Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/XwtTzgmbaOEUpqfGYf24GnyAEj0.roa
File: XwtTzgmbaOEUpqfGYf24GnyAEj0.roa (raw, json)
Hash identifier: p/9fWNiDnigkJrBOhUuTQkdrSzcw6vDImyW1B2N5V6E=
Subject key identifier: 5F:0B:53:CE:09:9B:68:E1:14:A6:A7:C6:61:FD:B8:1A:7C:80:12:3D
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 018CC3490AD83825E951247E2A76D14FB048
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/XwtTzgmbaOEUpqfGYf24GnyAEj0.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 2a06:6541:2002::/48 maxlen: 48
2a06:6540:2002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 16:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0a:d8:38:25:e9:51:24:7e:2a:76:d1:4f:b0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f0b53ce099b68e114a6a7c661fdb81a7c80123d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4c:bc:0d:54:f1:c4:4d:dd:1d:fc:e0:5d:39:
b1:b3:fc:18:8a:4c:04:dd:4c:ab:9e:ca:5b:56:0f:
f2:ce:e3:7f:2a:d6:8e:68:bd:c5:ea:e0:22:97:0f:
88:14:8c:cc:39:d7:7f:41:b5:61:05:44:fb:92:fa:
ac:71:ff:15:0f:2f:b7:42:8e:e3:b0:9b:ac:67:e9:
b7:a5:4f:b3:87:52:9e:a7:52:78:e4:f7:ae:79:7a:
1d:af:45:3b:96:9c:89:f7:e8:cc:ea:52:98:d4:9f:
10:b9:34:63:d2:11:33:8d:2e:5a:68:aa:73:b9:40:
ed:3c:88:54:a5:ca:94:c6:f4:cd:57:57:6b:3b:81:
7f:a1:4a:72:63:cf:5e:7e:61:05:c0:2c:f9:e3:ef:
03:a3:0e:19:84:8a:2f:49:91:ca:b1:5c:88:1d:9e:
e8:dd:82:86:df:e9:2b:31:96:61:3e:b5:c4:c7:89:
10:c5:a0:eb:1f:c6:8b:0f:3d:65:d0:b5:8d:46:ab:
d2:a8:3e:19:23:07:40:71:0c:03:31:9b:a0:4c:77:
a7:2b:bf:82:ba:ac:10:fb:68:f4:b5:53:6d:f0:58:
94:47:9b:89:ae:29:96:b2:e4:b0:ca:7f:4d:fe:a1:
15:eb:ec:09:24:43:18:05:70:63:68:7a:bc:71:8f:
18:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0B:53:CE:09:9B:68:E1:14:A6:A7:C6:61:FD:B8:1A:7C:80:12:3D
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/XwtTzgmbaOEUpqfGYf24GnyAEj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6540:2002::/48
2a06:6541:2002::/48
Signature Algorithm: sha256WithRSAEncryption
9c:68:c6:aa:42:c9:26:67:0d:91:2a:94:71:0d:41:af:0c:66:
41:07:67:6d:f8:9e:60:2b:a1:48:26:cb:ba:f2:ae:9e:01:11:
c3:77:d5:ed:5b:b5:2c:b0:47:56:f2:70:cb:21:b0:88:a8:b1:
f3:e2:a2:60:80:ec:38:50:fa:ce:54:b5:80:59:45:49:c1:f8:
f4:77:5a:18:0b:e7:bb:28:2a:a7:83:ce:3b:9f:9e:6a:86:28:
39:b8:4f:eb:48:6e:e4:57:83:54:b1:52:a9:f8:3c:25:3e:24:
14:b8:ed:28:fb:46:0b:3a:3c:b4:2f:7d:22:b0:67:ba:f2:0c:
33:4b:6e:5e:1b:8b:b6:28:0d:2e:10:93:52:38:1f:c2:62:9b:
36:93:15:7a:8f:38:c9:e2:77:4b:b4:c0:1f:d4:54:55:d0:2e:
bc:79:63:8e:bd:67:68:64:c3:53:cc:48:24:da:33:18:c0:b6:
db:51:60:9b:43:23:85:b1:90:7b:ad:69:be:04:53:c2:32:75:
bb:ac:76:91:fd:b0:25:f4:c8:5b:56:a1:81:50:bd:61:34:d6:
f0:dc:41:8e:14:38:45:34:c4:3c:12:1d:9a:48:d6:a3:6e:f1:
0c:61:9c:4c:7d:45:ff:1d:33:60:46:de:21:02:45:fd:49:52:
05:8b:bb:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSQrYOCXpUSR+KnbRT7BIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzQ2NmNjODlmOWRiNGUzMWM1NDAwZDJhZTdhMmJmZmRi
MjI1NDcwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjBiNTNjZTA5OWI2OGUxMTRhNmE3YzY2MWZkYjgxYTdjODAxMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUy8DVTxxE3dHfzgXTmxs/wYikwE
3UyrnspbVg/yzuN/KtaOaL3F6uAilw+IFIzMOdd/QbVhBUT7kvqscf8VDy+3Qo7j
sJusZ+m3pU+zh1Kep1J45PeueXodr0U7lpyJ9+jM6lKY1J8QuTRj0hEzjS5aaKpz
uUDtPIhUpcqUxvTNV1drO4F/oUpyY89efmEFwCz54+8Dow4ZhIovSZHKsVyIHZ7o
3YKG3+krMZZhPrXEx4kQxaDrH8aLDz1l0LWNRqvSqD4ZIwdAcQwDMZugTHenK7+C
uqwQ+2j0tVNt8FiUR5uJrimWsuSwyn9N/qEV6+wJJEMYBXBjaHq8cY8YfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF8LU84Jm2jhFKanxmH9uBp8gBI9MB8GA1UdIwQY
MBaAFFrEZsyJ+dtOMcVADSrnor/9siVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2Yt
OWFiZDFhYTY0YmUxLzEvWHd0VHpnbWJhT0VVcHFmR1lmMjRHbnlBRWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2YtOWFiZDFhYTY0YmUx
LzEvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgZlQCAC
AwcAKgZlQSACMA0GCSqGSIb3DQEBCwUAA4IBAQCcaMaqQskmZw2RKpRxDUGvDGZB
B2dt+J5gK6FIJsu68q6eARHDd9XtW7UssEdW8nDLIbCIqLHz4qJggOw4UPrOVLWA
WUVJwfj0d1oYC+e7KCqng847n55qhig5uE/rSG7kV4NUsVKp+DwlPiQUuO0o+0YL
Ojy0L30isGe68gwzS25eG4u2KA0uEJNSOB/CYps2kxV6jzjJ4ndLtMAf1FRV0C68
eWOOvWdoZMNTzEgk2jMYwLbbUWCbQyOFsZB7rWm+BFPCMnW7rHaR/bAl9MhbVqGB
UL1hNNbw3EGOFDhFNMQ8Eh2aSNajbvEMYZxMfUX/HTNgRt4hAkX9SVIFi7uS
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:22:57 2024 by rpki-client on console-ams.rpki-client.org