Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/kIZ1erz5p986ylf7cgLD7mxk1ZU.roa
File: kIZ1erz5p986ylf7cgLD7mxk1ZU.roa (raw, json)
Hash identifier: ZOerUl6U/1FgP65l2m3g5y2rTsFJdQFxsu1SepDoYFM=
Subject key identifier: 90:86:75:7A:BC:F9:A7:DF:3A:CA:57:FB:72:02:C3:EE:6C:64:D5:95
Certificate issuer: /CN=63c1b9ffe98672bf62f487f47dafea30f5bef09c
Certificate serial: 018CC26D373FF9C8F63E6A11B61734A751F6
Authority key identifier: 63:C1:B9:FF:E9:86:72:BF:62:F4:87:F4:7D:AF:EA:30:F5:BE:F0:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/kIZ1erz5p986ylf7cgLD7mxk1ZU.roa
Signing time: Mon 01 Jan 2024 00:29:46 +0000
ROA not before: Mon 01 Jan 2024 00:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39702
IP address blocks: 2001:678:a9c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:37:3f:f9:c8:f6:3e:6a:11:b6:17:34:a7:51:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c1b9ffe98672bf62f487f47dafea30f5bef09c
Validity
Not Before: Jan 1 00:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9086757abcf9a7df3aca57fb7202c3ee6c64d595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1c:3a:90:21:e0:63:72:ca:b9:0b:b6:51:2e:
c8:09:a0:d5:af:48:52:0d:da:08:92:1a:f5:52:f6:
90:f4:4b:ba:74:0c:73:ee:d8:8f:b4:9d:2f:2d:c6:
4b:19:d3:f0:3e:d0:f0:71:42:21:6b:36:78:cf:37:
5b:22:14:fa:50:fb:27:55:10:21:1f:eb:22:66:f7:
0d:38:33:8d:03:fc:66:34:87:90:0d:98:42:6b:28:
a0:a0:a7:fc:f9:28:32:45:d5:5b:18:bd:ea:8b:1a:
92:c9:09:4b:66:9c:1c:af:05:c9:18:72:a6:79:fe:
8e:fe:c6:81:8a:8f:4d:68:26:6e:1f:92:66:a8:df:
18:00:33:d5:41:8b:91:f0:20:a5:89:69:43:7b:26:
be:d2:6e:29:41:c3:11:d5:a9:bf:84:be:12:c7:ed:
77:fd:9e:ed:9a:2c:47:d8:53:2b:ed:4f:52:1c:c0:
54:35:78:01:dd:7f:7a:ac:8d:04:c9:13:3d:cd:cb:
8a:6b:58:9b:20:f7:3f:68:0a:1d:78:9d:e6:69:84:
0a:32:55:cf:83:19:cc:2b:62:12:34:2f:2f:81:ba:
1b:b7:5c:13:0f:6b:da:40:06:1f:0e:fc:6c:2d:47:
38:d3:f4:e7:68:4c:07:76:5a:9b:8e:48:bc:83:e4:
5b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:86:75:7A:BC:F9:A7:DF:3A:CA:57:FB:72:02:C3:EE:6C:64:D5:95
X509v3 Authority Key Identifier:
keyid:63:C1:B9:FF:E9:86:72:BF:62:F4:87:F4:7D:AF:EA:30:F5:BE:F0:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/kIZ1erz5p986ylf7cgLD7mxk1ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/63e305-46e6-4363-8733-7d948dba5e3c/1/Y8G5_-mGcr9i9If0fa_qMPW-8Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:a9c::/48
Signature Algorithm: sha256WithRSAEncryption
1d:a6:33:00:97:3e:53:62:f6:6c:fc:d3:2c:9d:ed:da:2b:fb:
ca:ea:4a:74:cd:c8:60:68:27:d9:13:54:e2:d9:ba:68:3f:2d:
51:36:cd:ae:c5:dd:98:a2:6f:a2:69:9c:a0:bf:c4:20:9b:77:
80:4e:cc:9d:bf:88:d7:fa:cf:57:2d:d9:e4:e4:c1:5c:d4:45:
6d:86:9f:cc:84:7a:97:05:ab:34:18:83:76:85:b8:26:44:42:
3f:36:36:f4:69:41:9f:1a:6c:51:4c:cc:44:eb:4a:d8:b2:1e:
26:f5:12:e8:0c:76:8d:c7:6e:99:05:b0:91:8b:9a:43:a2:d6:
9c:e6:b7:cd:58:52:e8:28:28:03:01:68:29:a4:db:4b:2f:3b:
c8:a6:bb:d3:24:32:26:d1:2a:37:4a:6f:49:b3:33:58:93:f0:
76:08:98:55:94:12:0e:1d:81:57:7d:44:ca:25:16:af:2e:0b:
02:b4:66:02:a3:3d:0f:ec:c3:11:db:5c:e3:9d:6d:66:d5:97:
d3:3d:08:ac:2e:53:cc:50:27:e1:9a:ca:63:96:d3:bb:a1:cf:
77:12:15:76:f8:93:30:c5:a1:f8:da:73:1e:a0:f1:ed:47:ad:
09:3f:2e:af:28:b3:32:4f:86:3d:04:be:52:cb:16:48:5f:e6:
a8:f2:89:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbTc/+cj2PmoRthc0p1H2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzFiOWZmZTk4NjcyYmY2MmY0ODdmNDdkYWZlYTMwZjVi
ZWYwOWMwHhcNMjQwMTAxMDAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDg2NzU3YWJjZjlhN2RmM2FjYTU3ZmI3MjAyYzNlZTZjNjRkNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRw6kCHgY3LKuQu2US7ICaDVr0hS
DdoIkhr1UvaQ9Eu6dAxz7tiPtJ0vLcZLGdPwPtDwcUIhazZ4zzdbIhT6UPsnVRAh
H+siZvcNODONA/xmNIeQDZhCayigoKf8+SgyRdVbGL3qixqSyQlLZpwcrwXJGHKm
ef6O/saBio9NaCZuH5JmqN8YADPVQYuR8CCliWlDeya+0m4pQcMR1am/hL4Sx+13
/Z7tmixH2FMr7U9SHMBUNXgB3X96rI0EyRM9zcuKa1ibIPc/aAodeJ3maYQKMlXP
gxnMK2ISNC8vgbobt1wTD2vaQAYfDvxsLUc40/TnaEwHdlqbjki8g+RbXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJCGdXq8+affOspX+3ICw+5sZNWVMB8GA1UdIwQY
MBaAFGPBuf/phnK/YvSH9H2v6jD1vvCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThHNV8tbUdjcjlpOUlmMGZhX3FNUFctOEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82M2UzMDUtNDZlNi00MzYzLTg3MzMt
N2Q5NDhkYmE1ZTNjLzEva0laMWVyejVwOTg2eWxmN2NnTEQ3bXhrMVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82M2UzMDUtNDZlNi00MzYzLTg3MzMtN2Q5NDhkYmE1ZTNj
LzEvWThHNV8tbUdjcjlpOUlmMGZhX3FNUFctOEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqc
MA0GCSqGSIb3DQEBCwUAA4IBAQAdpjMAlz5TYvZs/NMsne3aK/vK6kp0zchgaCfZ
E1Ti2bpoPy1RNs2uxd2Yom+iaZygv8Qgm3eATsydv4jX+s9XLdnk5MFc1EVthp/M
hHqXBas0GIN2hbgmREI/Njb0aUGfGmxRTMxE60rYsh4m9RLoDHaNx26ZBbCRi5pD
otac5rfNWFLoKCgDAWgppNtLLzvIprvTJDIm0So3Sm9JszNYk/B2CJhVlBIOHYFX
fUTKJRavLgsCtGYCoz0P7MMR21zjnW1m1ZfTPQisLlPMUCfhmspjltO7oc93EhV2
+JMwxaH42nMeoPHtR60JPy6vKLMyT4Y9BL5SyxZIX+ao8okm
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:52:51 2024 by rpki-client on console-ams.rpki-client.org