Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/DdzBLqWmPVdM9FqIGK9sAskeCKE.roa
File: DdzBLqWmPVdM9FqIGK9sAskeCKE.roa (raw, json)
Hash identifier: tkoj2gJ06pyfqFgLMQDeo5vphr29LHPajXX1WFmVaEw=
Subject key identifier: 0D:DC:C1:2E:A5:A6:3D:57:4C:F4:5A:88:18:AF:6C:02:C9:1E:08:A1
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018CC34895B71EDDAD2B0A8BDCAE56B86ED9
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/DdzBLqWmPVdM9FqIGK9sAskeCKE.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209261
IP address blocks: 2a0d:2581::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:95:b7:1e:dd:ad:2b:0a:8b:dc:ae:56:b8:6e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ddcc12ea5a63d574cf45a8818af6c02c91e08a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:73:50:d7:33:75:79:3a:a8:38:51:a9:63:
ad:18:b9:14:cb:8d:5d:18:42:53:8f:1f:a2:d8:4f:
cf:0f:34:17:39:7e:dc:fe:16:b6:8a:93:7d:b7:7a:
ec:3e:ac:35:1b:a0:1d:58:88:16:df:7d:5f:4a:f5:
17:8a:d8:74:ad:d5:61:f2:09:c4:e1:30:35:de:a8:
27:58:08:8b:e2:1c:6e:b1:ef:fe:10:0f:59:6e:3e:
94:c6:1c:dd:ea:b0:90:8c:da:d0:02:98:e2:80:c0:
31:20:c8:f4:37:a3:1f:d1:ab:8e:97:a7:42:50:5b:
c7:27:33:38:8f:18:ec:33:71:75:dd:a2:49:78:f1:
34:03:59:f9:1a:18:65:4a:95:fd:f1:bd:94:bd:13:
95:12:97:78:00:e2:ef:5c:2b:6e:fa:54:0d:1e:16:
0f:5e:99:e1:0b:13:1a:a7:b7:b8:ea:b6:84:fc:23:
25:e4:19:5e:c1:77:bb:6e:69:c9:8e:19:28:68:b4:
11:db:e8:80:3a:12:9f:24:2c:0f:2a:20:b4:9c:7c:
6f:c7:b9:2c:2e:7c:28:f2:c2:75:e7:08:c0:b7:6a:
11:d7:8b:8f:7c:ca:9a:5f:52:3a:f8:0f:b1:a5:fe:
71:94:41:95:52:0e:00:cc:8e:8a:3c:e4:db:f3:13:
34:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:DC:C1:2E:A5:A6:3D:57:4C:F4:5A:88:18:AF:6C:02:C9:1E:08:A1
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/DdzBLqWmPVdM9FqIGK9sAskeCKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2581::/32
Signature Algorithm: sha256WithRSAEncryption
78:65:4f:1c:23:bc:6e:ce:fc:c5:96:25:2a:28:cc:2b:59:76:
65:c1:41:d6:d8:72:3b:6f:a7:92:96:14:c5:08:53:d1:84:4e:
72:9b:fc:c5:b2:2b:50:8c:fe:ed:e3:94:30:2b:b6:46:37:84:
27:0a:9e:11:c3:0c:2f:ea:ae:57:f7:a7:54:a6:cb:11:b9:ab:
db:8f:4d:2b:d3:81:67:6e:bd:94:ce:d7:88:f8:9f:03:d1:0d:
69:c9:25:f4:d5:50:c0:48:2d:e6:a5:f3:dc:6e:91:69:4d:bb:
db:23:8a:41:5b:a4:52:73:4a:98:19:9f:b3:45:a7:0e:45:2f:
21:b1:77:0b:f6:07:cb:69:2b:3a:2a:20:0f:c8:89:3e:2b:6e:
74:c3:99:8b:c1:85:a4:04:46:9a:88:b1:b6:79:cd:e8:b6:13:
eb:31:05:82:17:e4:69:22:d4:3f:58:7e:3e:ad:65:25:31:6f:
80:9f:6b:f6:a3:84:d9:19:01:76:81:94:c6:25:8d:55:d8:9a:
40:6b:ee:80:67:7d:a6:eb:d0:75:17:98:f4:f6:96:0d:79:06:
28:50:2d:93:4c:72:a1:b8:5c:3b:5e:fc:71:63:7c:f3:09:42:
0a:28:7b:8f:21:42:0b:63:7d:67:2c:c3:d5:3d:fd:9c:a7:34:
3c:6f:d6:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDSJW3Ht2tKwqL3K5WuG7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGRjYzEyZWE1YTYzZDU3NGNmNDVhODgxOGFmNmMwMmM5MWUwOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl5zUNczdXk6qDhRqWOtGLkUy41d
GEJTjx+i2E/PDzQXOX7c/ha2ipN9t3rsPqw1G6AdWIgW331fSvUXith0rdVh8gnE
4TA13qgnWAiL4hxuse/+EA9Zbj6Uxhzd6rCQjNrQApjigMAxIMj0N6Mf0auOl6dC
UFvHJzM4jxjsM3F13aJJePE0A1n5GhhlSpX98b2UvROVEpd4AOLvXCtu+lQNHhYP
XpnhCxMap7e46raE/CMl5BlewXe7bmnJjhkoaLQR2+iAOhKfJCwPKiC0nHxvx7ks
Lnwo8sJ15wjAt2oR14uPfMqaX1I6+A+xpf5xlEGVUg4AzI6KPOTb8xM0/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA3cwS6lpj1XTPRaiBivbALJHgihMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvRGR6QkxxV21QVmRNOUZxSUdLOXNBc2tlQ0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg0lgTAN
BgkqhkiG9w0BAQsFAAOCAQEAeGVPHCO8bs78xZYlKijMK1l2ZcFB1thyO2+nkpYU
xQhT0YROcpv8xbIrUIz+7eOUMCu2RjeEJwqeEcMML+quV/enVKbLEbmr249NK9OB
Z269lM7XiPifA9ENackl9NVQwEgt5qXz3G6RaU272yOKQVukUnNKmBmfs0WnDkUv
IbF3C/YHy2krOiogD8iJPitudMOZi8GFpARGmoixtnnN6LYT6zEFghfkaSLUP1h+
Pq1lJTFvgJ9r9qOE2RkBdoGUxiWNVdiaQGvugGd9puvQdReY9PaWDXkGKFAtk0xy
obhcO178cWN88wlCCih7jyFCC2N9ZyzD1T39nKc0PG/W+w==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:40:51 2024 by rpki-client on console-fra.rpki-client.org