Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/yxctpn59utzR83tICEC94HMV8J4.roa
File: yxctpn59utzR83tICEC94HMV8J4.roa (raw, json)
Hash identifier: 4gXd1AfAOzvV1bmDXuLD1C7C8U8i8Y1urU++51+btog=
Subject key identifier: CB:17:2D:A6:7E:7D:BA:DC:D1:F3:7B:48:08:40:BD:E0:73:15:F0:9E
Certificate issuer: /CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Certificate serial: 018CC79537CAA9759E56312758BDD2C4382A
Authority key identifier: 4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/yxctpn59utzR83tICEC94HMV8J4.roa
Signing time: Tue 02 Jan 2024 00:31:34 +0000
ROA not before: Tue 02 Jan 2024 00:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203629
IP address blocks: 2a13:3306::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.mft
rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:37:ca:a9:75:9e:56:31:27:58:bd:d2:c4:38:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Validity
Not Before: Jan 2 00:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb172da67e7dbadcd1f37b480840bde07315f09e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6d:07:e0:09:65:a0:23:f2:0d:18:2d:bd:60:
96:08:ac:62:42:57:d4:e1:7c:77:5f:11:4d:24:30:
a7:1a:b3:20:19:b1:8c:a6:89:be:d2:d5:15:df:47:
dd:0f:9a:37:5b:2d:dc:1c:bd:d5:d7:eb:9d:cd:17:
5a:94:15:35:b5:08:bb:56:26:c1:ce:b9:6b:66:74:
2b:1a:0f:1e:9e:84:b0:9b:c7:d6:75:ee:56:30:f4:
6f:ac:19:5b:37:de:da:7b:48:7a:eb:30:94:84:91:
31:33:e6:2c:cb:51:5f:5f:aa:a9:26:b6:09:cf:3a:
0f:08:48:c4:82:75:07:1a:92:4c:28:6a:47:a3:e0:
83:e8:80:58:1a:c6:e1:95:17:28:32:3d:a8:34:4e:
4b:d0:e5:a7:90:21:55:c2:1a:ea:ad:58:3f:6d:94:
7a:6c:a4:95:a3:e1:9f:88:72:53:0b:0c:9e:7e:5d:
de:5e:e0:41:b9:c0:d9:2b:67:0b:a5:75:af:d4:bb:
46:89:3a:ae:10:12:db:f1:38:96:54:d1:88:7f:99:
0b:73:d1:e1:79:9c:78:ee:22:2b:cf:87:c8:20:51:
43:02:bc:4c:96:5b:39:f7:16:aa:6d:e4:d0:a1:68:
f3:cb:4b:62:3a:47:ab:4c:f3:27:97:e4:90:58:ab:
00:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:17:2D:A6:7E:7D:BA:DC:D1:F3:7B:48:08:40:BD:E0:73:15:F0:9E
X509v3 Authority Key Identifier:
keyid:4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/yxctpn59utzR83tICEC94HMV8J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3306::/32
Signature Algorithm: sha256WithRSAEncryption
57:66:99:35:08:71:84:37:21:c7:7a:eb:dd:b2:25:63:44:71:
2b:3c:6d:42:8e:d1:7d:29:bf:6b:e9:81:dc:68:22:31:60:ab:
02:fd:2c:ed:a4:a6:eb:be:50:24:f5:7f:65:cd:5e:0c:39:3a:
8a:92:c8:1d:3b:65:cb:44:ba:60:80:7c:ef:49:6a:7a:e0:4d:
35:0b:b4:48:9b:35:5e:db:b4:2b:d6:c0:81:27:15:c0:84:69:
aa:6b:35:72:f6:fd:75:39:9e:29:e0:55:a5:7f:01:51:6a:24:
94:dc:4a:de:e5:f8:7c:f9:fc:05:fa:9b:57:20:d0:3c:55:d6:
cb:ea:7b:2b:37:aa:3b:09:54:92:af:a7:d8:b0:83:89:ca:00:
de:e5:dd:c5:2b:81:d7:b2:24:49:42:90:f4:6f:63:8b:04:7c:
11:8d:8a:f0:58:ea:15:ee:31:32:79:ab:3e:58:74:cc:0d:16:
7e:7b:f6:d0:f2:5c:14:80:f3:c5:cf:34:c6:72:01:24:63:69:
03:a0:f1:b5:63:7f:fe:21:bc:09:15:7f:24:e5:21:4d:65:82:
7e:bf:8d:e8:ad:60:85:64:9f:15:37:1c:7d:97:c5:de:35:cc:
e8:f1:0e:ec:31:10:cc:77:21:d3:6f:fc:30:0d:26:ca:4b:24:
00:7a:b2:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHlTfKqXWeVjEnWL3SxDgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTFiYmJlNTQwMDc5ZDJiN2YyNzBiOTJjZWFmM2IyYTgx
NmU4ZmEwHhcNMjQwMTAyMDAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE3MmRhNjdlN2RiYWRjZDFmMzdiNDgwODQwYmRlMDczMTVmMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW0H4AlloCPyDRgtvWCWCKxiQlfU
4Xx3XxFNJDCnGrMgGbGMpom+0tUV30fdD5o3Wy3cHL3V1+udzRdalBU1tQi7VibB
zrlrZnQrGg8enoSwm8fWde5WMPRvrBlbN97ae0h66zCUhJExM+Ysy1FfX6qpJrYJ
zzoPCEjEgnUHGpJMKGpHo+CD6IBYGsbhlRcoMj2oNE5L0OWnkCFVwhrqrVg/bZR6
bKSVo+GfiHJTCwyefl3eXuBBucDZK2cLpXWv1LtGiTquEBLb8TiWVNGIf5kLc9Hh
eZx47iIrz4fIIFFDArxMlls59xaqbeTQoWjzy0tiOkerTPMnl+SQWKsAdwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMsXLaZ+fbrc0fN7SAhAveBzFfCeMB8GA1UdIwQY
MBaAFEvhu75UAHnSt/JwuSzq87KoFuj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMt
MWVmMWNlZTY2MWNhLzEveXhjdHBuNTl1dHpSODN0SUNFQzk0SE1WOEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMtMWVmMWNlZTY2MWNh
LzEvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhMzBjAN
BgkqhkiG9w0BAQsFAAOCAQEAV2aZNQhxhDchx3rr3bIlY0RxKzxtQo7RfSm/a+mB
3GgiMWCrAv0s7aSm675QJPV/Zc1eDDk6ipLIHTtly0S6YIB870lqeuBNNQu0SJs1
Xtu0K9bAgScVwIRpqms1cvb9dTmeKeBVpX8BUWoklNxK3uX4fPn8BfqbVyDQPFXW
y+p7KzeqOwlUkq+n2LCDicoA3uXdxSuB17IkSUKQ9G9jiwR8EY2K8FjqFe4xMnmr
Plh0zA0Wfnv20PJcFIDzxc80xnIBJGNpA6DxtWN//iG8CRV/JOUhTWWCfr+N6K1g
hWSfFTccfZfF3jXM6PEO7DEQzHch02/8MA0mykskAHqyDw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:55:12 2024 by rpki-client on console-ams.rpki-client.org