Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6UwqNAhAZRdxWuBXRvIkxqxlbF0.roa
File: 6UwqNAhAZRdxWuBXRvIkxqxlbF0.roa (raw, json)
Hash identifier: IDuiTq1QK9cy7q7UH+wg2HYHohtshsIhhApcyG4PujM=
Subject key identifier: E9:4C:2A:34:08:40:65:17:71:5A:E0:57:46:F2:24:C6:AC:65:6C:5D
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D29E091E71598A8F5AA56A8400AB5
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6UwqNAhAZRdxWuBXRvIkxqxlbF0.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198135
IP address blocks: 2a0e:aa07:e0d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 18:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:29:e0:91:e7:15:98:a8:f5:aa:56:a8:40:0a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e94c2a3408406517715ae05746f224c6ac656c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:03:70:09:59:a2:75:64:c0:a0:2f:65:f2:14:
8f:36:c7:66:78:c1:b4:fe:d9:4a:30:0e:f2:85:fc:
10:d6:f4:5e:a9:24:a5:2f:02:05:51:c8:a6:91:ae:
19:20:3a:de:7b:da:d1:a3:ad:28:5f:ea:2c:cb:88:
37:6f:bc:96:59:43:8f:da:66:ce:e5:54:51:0e:82:
cd:44:f6:9a:4b:2a:af:58:f5:b5:d2:f0:21:e5:74:
9b:bd:d3:35:42:66:0e:9e:3c:a6:eb:77:f1:e1:ac:
dd:8c:e5:03:4a:09:6b:75:52:73:41:71:9e:4c:aa:
4b:88:c5:46:09:33:18:2d:ab:11:88:72:81:7c:2f:
ae:7b:43:41:5a:6d:02:44:22:80:46:25:e0:be:ae:
8a:62:43:f8:f5:56:47:b9:b8:43:4b:89:46:99:11:
fa:2e:31:20:95:30:10:15:ad:a0:7a:7d:8b:8d:b8:
2e:95:11:e6:79:37:8c:cf:3b:20:ab:5e:98:30:7a:
51:81:5d:2e:44:71:c5:e4:51:8f:8e:a7:aa:bf:bd:
88:e2:6a:73:0e:79:df:55:3a:f6:33:38:ad:9a:a0:
19:79:ac:21:7c:c3:75:e2:60:d9:c1:f3:a5:6d:cf:
95:82:01:5b:c3:ae:93:a7:49:df:b7:27:c8:9d:d8:
d8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:4C:2A:34:08:40:65:17:71:5A:E0:57:46:F2:24:C6:AC:65:6C:5D
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6UwqNAhAZRdxWuBXRvIkxqxlbF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e0d0::/44
Signature Algorithm: sha256WithRSAEncryption
8b:4f:74:79:6a:4b:8a:74:f9:ff:f3:b7:48:dd:06:8a:b9:7f:
7c:f5:ef:54:37:7d:48:39:7e:88:13:f5:c1:40:13:b8:e3:83:
0d:f5:a0:e2:37:d9:62:33:70:e0:46:11:28:42:d3:74:35:0b:
85:17:6a:a8:0d:9a:48:97:e5:a9:c0:10:33:57:0a:d6:3a:82:
fc:c7:33:28:5b:fe:5f:5b:37:95:77:57:38:df:08:f8:5c:d4:
bc:66:fa:5f:6b:ac:b1:86:8b:be:dd:ab:ef:63:46:8e:90:70:
75:a4:1b:a6:a1:71:83:84:86:02:68:2e:da:fd:a9:67:e3:80:
33:1b:97:13:06:6e:da:7b:7a:e6:ce:7f:8b:cb:d3:43:80:5c:
2d:42:1c:4f:2d:6e:2f:85:b5:5d:5b:b2:f8:98:2a:68:1f:01:
08:8c:0b:c2:c0:b7:91:b7:69:ee:7f:43:6a:40:d5:27:cc:b8:
69:3f:d6:d9:92:20:31:f9:8c:21:44:f4:71:58:47:ba:5b:29:
4c:84:ef:5f:54:50:7c:62:e2:3d:0e:6a:1d:29:a6:aa:b0:bc:
f7:34:62:e5:1c:8b:be:2e:6b:c5:10:a5:f3:64:af:46:33:37:
60:35:09:34:78:80:7e:04:2f:90:02:b5:aa:e9:7d:5f:39:0a:
b7:96:b2:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbSngkecVmKj1qlaoQAq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTRjMmEzNDA4NDA2NTE3NzE1YWUwNTc0NmYyMjRjNmFjNjU2YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QNwCVmidWTAoC9l8hSPNsdmeMG0
/tlKMA7yhfwQ1vReqSSlLwIFUcimka4ZIDree9rRo60oX+osy4g3b7yWWUOP2mbO
5VRRDoLNRPaaSyqvWPW10vAh5XSbvdM1QmYOnjym63fx4azdjOUDSglrdVJzQXGe
TKpLiMVGCTMYLasRiHKBfC+ue0NBWm0CRCKARiXgvq6KYkP49VZHubhDS4lGmRH6
LjEglTAQFa2gen2LjbgulRHmeTeMzzsgq16YMHpRgV0uRHHF5FGPjqeqv72I4mpz
DnnfVTr2MzitmqAZeawhfMN14mDZwfOlbc+VggFbw66Tp0nftyfIndjYKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOlMKjQIQGUXcVrgV0byJMasZWxdMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvNlV3cU5BaEFaUmR4V3VCWFJ2SWt4cXhsYkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+DQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCLT3R5akuKdPn/87dI3QaKuX989e9UN31IOX6I
E/XBQBO444MN9aDiN9liM3DgRhEoQtN0NQuFF2qoDZpIl+WpwBAzVwrWOoL8xzMo
W/5fWzeVd1c43wj4XNS8Zvpfa6yxhou+3avvY0aOkHB1pBumoXGDhIYCaC7a/aln
44AzG5cTBm7ae3rmzn+Ly9NDgFwtQhxPLW4vhbVdW7L4mCpoHwEIjAvCwLeRt2nu
f0NqQNUnzLhpP9bZkiAx+YwhRPRxWEe6WylMhO9fVFB8YuI9DmodKaaqsLz3NGLl
HIu+LmvFEKXzZK9GMzdgNQk0eIB+BC+QArWq6X1fOQq3lrJI
-----END CERTIFICATE-----
Generated at Sat May 4 00:34:50 2024 by rpki-client on console-fra.rpki-client.org