Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2hJVu5JAVbDhm_RCPllyw5HkY4o.roa
File: 2hJVu5JAVbDhm_RCPllyw5HkY4o.roa (raw, json)
Hash identifier: 5e5OYdtPrkHUIVZTAtKqlzWnBJ024I2wiNlit2+8Ucw=
Subject key identifier: DA:12:55:BB:92:40:55:B0:E1:9B:F4:42:3E:59:72:C3:91:E4:63:8A
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 018CC34957B39DBA7CF245EC18354078EBD8
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2hJVu5JAVbDhm_RCPllyw5HkY4o.roa
Signing time: Mon 01 Jan 2024 04:30:12 +0000
ROA not before: Mon 01 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59922
IP address blocks: 2a0a:8887:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:57:b3:9d:ba:7c:f2:45:ec:18:35:40:78:eb:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da1255bb924055b0e19bf4423e5972c391e4638a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1f:0f:b5:e4:fe:f1:9a:a8:e2:31:4b:64:37:
15:b3:c9:6c:95:75:23:f6:e2:1f:3e:62:6a:cf:80:
3f:91:3e:85:3a:37:56:a4:89:54:91:3b:62:d6:ff:
3d:d5:e2:41:56:a5:32:30:8b:6c:04:9c:bc:fe:ae:
0f:fd:2a:e8:97:d0:ee:74:57:0b:01:1e:07:3a:46:
b3:b8:3f:9d:a3:09:26:96:ba:53:90:82:c4:6b:c7:
f1:39:89:87:a0:98:09:1f:42:fd:37:d9:f8:3d:48:
f0:2c:ed:60:b3:e4:6f:d1:53:e4:6a:a3:9c:ef:c3:
d6:ab:1c:df:b8:0e:b5:53:92:56:f5:d5:c4:07:20:
ae:04:e6:d2:43:22:43:49:dd:b2:03:a5:ef:df:4e:
ce:f9:6c:cb:e1:6a:87:a1:74:e0:95:49:ab:08:55:
53:53:61:1b:52:8a:55:78:45:db:95:55:7d:80:f6:
e9:c5:fd:db:ac:eb:10:b6:6e:38:9f:51:d3:00:f5:
fb:bb:7d:b6:5d:7c:a4:bc:13:20:52:03:64:ef:27:
b5:96:24:fa:f5:2a:61:e5:66:36:2c:18:8b:3b:09:
fc:46:fa:da:bc:7b:c1:cd:e5:f6:66:41:e9:ef:3e:
c7:9e:c3:0f:5e:49:48:18:e2:07:72:d1:d5:62:d0:
b8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:12:55:BB:92:40:55:B0:E1:9B:F4:42:3E:59:72:C3:91:E4:63:8A
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2hJVu5JAVbDhm_RCPllyw5HkY4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:8887:1::/48
Signature Algorithm: sha256WithRSAEncryption
10:bf:0a:08:64:43:88:e8:3f:fe:2d:2e:12:d5:56:da:de:4a:
39:6f:3e:29:3a:e4:d4:b2:1a:ec:88:fe:5b:04:d7:2b:d1:da:
ec:24:cc:d6:63:ec:48:ab:da:c8:91:f5:bd:a2:34:2a:33:7a:
15:6a:02:ae:11:be:45:fa:af:12:cf:15:6b:91:7e:51:92:ba:
3d:00:a7:74:a1:1f:c0:86:47:f3:7f:a9:2c:53:54:c3:28:31:
72:e9:cf:38:5c:36:f8:80:8b:41:11:6d:bb:f5:5b:d3:e0:60:
90:12:20:39:3b:31:b5:1e:62:a2:0b:ed:4e:40:73:a3:5a:61:
f7:46:5b:45:df:9a:dc:94:7b:f4:09:9a:32:13:73:e9:dd:b9:
fe:81:60:69:25:22:b4:f6:64:4c:c4:19:32:17:97:07:55:35:
b4:e1:78:10:e6:9e:b6:10:81:8c:5b:35:91:9b:b1:3b:77:d9:
ce:80:b5:da:4a:b5:a4:55:d5:d6:95:fd:67:32:cc:99:77:38:
81:a0:51:b0:a9:c3:ab:c7:16:b0:2e:43:da:ed:90:2a:15:0c:
3f:b1:23:3c:1c:ab:41:cc:37:c3:86:19:63:36:03:fc:9f:0a:
8f:22:32:70:bb:ac:52:52:5f:f8:4d:92:06:98:59:52:0d:e8:
1d:b7:ba:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSVeznbp88kXsGDVAeOvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTEyNTViYjkyNDA1NWIwZTE5YmY0NDIzZTU5NzJjMzkxZTQ2MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiB8PteT+8Zqo4jFLZDcVs8lslXUj
9uIfPmJqz4A/kT6FOjdWpIlUkTti1v891eJBVqUyMItsBJy8/q4P/Srol9DudFcL
AR4HOkazuD+dowkmlrpTkILEa8fxOYmHoJgJH0L9N9n4PUjwLO1gs+Rv0VPkaqOc
78PWqxzfuA61U5JW9dXEByCuBObSQyJDSd2yA6Xv307O+WzL4WqHoXTglUmrCFVT
U2EbUopVeEXblVV9gPbpxf3brOsQtm44n1HTAPX7u322XXykvBMgUgNk7ye1liT6
9Sph5WY2LBiLOwn8RvravHvBzeX2ZkHp7z7HnsMPXklIGOIHctHVYtC4ZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNoSVbuSQFWw4Zv0Qj5ZcsOR5GOKMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvMmhKVnU1SkFWYkRobV9SQ1BsbHl3NUhrWTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgqIhwAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAQvwoIZEOI6D/+LS4S1Vba3ko5bz4pOuTUshrs
iP5bBNcr0drsJMzWY+xIq9rIkfW9ojQqM3oVagKuEb5F+q8SzxVrkX5Rkro9AKd0
oR/Ahkfzf6ksU1TDKDFy6c84XDb4gItBEW279VvT4GCQEiA5OzG1HmKiC+1OQHOj
WmH3RltF35rclHv0CZoyE3Pp3bn+gWBpJSK09mRMxBkyF5cHVTW04XgQ5p62EIGM
WzWRm7E7d9nOgLXaSrWkVdXWlf1nMsyZdziBoFGwqcOrxxawLkPa7ZAqFQw/sSM8
HKtBzDfDhhljNgP8nwqPIjJwu6xSUl/4TZIGmFlSDegdt7rJ
-----END CERTIFICATE-----
Generated at Sat Apr 27 18:19:44 2024 by rpki-client on console-ams.rpki-client.org