Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/KCt6vRaN193YobStHJwvIzkRKfc.roa
File: KCt6vRaN193YobStHJwvIzkRKfc.roa (raw, json)
Hash identifier: xVRPI+lcYUMaQrInbbM2+8sqMl1sir5/M7jWnYp4ucs=
Subject key identifier: 28:2B:7A:BD:16:8D:D7:DD:D8:A1:B4:AD:1C:9C:2F:23:39:11:29:F7
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 018CEDB88040B39F0782F53C5D8B70D9D66F
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/KCt6vRaN193YobStHJwvIzkRKfc.roa
Signing time: Tue 09 Jan 2024 10:15:40 +0000
ROA not before: Tue 09 Jan 2024 10:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a03:e186::/32 maxlen: 32
2a03:e184::/32 maxlen: 32
2a03:e183::/32 maxlen: 32
2a03:e187::/32 maxlen: 32
2a03:e182::/32 maxlen: 32
2a03:e185::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.mft
rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:b8:80:40:b3:9f:07:82:f5:3c:5d:8b:70:d9:d6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Jan 9 10:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=282b7abd168dd7ddd8a1b4ad1c9c2f23391129f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:31:47:ff:c7:4f:13:4d:30:5c:48:7a:73:cf:
64:ce:92:c5:06:43:7b:f8:62:03:2c:1e:f4:90:ab:
6c:8f:40:54:3d:09:e7:fc:da:f7:c1:4d:b9:9e:33:
4f:24:d4:38:0d:de:ff:e2:a3:7c:b0:9e:d8:c1:13:
30:9a:d2:8c:f5:9e:86:a5:e9:82:96:80:75:13:94:
42:7e:17:b0:7f:2a:f9:9e:94:de:46:36:9d:5d:d9:
12:d9:a7:3a:fe:dd:24:46:1d:dd:36:f7:04:a1:46:
61:36:6f:0e:c6:67:7a:86:39:ed:2e:2b:d6:f4:45:
e8:b9:8f:64:9b:71:3c:9f:8b:b2:df:2f:6e:02:48:
59:b5:92:d3:fd:3f:58:b9:69:52:0e:c1:26:14:77:
bd:ea:84:89:58:7a:3a:70:67:78:a1:b7:3a:dc:40:
2b:a4:d4:74:3e:5c:23:a3:9c:30:f1:e7:9a:2b:a1:
fe:f9:7e:cb:d8:68:21:1b:23:06:62:5b:5e:33:1c:
5b:3d:2b:4d:5a:57:d8:20:41:b1:77:17:78:a7:41:
5c:f7:ef:d2:89:d8:4c:ad:d9:a5:fc:a3:f7:1a:6b:
19:ae:2b:50:02:0d:be:bc:06:00:d2:3d:1e:27:21:
32:16:16:a4:0c:c9:4f:b0:ea:cb:01:4b:1e:04:ba:
54:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2B:7A:BD:16:8D:D7:DD:D8:A1:B4:AD:1C:9C:2F:23:39:11:29:F7
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/KCt6vRaN193YobStHJwvIzkRKfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e182::-2a03:e187:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
51:c6:61:f5:a0:88:2d:1b:73:d0:e0:7f:cd:4d:77:d0:61:dc:
00:52:53:6d:aa:af:83:7e:0c:4a:8b:9a:25:88:15:2e:72:6e:
bc:81:b8:57:ba:af:6e:e3:56:42:2f:6d:e0:2b:6d:3c:7c:0f:
8b:1a:50:0e:b8:2d:83:0c:29:33:fd:ac:c8:32:e2:d3:da:de:
f6:9b:d9:33:47:39:40:7e:a3:43:29:92:2d:02:73:ff:68:d2:
35:0b:65:20:cf:37:71:3c:6e:06:c5:ef:95:b9:61:bb:61:f8:
78:3d:cd:25:b9:5a:60:df:16:0c:b4:3f:ea:80:b9:f5:ef:62:
df:c2:f3:3c:a8:71:e7:2d:8e:8a:75:f9:48:c5:15:48:a0:8c:
7e:30:d0:81:bb:18:b0:ac:8e:07:66:eb:45:bd:34:69:a9:46:
fc:29:51:77:e6:87:54:c4:98:54:9e:b9:ec:ae:e9:f1:05:5d:
12:9f:2e:70:2c:19:d8:a4:e2:29:cf:a9:11:42:35:73:a1:c6:
09:06:32:a3:33:c9:7d:fd:3d:22:15:14:a3:b2:0b:1d:a5:19:
72:89:47:06:60:43:dc:2d:ed:d5:12:ae:0a:fc:eb:bf:54:6f:
f6:49:54:c9:b1:ef:d7:3a:f4:5b:98:97:9e:e6:a4:78:e0:97:
6f:67:bc:bb
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYztuIBAs58HgvU8XYtw2dZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjQwMTA5MTAxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODJiN2FiZDE2OGRkN2RkZDhhMWI0YWQxYzljMmYyMzM5MTEyOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozFH/8dPE00wXEh6c89kzpLFBkN7
+GIDLB70kKtsj0BUPQnn/Nr3wU25njNPJNQ4Dd7/4qN8sJ7YwRMwmtKM9Z6GpemC
loB1E5RCfhewfyr5npTeRjadXdkS2ac6/t0kRh3dNvcEoUZhNm8Oxmd6hjntLivW
9EXouY9km3E8n4uy3y9uAkhZtZLT/T9YuWlSDsEmFHe96oSJWHo6cGd4obc63EAr
pNR0Plwjo5ww8eeaK6H++X7L2GghGyMGYlteMxxbPStNWlfYIEGxdxd4p0Fc9+/S
idhMrdml/KP3GmsZritQAg2+vAYA0j0eJyEyFhakDMlPsOrLAUseBLpUTQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCgrer0Wjdfd2KG0rRycLyM5ESn3MB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvS0N0NnZSYU4xOTNZb2JTdEhKd3ZJemtSS2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQEqA+GC
AwUDKgPhgDANBgkqhkiG9w0BAQsFAAOCAQEAUcZh9aCILRtz0OB/zU130GHcAFJT
baqvg34MSouaJYgVLnJuvIG4V7qvbuNWQi9t4CttPHwPixpQDrgtgwwpM/2syDLi
09re9pvZM0c5QH6jQymSLQJz/2jSNQtlIM83cTxuBsXvlblhu2H4eD3NJblaYN8W
DLQ/6oC59e9i38LzPKhx5y2OinX5SMUVSKCMfjDQgbsYsKyOB2brRb00aalG/ClR
d+aHVMSYVJ657K7p8QVdEp8ucCwZ2KTiKc+pEUI1c6HGCQYyozPJff09IhUUo7IL
HaUZcolHBmBD3C3t1RKuCvzrv1Rv9klUybHv1zr0W5iXnuakeOCXb2e8uw==
-----END CERTIFICATE-----
Generated at Sat Apr 27 11:10:03 2024 by rpki-client on console-ams.rpki-client.org