Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/yDHqNCjSNB3MVM1te3BWg41HdP0.roa
File: yDHqNCjSNB3MVM1te3BWg41HdP0.roa (raw, json)
Hash identifier: KYYI+B8a1LdkApMMq4JmzlRypfTsL6Hwyq+pCB+X3j4=
Subject key identifier: C8:31:EA:34:28:D2:34:1D:CC:54:CD:6D:7B:70:56:83:8D:47:74:FD
Certificate issuer: /CN=9d6b9774c94876c98321de3201b11b75a1358d19
Certificate serial: 01928AFB3FD726AF492493F6996F18932077
Authority key identifier: 9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/yDHqNCjSNB3MVM1te3BWg41HdP0.roa
Signing time: Mon 14 Oct 2024 12:22:54 +0000
ROA not before: Mon 14 Oct 2024 12:22:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214402
IP address blocks: 2a0d:8140:5fff::/48 maxlen: 48
2a0d:8140:6fff::/48 maxlen: 48
2a0d:8140:7000::/48 maxlen: 48
2a0d:8140:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:fb:3f:d7:26:af:49:24:93:f6:99:6f:18:93:20:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6b9774c94876c98321de3201b11b75a1358d19
Validity
Not Before: Oct 14 12:22:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c831ea3428d2341dcc54cd6d7b7056838d4774fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:50:c6:2e:c4:99:a5:5a:76:47:1f:cf:c3:17:
58:07:48:e4:f0:f9:d2:1b:0f:90:db:9c:a6:23:32:
e7:7e:b9:13:b2:e8:e3:a5:d6:50:a1:e8:fe:41:2b:
aa:43:7d:12:a5:3a:f5:d2:72:dd:6d:c5:b6:f9:2f:
93:0f:7c:aa:f4:33:e2:cf:44:1a:71:f3:61:52:ec:
21:81:6f:b1:12:41:a6:a4:f1:10:0d:fa:e5:f3:18:
38:9b:48:ec:09:8e:65:51:0f:fc:b0:28:26:1d:9c:
6d:5d:93:ba:45:0d:05:62:90:0e:8e:09:9c:cc:92:
b3:22:dd:44:53:e4:96:f1:2b:83:41:44:28:bc:ac:
3a:f8:cc:8a:19:99:b2:59:99:ff:fe:7a:94:9a:bf:
68:23:90:9f:8f:df:e1:7b:af:4e:f1:47:59:86:c8:
de:f7:45:4d:a7:f5:d1:20:1a:52:1a:3b:23:66:52:
6d:e5:00:85:dd:89:ce:96:42:f3:48:c4:35:6c:28:
b3:3d:58:1a:c5:b2:94:f7:fa:56:14:4f:00:59:c0:
48:64:2a:71:24:48:7a:31:64:ae:d3:c5:2c:f1:b4:
e7:8f:1c:24:92:b7:1f:16:b7:ab:19:c8:9d:1a:5b:
02:ab:26:14:a5:f9:7d:ce:20:a6:ec:da:ef:e4:fe:
0d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:31:EA:34:28:D2:34:1D:CC:54:CD:6D:7B:70:56:83:8D:47:74:FD
X509v3 Authority Key Identifier:
keyid:9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/yDHqNCjSNB3MVM1te3BWg41HdP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8140:5fff::/48
2a0d:8140:6fff::-2a0d:8140:7000:ffff:ffff:ffff:ffff:ffff
2a0d:8140:8000::/48
Signature Algorithm: sha256WithRSAEncryption
36:1c:ec:2e:ae:72:2f:b2:03:42:b1:64:a8:9d:15:a1:5a:89:
13:9d:fc:9c:81:e9:7b:6d:bf:49:9c:cf:e3:ef:2c:bc:30:67:
0a:d9:19:7c:00:9e:39:e7:f9:5f:18:42:df:df:dc:b4:ff:db:
8a:e1:af:42:87:9f:2e:3c:66:d0:05:72:7a:7f:3c:72:b2:37:
54:6d:02:5b:fa:ec:20:a3:05:97:4b:35:40:a7:dc:81:7b:b9:
76:6b:c6:38:9e:0e:fc:22:2c:7f:b9:c1:ae:ed:c8:a9:3d:77:
2d:e6:93:fb:bd:b3:78:e6:b7:5f:f5:95:27:a4:8a:f2:7f:88:
df:6d:ff:68:8f:d1:0f:2b:fe:63:19:cc:e8:5e:43:43:8e:81:
a2:01:d9:80:94:01:38:9f:00:27:b8:e8:e8:79:21:9f:db:a4:
f0:39:4f:09:dd:b7:87:57:08:96:39:ee:22:b7:61:85:0e:ba:
37:fc:2f:9b:41:77:e5:a0:5a:33:e5:c5:27:4f:a2:f8:fe:10:
2a:1e:1d:80:84:62:e2:02:81:bc:62:f3:9c:48:9e:8a:3a:1a:
89:20:59:22:43:7f:5c:d4:36:73:96:7b:ce:04:11:29:4d:95:
0f:c1:b2:88:52:f6:58:af:de:fc:24:27:6b:bb:e8:07:2d:0b:
9e:58:c6:13
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZKK+z/XJq9JJJP2mW8YkyB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNmI5Nzc0Yzk0ODc2Yzk4MzIxZGUzMjAxYjExYjc1YTEz
NThkMTkwHhcNMjQxMDE0MTIyMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODMxZWEzNDI4ZDIzNDFkY2M1NGNkNmQ3YjcwNTY4MzhkNDc3NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVDGLsSZpVp2Rx/PwxdYB0jk8PnS
Gw+Q25ymIzLnfrkTsujjpdZQoej+QSuqQ30SpTr10nLdbcW2+S+TD3yq9DPiz0Qa
cfNhUuwhgW+xEkGmpPEQDfrl8xg4m0jsCY5lUQ/8sCgmHZxtXZO6RQ0FYpAOjgmc
zJKzIt1EU+SW8SuDQUQovKw6+MyKGZmyWZn//nqUmr9oI5Cfj9/he69O8UdZhsje
90VNp/XRIBpSGjsjZlJt5QCF3YnOlkLzSMQ1bCizPVgaxbKU9/pWFE8AWcBIZCpx
JEh6MWSu08Us8bTnjxwkkrcfFrerGcidGlsCqyYUpfl9ziCm7Nrv5P4NYwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMgx6jQo0jQdzFTNbXtwVoONR3T9MB8GA1UdIwQY
MBaAFJ1rl3TJSHbJgyHeMgGxG3WhNY0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5Njgt
YTU2YmRmYWRiODFlLzEveURIcU5DalNOQjNNVk0xdGUzQldnNDFIZFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5NjgtYTU2YmRmYWRiODFl
LzEvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg2BQF//
MBIDBwAqDYFAb/8DBwAqDYFAcAADBwAqDYFAgAAwDQYJKoZIhvcNAQELBQADggEB
ADYc7C6uci+yA0KxZKidFaFaiROd/JyB6Xttv0mcz+PvLLwwZwrZGXwAnjnn+V8Y
Qt/f3LT/24rhr0KHny48ZtAFcnp/PHKyN1RtAlv67CCjBZdLNUCn3IF7uXZrxjie
DvwiLH+5wa7tyKk9dy3mk/u9s3jmt1/1lSekivJ/iN9t/2iP0Q8r/mMZzOheQ0OO
gaIB2YCUATifACe46Oh5IZ/bpPA5Twndt4dXCJY57iK3YYUOujf8L5tBd+WgWjPl
xSdPovj+ECoeHYCEYuICgbxi85xInoo6GokgWSJDf1zUNnOWe84EESlNlQ/BsohS
9liv3vwkJ2u76ActC55YxhM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:08:59 2024 by rpki-client on console-ams.rpki-client.org