Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/WMxAL8gV42brwy_3ksMjGURTc_4.roa
File: WMxAL8gV42brwy_3ksMjGURTc_4.roa (raw, json)
Hash identifier: 861fmdwjPrVhgvs33clwq7FQDX6yXZqT5KTqVw4SGQ8=
Subject key identifier: 58:CC:40:2F:C8:15:E3:66:EB:C3:2F:F7:92:C3:23:19:44:53:73:FE
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018CC794724C487FC2C195E4C6B1BAFE4099
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/WMxAL8gV42brwy_3ksMjGURTc_4.roa
Signing time: Tue 02 Jan 2024 00:30:43 +0000
ROA not before: Tue 02 Jan 2024 00:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 2a11:8f85::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 04:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:72:4c:48:7f:c2:c1:95:e4:c6:b1:ba:fe:40:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 2 00:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58cc402fc815e366ebc32ff792c32319445373fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:54:a0:96:61:49:f2:d0:45:1f:c0:9f:90:a4:
8a:97:be:1d:78:41:ac:96:67:75:6e:68:9e:6e:08:
b3:0b:3e:e0:42:63:d8:6f:74:c9:8c:eb:6b:6d:3a:
9e:eb:ed:7b:e6:49:3d:e7:27:c3:a5:67:24:89:a4:
1b:67:f5:a7:9c:9a:0f:1d:51:00:5c:7c:2d:3b:c8:
d3:21:74:61:f7:62:65:8b:a3:4f:bd:bf:67:66:aa:
dd:73:42:89:69:ae:2d:87:90:db:4d:ac:43:7e:e4:
d2:42:bf:23:1c:5d:c9:9e:3b:80:0e:95:24:06:9b:
2d:03:29:f5:ea:53:cb:31:06:de:10:08:0b:c2:a8:
b9:d1:76:6e:24:f6:80:67:fe:18:2b:15:2d:7c:dd:
07:9f:31:0b:93:8e:09:c5:c3:a0:f0:42:ea:6d:09:
60:e7:0e:43:d4:b1:ca:8b:87:78:b4:c3:34:49:39:
49:de:cc:37:32:31:b9:1a:66:9e:f5:7f:ae:aa:19:
bf:16:ff:3f:65:64:60:ab:36:33:e5:fc:2b:81:98:
36:7e:cd:4d:cc:6c:90:03:e2:1e:46:4d:7f:fb:84:
5a:32:82:09:63:b8:ab:76:33:2f:83:e1:54:03:b5:
79:61:cc:ae:3d:94:b9:a6:70:bd:52:c9:be:f4:0b:
29:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CC:40:2F:C8:15:E3:66:EB:C3:2F:F7:92:C3:23:19:44:53:73:FE
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/WMxAL8gV42brwy_3ksMjGURTc_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8f85::/32
Signature Algorithm: sha256WithRSAEncryption
7b:16:37:0c:3f:3b:3c:c6:8b:67:96:e5:eb:61:85:34:06:51:
ab:a5:e4:04:4c:1a:b8:0a:c9:77:41:52:32:6a:3a:87:58:51:
82:68:84:a5:df:32:bd:65:38:77:24:9c:1b:23:4b:39:65:9c:
59:c4:a3:a8:16:c4:4a:25:3d:ae:74:06:a3:df:ec:09:ef:06:
64:62:59:04:42:b0:31:99:f3:07:ce:34:ec:73:dc:a6:e4:a7:
d2:31:29:d0:7c:73:c5:0f:ad:76:7e:0b:e6:0d:bb:99:e2:f4:
5e:8f:7a:80:de:f9:5c:79:aa:ee:c2:c4:44:cf:6f:a3:f6:19:
1d:3c:4e:e7:fb:af:af:96:98:06:48:3a:79:68:d1:27:97:99:
93:7f:30:8c:e9:3b:45:9b:d1:b8:54:05:3f:09:79:b3:d2:78:
4c:4a:1b:67:e5:ac:68:9a:99:d9:83:9f:e8:ce:64:1a:54:11:
7a:a0:89:c7:70:1d:08:3a:00:ba:b4:13:e1:e1:b2:b8:59:6b:
3e:ce:32:6c:d7:3a:51:72:f3:76:b5:78:7b:a9:6b:35:97:8c:
c1:c8:38:4b:62:8d:13:fc:17:f8:cd:62:42:85:67:a7:a1:20:
7d:db:ca:e9:41:14:ed:84:82:dd:07:8e:8f:9e:86:28:7f:90:
7a:4b:e4:bf
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHlHJMSH/CwZXkxrG6/kCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGNjNDAyZmM4MTVlMzY2ZWJjMzJmZjc5MmMzMjMxOTQ0NTM3M2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVSglmFJ8tBFH8CfkKSKl74deEGs
lmd1bmiebgizCz7gQmPYb3TJjOtrbTqe6+175kk95yfDpWckiaQbZ/WnnJoPHVEA
XHwtO8jTIXRh92Jli6NPvb9nZqrdc0KJaa4th5DbTaxDfuTSQr8jHF3JnjuADpUk
BpstAyn16lPLMQbeEAgLwqi50XZuJPaAZ/4YKxUtfN0HnzELk44JxcOg8ELqbQlg
5w5D1LHKi4d4tMM0STlJ3sw3MjG5Gmae9X+uqhm/Fv8/ZWRgqzYz5fwrgZg2fs1N
zGyQA+IeRk1/+4RaMoIJY7irdjMvg+FUA7V5YcyuPZS5pnC9Usm+9AspRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFjMQC/IFeNm68Mv95LDIxlEU3P+MB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvV014QUw4Z1Y0MmJyd3lfM2tzTWpHVVJUY180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGPhTAN
BgkqhkiG9w0BAQsFAAOCAQEAexY3DD87PMaLZ5bl62GFNAZRq6XkBEwauArJd0FS
Mmo6h1hRgmiEpd8yvWU4dyScGyNLOWWcWcSjqBbESiU9rnQGo9/sCe8GZGJZBEKw
MZnzB8407HPcpuSn0jEp0HxzxQ+tdn4L5g27meL0Xo96gN75XHmq7sLERM9vo/YZ
HTxO5/uvr5aYBkg6eWjRJ5eZk38wjOk7RZvRuFQFPwl5s9J4TEobZ+WsaJqZ2YOf
6M5kGlQReqCJx3AdCDoAurQT4eGyuFlrPs4ybNc6UXLzdrV4e6lrNZeMwcg4S2KN
E/wX+M1iQoVnp6EgfdvK6UEU7YSC3QeOj56GKH+Qekvkvw==
-----END CERTIFICATE-----
Generated at Thu May 30 09:56:35 2024 by rpki-client on console-fra.rpki-client.org