Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/Jk3Oi2w57jd9sVdzA_ECByInxdA.roa
File: Jk3Oi2w57jd9sVdzA_ECByInxdA.roa (raw, json)
Hash identifier: WceOPKX8btegh7uanX/p+QU3a96nlF+X+g67lLCWaGY=
Subject key identifier: 26:4D:CE:8B:6C:39:EE:37:7D:B1:57:73:03:F1:02:07:22:27:C5:D0
Certificate issuer: /CN=40f75d327761b90c0899638f430eb614c87c3106
Certificate serial: 018CC349657709DE606805D5A9C6FAA6C22C
Authority key identifier: 40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/Jk3Oi2w57jd9sVdzA_ECByInxdA.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2001:678:2cc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:65:77:09:de:60:68:05:d5:a9:c6:fa:a6:c2:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40f75d327761b90c0899638f430eb614c87c3106
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=264dce8b6c39ee377db1577303f102072227c5d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b6:b6:79:fc:63:52:2d:43:30:4b:66:a1:8e:
b1:ca:e9:1e:49:09:8a:56:26:ad:e6:e6:a8:40:b6:
9e:b4:8c:ca:95:27:92:29:09:be:a4:fd:ba:82:cf:
e3:32:c2:31:f8:74:e6:fe:ae:94:91:db:e6:b4:4b:
78:57:c8:45:af:11:98:75:a8:fd:2c:45:71:8f:e0:
e9:b4:6f:02:e4:1f:44:e4:59:4f:8b:10:77:15:c2:
1a:34:69:23:ea:83:0e:10:f8:49:b6:f7:5d:51:d4:
96:26:9d:e5:27:cd:cf:32:0d:73:21:e4:f6:a2:20:
5c:6f:68:d9:38:bc:d2:af:3e:9f:06:3e:36:25:43:
3b:1b:d9:4a:10:a4:6a:5b:20:7b:8a:0d:37:39:da:
dd:e7:d7:09:55:54:74:ad:b4:4a:28:18:a2:c0:63:
09:de:24:7a:1e:44:75:9e:db:f1:d5:95:31:e9:d6:
1c:a2:37:7f:d4:79:2f:6d:d7:42:0b:da:a7:10:8c:
39:d6:17:b7:07:66:1d:94:e9:95:9d:e7:b2:4f:f1:
48:3d:3f:8c:6c:33:0a:36:fa:9f:87:e3:51:b7:a2:
62:ca:f9:b6:2a:49:b7:c4:39:d7:2b:35:e9:5f:e6:
0c:a4:aa:89:13:9e:0d:fb:f6:6f:3b:43:2c:df:50:
a4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4D:CE:8B:6C:39:EE:37:7D:B1:57:73:03:F1:02:07:22:27:C5:D0
X509v3 Authority Key Identifier:
keyid:40:F7:5D:32:77:61:B9:0C:08:99:63:8F:43:0E:B6:14:C8:7C:31:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPddMndhuQwImWOPQw62FMh8MQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/Jk3Oi2w57jd9sVdzA_ECByInxdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6e5f4c-2eae-48a0-8550-29ac45e2ecff/1/QPddMndhuQwImWOPQw62FMh8MQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:2cc::/48
Signature Algorithm: sha256WithRSAEncryption
58:89:2c:da:26:dd:5c:32:47:4f:ea:29:37:77:31:52:f9:fb:
d9:57:6c:a5:3d:7e:5d:99:c9:9f:f7:16:7d:c9:9d:73:0c:d9:
76:01:16:fe:59:f2:38:26:39:d0:ab:10:86:8a:00:3d:4b:13:
b6:8b:45:af:31:a3:02:2b:c0:8e:22:86:21:fe:3a:56:20:40:
9f:ad:95:33:89:57:49:6e:f3:9b:31:54:11:d2:fa:7d:7d:cf:
12:51:1d:44:5e:58:0a:05:c2:85:bd:c9:70:b7:19:7d:d3:e2:
3e:9f:b8:76:8c:68:cb:cf:0a:43:39:67:a6:a9:56:06:c8:2e:
38:29:e1:63:a0:2f:18:a8:2e:12:f8:14:2b:5d:63:31:07:b3:
9f:cd:b8:13:93:62:9e:96:1b:da:23:4e:4a:67:f2:29:98:07:
db:7c:f6:39:0c:b6:ce:57:fe:c2:1a:1a:fe:37:bd:0d:5e:65:
8b:ae:20:0d:bb:cf:38:ff:61:db:ca:39:d8:76:5b:5f:d7:ad:
f7:9b:e3:4a:dc:11:cb:20:24:a4:9c:f2:b9:37:c9:df:a8:c1:
1c:38:8f:84:69:db:1e:5a:df:bf:24:11:78:3d:02:81:3b:d7:
e1:9e:c6:c9:47:f3:ba:5d:43:4a:69:e5:fc:b8:1e:90:22:47:
39:b2:2c:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSWV3Cd5gaAXVqcb6psIsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZjc1ZDMyNzc2MWI5MGMwODk5NjM4ZjQzMGViNjE0Yzg3
YzMxMDYwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjRkY2U4YjZjMzllZTM3N2RiMTU3NzMwM2YxMDIwNzIyMjdjNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ba2efxjUi1DMEtmoY6xyukeSQmK
Viat5uaoQLaetIzKlSeSKQm+pP26gs/jMsIx+HTm/q6UkdvmtEt4V8hFrxGYdaj9
LEVxj+DptG8C5B9E5FlPixB3FcIaNGkj6oMOEPhJtvddUdSWJp3lJ83PMg1zIeT2
oiBcb2jZOLzSrz6fBj42JUM7G9lKEKRqWyB7ig03Odrd59cJVVR0rbRKKBiiwGMJ
3iR6HkR1ntvx1ZUx6dYcojd/1HkvbddCC9qnEIw51he3B2YdlOmVneeyT/FIPT+M
bDMKNvqfh+NRt6Jiyvm2Kkm3xDnXKzXpX+YMpKqJE54N+/ZvO0Ms31Ck/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCZNzotsOe43fbFXcwPxAgciJ8XQMB8GA1UdIwQY
MBaAFED3XTJ3YbkMCJljj0MOthTIfDEGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVBkZE1uZGh1UXdJbVdPUFF3NjJGTWg4TVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS82ZTVmNGMtMmVhZS00OGEwLTg1NTAt
MjlhYzQ1ZTJlY2ZmLzEvSmszT2kydzU3amQ5c1ZkekFfRUNCeUlueGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS82ZTVmNGMtMmVhZS00OGEwLTg1NTAtMjlhYzQ1ZTJlY2Zm
LzEvUVBkZE1uZGh1UXdJbVdPUFF3NjJGTWg4TVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeALM
MA0GCSqGSIb3DQEBCwUAA4IBAQBYiSzaJt1cMkdP6ik3dzFS+fvZV2ylPX5dmcmf
9xZ9yZ1zDNl2ARb+WfI4JjnQqxCGigA9SxO2i0WvMaMCK8COIoYh/jpWIECfrZUz
iVdJbvObMVQR0vp9fc8SUR1EXlgKBcKFvclwtxl90+I+n7h2jGjLzwpDOWemqVYG
yC44KeFjoC8YqC4S+BQrXWMxB7OfzbgTk2KelhvaI05KZ/IpmAfbfPY5DLbOV/7C
Ghr+N70NXmWLriANu884/2HbyjnYdltf1633m+NK3BHLICSknPK5N8nfqMEcOI+E
adseWt+/JBF4PQKBO9fhnsbJR/O6XUNKaeX8uB6QIkc5sixs
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:15:59 2024 by rpki-client on console-ams.rpki-client.org