Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/i8gbPNnZPLjq-q0y6oYbxOz4HcU.roa
File: i8gbPNnZPLjq-q0y6oYbxOz4HcU.roa (raw, json)
Hash identifier: cENIEBtz2Zt0cjcqy8jxN3exfhUfVs7YN+bhyb5ezcI=
Subject key identifier: 8B:C8:1B:3C:D9:D9:3C:B8:EA:FA:AD:32:EA:86:1B:C4:EC:F8:1D:C5
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018CC3489A7F6A5698A1BDC7E3B696937541
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/i8gbPNnZPLjq-q0y6oYbxOz4HcU.roa
Signing time: Mon 01 Jan 2024 04:29:24 +0000
ROA not before: Mon 01 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213262
IP address blocks: 2a0d:2580::/48 maxlen: 48
2a0d:2580:a000::/37 maxlen: 48
2a0d:2580:1000::/36 maxlen: 48
2a0d:2580::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9a:7f:6a:56:98:a1:bd:c7:e3:b6:96:93:75:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bc81b3cd9d93cb8eafaad32ea861bc4ecf81dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fb:29:37:8c:ed:0e:28:5f:73:39:d2:5f:5d:
65:3c:df:8f:a7:16:16:d5:0a:0c:3c:d6:76:68:8c:
a9:aa:26:31:9e:50:89:da:30:29:60:d6:50:a4:61:
46:b7:90:2b:57:50:b5:18:e2:ad:8d:25:b4:00:ad:
28:d3:8a:b0:56:b2:0c:0e:23:6a:ce:bb:78:0c:c2:
06:30:cf:97:06:97:2c:0f:be:a5:4d:6b:b8:99:d3:
0a:60:e1:77:ce:da:c4:97:6e:04:c8:42:65:96:fe:
82:f4:ff:6a:07:43:83:14:20:2f:14:c5:72:c8:0d:
ba:82:42:69:71:93:fd:b3:ba:27:14:2e:ab:c7:09:
ab:6e:fb:79:2c:ec:cc:a2:82:0b:09:72:69:e1:cd:
b4:d2:28:8a:6e:39:61:64:56:cb:99:28:4d:af:0c:
db:70:c7:e2:56:48:e6:f0:66:ec:76:76:c7:8b:55:
c1:bf:0d:46:e1:46:bd:10:71:01:ab:95:eb:4d:3d:
f9:91:3e:22:aa:88:23:30:35:d3:c8:83:20:c8:fd:
2e:a3:02:67:a5:fa:c1:7c:fd:36:83:2d:ba:1d:ed:
34:67:d4:b5:c3:bf:56:2a:3f:ff:cd:e9:06:48:9d:
18:31:7c:d3:f2:02:ab:00:73:68:80:f7:d2:59:82:
d3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C8:1B:3C:D9:D9:3C:B8:EA:FA:AD:32:EA:86:1B:C4:EC:F8:1D:C5
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/i8gbPNnZPLjq-q0y6oYbxOz4HcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2580::/40
2a0d:2580:1000::/36
2a0d:2580:a000::/37
Signature Algorithm: sha256WithRSAEncryption
4f:54:d7:f1:5f:78:58:45:c2:50:54:de:98:6a:e2:32:d9:77:
15:f6:0f:e8:86:33:fc:a1:82:49:e3:ea:f8:54:6f:e5:bb:cc:
5f:a2:7d:e5:6a:25:ee:aa:d1:29:11:6b:64:e0:73:e4:10:79:
80:4a:a6:b7:d7:a4:e6:4c:80:45:6c:4a:32:df:6a:28:27:81:
d7:80:1f:b1:0d:af:de:8d:12:11:28:66:a8:49:b9:60:5d:1a:
49:8c:d9:16:a2:23:30:da:18:e3:46:7e:c1:c4:92:5d:59:a3:
a5:d2:92:2c:ed:d8:68:52:e7:7e:2f:c1:9a:ab:50:66:6e:aa:
3f:03:ce:19:7d:79:04:6b:3d:de:25:85:59:26:36:8e:b7:0d:
a9:bc:82:ea:07:24:64:b3:3d:9d:8e:b5:ae:fa:b5:8b:9f:e7:
50:8e:2c:f0:1e:7f:de:34:f2:14:57:0e:ad:1c:3f:f1:7b:6e:
60:65:32:55:52:02:c0:0d:af:3a:19:92:85:b9:56:58:62:1d:
04:f3:cf:c3:52:29:3f:71:3f:be:a8:ec:62:85:22:40:17:2d:
01:51:a0:a2:7b:59:ed:9a:59:c8:82:91:d9:72:ce:c4:ae:ca:
36:b8:f2:2b:f5:f7:df:ca:b3:bf:3c:65:b8:a2:05:5d:67:9f:
dc:c1:bb:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSJp/alaYob3H47aWk3VBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmM4MWIzY2Q5ZDkzY2I4ZWFmYWFkMzJlYTg2MWJjNGVjZjgxZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/spN4ztDihfcznSX11lPN+PpxYW
1QoMPNZ2aIypqiYxnlCJ2jApYNZQpGFGt5ArV1C1GOKtjSW0AK0o04qwVrIMDiNq
zrt4DMIGMM+XBpcsD76lTWu4mdMKYOF3ztrEl24EyEJllv6C9P9qB0ODFCAvFMVy
yA26gkJpcZP9s7onFC6rxwmrbvt5LOzMooILCXJp4c200iiKbjlhZFbLmShNrwzb
cMfiVkjm8GbsdnbHi1XBvw1G4Ua9EHEBq5XrTT35kT4iqogjMDXTyIMgyP0uowJn
pfrBfP02gy26He00Z9S1w79WKj//zekGSJ0YMXzT8gKrAHNogPfSWYLT0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIvIGzzZ2Ty46vqtMuqGG8Ts+B3FMB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvaThnYlBOblpQTGpxLXEweTZvWWJ4T3o0SGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYAKg0lgAAD
BgQqDSWAEAMGAyoNJYCgMA0GCSqGSIb3DQEBCwUAA4IBAQBPVNfxX3hYRcJQVN6Y
auIy2XcV9g/ohjP8oYJJ4+r4VG/lu8xfon3laiXuqtEpEWtk4HPkEHmASqa316Tm
TIBFbEoy32ooJ4HXgB+xDa/ejRIRKGaoSblgXRpJjNkWoiMw2hjjRn7BxJJdWaOl
0pIs7dhoUud+L8Gaq1Bmbqo/A84ZfXkEaz3eJYVZJjaOtw2pvILqByRksz2djrWu
+rWLn+dQjizwHn/eNPIUVw6tHD/xe25gZTJVUgLADa86GZKFuVZYYh0E88/DUik/
cT++qOxihSJAFy0BUaCie1ntmlnIgpHZcs7Erso2uPIr9fffyrO/PGW4ogVdZ5/c
wbvQ
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:40:04 2024 by rpki-client on console-ams.rpki-client.org