Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6qFCO91EhpgDf23Vph1CnTJdVT8.roa
File: 6qFCO91EhpgDf23Vph1CnTJdVT8.roa (raw, json)
Hash identifier: kSNIn8CIa1emj/R0P8HEdK9sbX7ukdDz9vOT6asAtgk=
Subject key identifier: EA:A1:42:3B:DD:44:86:98:03:7F:6D:D5:A6:1D:42:9D:32:5D:55:3F
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D4283196BEC88F016B93AD6490632
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6qFCO91EhpgDf23Vph1CnTJdVT8.roa
Signing time: Mon 01 Jan 2024 00:29:49 +0000
ROA not before: Mon 01 Jan 2024 00:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211877
IP address blocks: 2a0e:aa07:e04b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:42:83:19:6b:ec:88:f0:16:b9:3a:d6:49:06:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eaa1423bdd448698037f6dd5a61d429d325d553f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7b:9e:71:5c:30:73:f7:60:a8:3a:5f:28:7a:
f6:e0:d2:73:4c:df:45:0a:33:6c:98:e1:36:a6:91:
3c:d7:87:f8:3c:77:53:fa:62:8f:8c:f5:b7:ae:2f:
ca:dd:e2:b6:a7:dc:4b:a9:60:11:29:c7:99:6f:69:
80:00:fc:b9:4f:ca:d9:9b:d0:5e:fa:8e:95:96:06:
58:22:78:52:73:e2:2c:b9:aa:24:a0:c1:a1:71:54:
74:f8:a7:14:96:d2:9d:57:9f:bc:8f:e2:55:c1:36:
2c:4a:0a:42:1d:3f:e4:df:ef:0c:49:6c:db:af:19:
6b:0f:50:22:11:f6:70:a7:eb:db:77:2e:1e:39:4f:
b1:be:2d:46:4d:49:99:d1:36:11:fe:0b:64:3d:dc:
20:7d:e2:f0:eb:6c:9c:6b:26:e3:cb:35:3f:b6:1c:
e9:40:2b:50:78:c4:51:81:ff:c5:bc:76:6e:8f:3a:
56:60:ea:da:63:ea:58:d9:ee:d1:80:b1:b9:60:08:
7e:ea:f4:bb:96:50:4a:fb:b0:46:06:f5:04:fc:b4:
52:00:8b:cb:ea:d6:bd:43:19:2a:6f:fe:91:ff:cd:
88:d5:a5:a7:98:e9:08:63:e6:54:c2:d0:8a:73:ea:
46:d6:ca:68:06:f4:c6:3b:f3:66:4c:cc:ad:da:9a:
53:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A1:42:3B:DD:44:86:98:03:7F:6D:D5:A6:1D:42:9D:32:5D:55:3F
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/6qFCO91EhpgDf23Vph1CnTJdVT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e04b::/48
Signature Algorithm: sha256WithRSAEncryption
19:41:f5:49:f5:ff:2a:21:68:b1:16:48:90:56:70:d6:41:ee:
1f:a5:27:10:45:31:b2:9e:7a:b4:30:94:af:d9:15:6a:d8:d1:
98:ac:c2:fb:18:75:11:10:7f:54:39:58:cb:bb:d5:ed:f3:c1:
be:64:53:a3:7f:a9:74:08:fa:c3:96:88:33:8e:d4:03:9a:5b:
1d:aa:7d:4e:26:62:8a:e2:d2:d3:ed:92:54:64:11:85:13:ce:
f3:f2:5c:be:4e:df:77:65:4b:95:cc:d6:58:f2:9a:80:ad:36:
12:47:61:f9:1c:9a:a6:f4:e5:4c:1d:f2:62:94:b3:19:00:c0:
20:dc:a7:45:d1:8d:ad:70:91:ba:20:eb:eb:35:99:33:12:ca:
3a:7c:a8:86:73:c7:6f:d3:ad:e5:46:9b:c3:e4:1e:be:7e:f5:
b0:69:ba:1a:eb:2c:78:36:9c:48:4f:dc:48:a0:37:86:fb:d9:
56:8e:b4:d5:e7:39:4c:b9:5d:c6:86:bd:85:96:9c:be:a3:eb:
74:98:1c:2b:5b:f2:a0:91:c0:43:a6:55:4a:35:69:87:fc:84:
73:07:db:83:45:53:8b:13:5f:da:21:95:88:23:b8:e3:65:b0:
b3:93:05:23:a3:dc:6a:5b:a7:36:d0:8d:fe:3e:84:b0:36:c8:
46:44:40:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbUKDGWvsiPAWuTrWSQYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWExNDIzYmRkNDQ4Njk4MDM3ZjZkZDVhNjFkNDI5ZDMyNWQ1NTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXuecVwwc/dgqDpfKHr24NJzTN9F
CjNsmOE2ppE814f4PHdT+mKPjPW3ri/K3eK2p9xLqWARKceZb2mAAPy5T8rZm9Be
+o6VlgZYInhSc+IsuaokoMGhcVR0+KcUltKdV5+8j+JVwTYsSgpCHT/k3+8MSWzb
rxlrD1AiEfZwp+vbdy4eOU+xvi1GTUmZ0TYR/gtkPdwgfeLw62ycaybjyzU/thzp
QCtQeMRRgf/FvHZujzpWYOraY+pY2e7RgLG5YAh+6vS7llBK+7BGBvUE/LRSAIvL
6ta9Qxkqb/6R/82I1aWnmOkIY+ZUwtCKc+pG1spoBvTGO/NmTMyt2ppTAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOqhQjvdRIaYA39t1aYdQp0yXVU/MB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvNnFGQ085MUVocGdEZjIzVnBoMUNuVEpkVlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BL
MA0GCSqGSIb3DQEBCwUAA4IBAQAZQfVJ9f8qIWixFkiQVnDWQe4fpScQRTGynnq0
MJSv2RVq2NGYrML7GHUREH9UOVjLu9Xt88G+ZFOjf6l0CPrDlogzjtQDmlsdqn1O
JmKK4tLT7ZJUZBGFE87z8ly+Tt93ZUuVzNZY8pqArTYSR2H5HJqm9OVMHfJilLMZ
AMAg3KdF0Y2tcJG6IOvrNZkzEso6fKiGc8dv063lRpvD5B6+fvWwaboa6yx4NpxI
T9xIoDeG+9lWjrTV5zlMuV3Ghr2Flpy+o+t0mBwrW/KgkcBDplVKNWmH/IRzB9uD
RVOLE1/aIZWII7jjZbCzkwUjo9xqW6c20I3+PoSwNshGREBv
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:39 2024 by rpki-client on console-fra.rpki-client.org