Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/yo8pD6FHNmi3TB1jsqlsf_PRdxI.roa
File: yo8pD6FHNmi3TB1jsqlsf_PRdxI.roa (raw, json)
Hash identifier: m3XV2y2IV94X1oNVUkfP89wDq7WBnAeCZpkHSBlpLxk=
Subject key identifier: CA:8F:29:0F:A1:47:36:68:B7:4C:1D:63:B2:A9:6C:7F:F3:D1:77:12
Certificate issuer: /CN=046acac713123856d4ae6c16054602684dfd07cb
Certificate serial: 01900BDC2278E024F268A409AAA4BA67943D
Authority key identifier: 04:6A:CA:C7:13:12:38:56:D4:AE:6C:16:05:46:02:68:4D:FD:07:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGrKxxMSOFbUrmwWBUYCaE39B8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/yo8pD6FHNmi3TB1jsqlsf_PRdxI.roa
Signing time: Wed 12 Jun 2024 09:51:34 +0000
ROA not before: Wed 12 Jun 2024 09:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214718
IP address blocks: 2a14:6440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/BGrKxxMSOFbUrmwWBUYCaE39B8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/BGrKxxMSOFbUrmwWBUYCaE39B8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGrKxxMSOFbUrmwWBUYCaE39B8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 12:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:dc:22:78:e0:24:f2:68:a4:09:aa:a4:ba:67:94:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046acac713123856d4ae6c16054602684dfd07cb
Validity
Not Before: Jun 12 09:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca8f290fa1473668b74c1d63b2a96c7ff3d17712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:43:84:84:b4:08:73:71:76:bd:9d:d2:0f:28:
ae:e5:98:ba:cb:ee:fa:f9:d4:c0:a6:6a:6a:64:c4:
9a:f5:f4:6d:7c:0f:9a:cb:bf:17:51:55:be:bf:f1:
0b:e1:48:3b:e1:ee:6c:9f:92:07:26:6e:2a:e5:6a:
63:fd:2a:d0:65:89:13:8e:87:ad:bc:f0:85:a3:d7:
0b:04:26:0c:c2:28:2e:b3:ce:fb:c1:ba:30:62:70:
6d:e8:88:91:1c:4f:35:b4:77:f6:ba:3b:a0:1b:8b:
19:88:cc:98:b2:1c:1c:12:e3:b9:9b:e1:14:91:82:
69:85:59:9a:76:fc:eb:64:f4:b8:99:e4:e5:bb:dd:
b1:56:31:b8:04:17:e2:a5:1b:86:54:aa:a8:97:5a:
a5:7b:a5:bd:00:5c:aa:42:08:17:04:5b:5a:23:23:
6c:c7:4f:4c:8c:a5:91:1a:0f:db:0b:39:5c:5f:94:
cb:1c:8e:ca:e1:f5:6c:85:ac:23:9b:40:85:2a:7c:
a9:21:4e:3f:d9:70:6b:f0:ec:17:dc:e0:c0:28:74:
19:57:42:31:26:62:be:12:07:fa:f8:c4:29:0a:da:
43:28:08:33:d8:9e:6c:fe:7c:c9:c9:fc:67:7e:01:
79:37:44:3a:76:7a:be:25:5e:62:a4:c5:cc:17:b2:
bf:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8F:29:0F:A1:47:36:68:B7:4C:1D:63:B2:A9:6C:7F:F3:D1:77:12
X509v3 Authority Key Identifier:
keyid:04:6A:CA:C7:13:12:38:56:D4:AE:6C:16:05:46:02:68:4D:FD:07:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGrKxxMSOFbUrmwWBUYCaE39B8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/yo8pD6FHNmi3TB1jsqlsf_PRdxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4186e4-a2a0-4bda-bc88-e6e928ce534f/1/BGrKxxMSOFbUrmwWBUYCaE39B8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6440::/32
Signature Algorithm: sha256WithRSAEncryption
6e:a4:95:6f:5f:e6:99:a4:51:f4:52:39:5a:eb:34:88:f5:61:
8e:ad:e3:fa:9a:20:19:3d:c2:60:c7:92:7d:c0:dd:e0:92:5a:
a0:85:cd:c8:c3:2b:ef:32:8d:22:1f:ac:46:a8:09:e0:12:e2:
a2:68:8f:89:53:ee:7b:12:26:e2:a6:e6:ff:7a:b8:ed:79:8a:
c8:99:61:30:ce:f3:f9:90:c5:88:63:66:a5:e8:47:b5:32:e4:
17:05:c7:0e:da:4b:e4:12:d2:8c:4d:67:21:f1:c9:e2:12:ec:
2c:b9:f0:a2:c0:51:1a:fd:15:bf:68:5e:f0:7b:0a:25:50:7f:
99:76:8b:1a:7a:06:59:cb:e0:f2:55:90:4f:48:9e:c0:1a:43:
1a:89:3b:4d:5c:6e:fd:09:c4:ba:c8:1a:93:81:ef:0a:be:fc:
c2:7d:ee:11:a5:19:eb:4c:55:24:b0:f5:ac:d3:51:ac:56:50:
ff:97:2a:46:65:ff:5b:40:40:c0:db:a4:0b:43:7e:c7:be:5c:
19:91:d8:31:4e:46:36:1f:b9:c3:51:89:8e:2f:4e:9b:74:73:
ec:1e:a9:a6:87:04:b2:30:1b:91:56:54:0d:eb:5b:56:42:6b:
f1:d3:1c:2a:35:b3:bd:02:50:ee:2e:1c:f9:39:2b:0b:1a:02:
31:76:24:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZAL3CJ44CTyaKQJqqS6Z5Q9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmFjYWM3MTMxMjM4NTZkNGFlNmMxNjA1NDYwMjY4NGRm
ZDA3Y2IwHhcNMjQwNjEyMDk1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYThmMjkwZmExNDczNjY4Yjc0YzFkNjNiMmE5NmM3ZmYzZDE3NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0OEhLQIc3F2vZ3SDyiu5Zi6y+76
+dTApmpqZMSa9fRtfA+ay78XUVW+v/EL4Ug74e5sn5IHJm4q5Wpj/SrQZYkTjoet
vPCFo9cLBCYMwigus877wbowYnBt6IiRHE81tHf2ujugG4sZiMyYshwcEuO5m+EU
kYJphVmadvzrZPS4meTlu92xVjG4BBfipRuGVKqol1qle6W9AFyqQggXBFtaIyNs
x09MjKWRGg/bCzlcX5TLHI7K4fVshawjm0CFKnypIU4/2XBr8OwX3ODAKHQZV0Ix
JmK+Egf6+MQpCtpDKAgz2J5s/nzJyfxnfgF5N0Q6dnq+JV5ipMXMF7K/IwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMqPKQ+hRzZot0wdY7KpbH/z0XcSMB8GA1UdIwQY
MBaAFARqyscTEjhW1K5sFgVGAmhN/QfLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdyS3h4TVNPRmJVcm13V0JVWUNhRTM5QjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MTg2ZTQtYTJhMC00YmRhLWJjODgt
ZTZlOTI4Y2U1MzRmLzEveW84cEQ2RkhObWkzVEIxanNxbHNmX1BSZHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80MTg2ZTQtYTJhMC00YmRhLWJjODgtZTZlOTI4Y2U1MzRm
LzEvQkdyS3h4TVNPRmJVcm13V0JVWUNhRTM5QjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhRkQDAN
BgkqhkiG9w0BAQsFAAOCAQEAbqSVb1/mmaRR9FI5Wus0iPVhjq3j+pogGT3CYMeS
fcDd4JJaoIXNyMMr7zKNIh+sRqgJ4BLiomiPiVPuexIm4qbm/3q47XmKyJlhMM7z
+ZDFiGNmpehHtTLkFwXHDtpL5BLSjE1nIfHJ4hLsLLnwosBRGv0Vv2he8HsKJVB/
mXaLGnoGWcvg8lWQT0iewBpDGok7TVxu/QnEusgak4HvCr78wn3uEaUZ60xVJLD1
rNNRrFZQ/5cqRmX/W0BAwNukC0N+x75cGZHYMU5GNh+5w1GJji9Om3Rz7B6ppocE
sjAbkVZUDetbVkJr8dMcKjWzvQJQ7i4c+TkrCxoCMXYk7A==
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:16:10 2024 by rpki-client on console-ams.rpki-client.org