:d5:d5:1d:6a:e5:ba:2c:e9:c3:10:10:
e5:40:ee:cb:0a:ae:cf:66:dd:a0:b0:ca:10:cd:a3:8b:1d:97:
a1:12:c7:67:28:c6:ad:85:11:ca:67:7b:56:6c:eb:83:65:37:
d4:d7:0e:a7:36:26:07:60:be:fa:dc:fe:4a:ee:67:cb:6a:4d:
0b:c7:54:d6:98:99:07:bd:97:56:aa:63:1a:6d:8f:59:c3:b5:
5e:31:07:9f:06:ac:02:35:90:72:7e:30:b8:46:74:ba:2a:f8:
c4:10:32:a0:da:79:04:6e:9f:50:5b:a0:04:72:0f:f8:6a:7f:
07:1f:72:50:f8:44:6b:cf:ad:06:57:3d:e1:9b:6e:8d:db:39:
b0:a6:f0:6c:bf:88:49:86:d8:99:04:04:b4:02:04:dd:17:d2:
84:0d:af:c0:d0:ef:cc:25:ca:86:3b:b2:d4:b0:28:2f:bb:7b:
fa:19:f9:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK5MUfZHxXxNAEWZFqIYe6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQxMDIzMTE0NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWNhNTRkYjVhYzdhZTE5ODk3ZTE4ZDNjNWMxNTQzMmQ3ZDJkMTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstlluA9b94BD1UG358veEylY0lft
EOCV0KXsTUUCbC2sVBJrV+CtcnXEGGwJDnOpIhpyzmPpM/YtKyxhqcFceN6gk6fa
urLP/gAqgBmh5QGubm56o1AwWU+h4HQ9/YP90AdB/cPmg96kxt6nqMAW3Hn6K7rg
ouDHaUlKN2jSgZ0wIG94KLbnXcMGSFsi+Q1B9Ppfr/+EYtmqXZ5bC5GkWzwDzqb2
5BY/RDm/Uz8iyPXsp1Gbc0UgqApxqz16MIdTDGHW8JdUgQRXViT+NkGmoTTglA5V
ALFwbC1rm6fglWZzB1+ytKtb8zEndkrmixbhp5IqZAQa5Qxw1v2yY/DO6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMnKVNtax64ZiX4Y08XBVDLX0tFeMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEveWNwVTIxckhyaG1KZmhqVHhjRlVNdGZTMFY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgckhg7w
AwcEKgckhg/QMA0GCSqGSIb3DQEBCwUAA4IBAQB0dmg73Qrvg9A6MW5ZRL2J3Qim
aQ38NCKrzjoiwxnUfvxEBI3rdtbGsI0dBJVIXrQsw/QabCWM/I52qkjM69JlJtyf
sKp0Pa58X3p80U9d1dUdauW6LOnDEBDlQO7LCq7PZt2gsMoQzaOLHZehEsdnKMat
hRHKZ3tWbOuDZTfU1w6nNiYHYL763P5K7mfLak0Lx1TWmJkHvZdWqmMabY9Zw7Ve
MQefBqwCNZByfjC4RnS6KvjEEDKg2nkEbp9QW6AEcg/4an8HH3JQ+ERrz60GVz3h
m26N2zmwpvBsv4hJhtiZBAS0AgTdF9KEDa/A0O/MJcqGO7LUsCgvu3v6Gflr
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:11:00 2024 by rpki-client on console-fra.rpki-client.org