Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/6a9ZLaPFmgE_5pPt4jTBTWcelzY.roa
File: 6a9ZLaPFmgE_5pPt4jTBTWcelzY.roa (raw, json)
Hash identifier: JFosxTJTo7vyE1BX9mwkRuidA5Py5o/ktUqggwEnv/s=
Subject key identifier: E9:AF:59:2D:A3:C5:9A:01:3F:E6:93:ED:E2:34:C1:4D:67:1E:97:36
Certificate issuer: /CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Certificate serial: 018CC8DF282009C2623C200499C4BB3F5FDF
Authority key identifier: A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/6a9ZLaPFmgE_5pPt4jTBTWcelzY.roa
Signing time: Tue 02 Jan 2024 06:31:57 +0000
ROA not before: Tue 02 Jan 2024 06:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a12:d8c6::/32 maxlen: 32
2a12:d8c4::/32 maxlen: 32
2a12:d8c3::/32 maxlen: 32
2a12:d8c7::/32 maxlen: 32
2a12:d8c2::/32 maxlen: 32
2a12:d8c5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 08:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:28:20:09:c2:62:3c:20:04:99:c4:bb:3f:5f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9f2fdea263b79fce11389052b0cd940995c6dfe
Validity
Not Before: Jan 2 06:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9af592da3c59a013fe693ede234c14d671e9736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:91:9b:24:0d:3c:02:dc:c5:6b:b2:2b:c2:19:
b2:b5:a8:4c:7b:e6:ac:c7:4b:a7:6a:2c:e7:4c:38:
f8:5f:3b:09:aa:5f:ef:0b:aa:d6:7d:f9:f2:ee:4b:
98:0d:f6:45:b8:64:e7:e5:6a:53:fd:e3:48:bc:36:
e8:8c:ba:16:38:df:c8:fa:5b:4d:91:0a:9c:88:95:
00:9e:dc:0b:08:a8:9f:19:aa:f9:7f:16:03:81:09:
ac:1e:1a:3d:e4:38:ea:b9:57:3d:b8:03:13:98:f0:
6e:fa:d5:a2:bc:64:ca:ba:95:6c:ea:0f:30:8a:53:
28:cf:5f:b4:a3:ba:52:cc:77:7f:44:d0:f2:0b:0f:
f4:e1:20:33:dd:f7:37:f7:ee:9e:5d:76:67:1f:03:
1c:34:18:c1:4d:ef:59:c9:0c:b1:7a:45:a2:91:23:
5b:a9:7b:5e:16:4d:c7:85:b7:ae:ff:cc:f2:e6:29:
6b:0d:ba:57:ba:38:74:20:40:5e:db:03:fb:44:25:
c2:e4:03:fa:9e:cf:19:00:fe:3a:d1:b6:f5:78:dc:
e0:f6:74:e1:17:8c:16:b9:70:2d:00:85:8d:ff:44:
de:91:81:7a:c6:62:38:43:7f:bf:f0:43:9e:ec:28:
42:19:54:6b:cb:1b:d2:98:3f:85:0e:99:57:c6:31:
aa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AF:59:2D:A3:C5:9A:01:3F:E6:93:ED:E2:34:C1:4D:67:1E:97:36
X509v3 Authority Key Identifier:
keyid:A9:F2:FD:EA:26:3B:79:FC:E1:13:89:05:2B:0C:D9:40:99:5C:6D:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfL96iY7efzhE4kFKwzZQJlcbf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/6a9ZLaPFmgE_5pPt4jTBTWcelzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/53ff62-c1ad-4244-b91a-f8affef112d8/1/qfL96iY7efzhE4kFKwzZQJlcbf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:d8c2::-2a12:d8c7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c8:b1:64:56:39:e5:b0:5f:2c:5f:98:e5:ac:9d:40:1a:0c:0d:
21:e8:26:e1:7e:bb:12:a3:ab:75:3c:34:7d:fa:76:a0:bd:3a:
21:e4:e6:83:98:40:c9:a8:ec:40:4d:e0:d4:76:76:cf:8c:ec:
e3:d0:29:bb:a5:db:65:6b:e1:a9:cc:e2:d6:27:e5:2c:9a:1c:
8d:62:5f:a5:a8:7d:ae:6a:e0:2f:96:09:73:c5:14:0e:d1:de:
17:5b:be:d2:4b:e2:cc:26:a6:42:94:92:df:ea:35:0d:51:4b:
cc:b1:a8:00:75:eb:6b:94:be:e2:9d:db:57:fd:da:c3:09:a5:
1c:9b:55:27:67:40:08:9e:5e:25:48:5f:dd:6b:06:8f:d1:15:
d3:9a:ca:ea:5d:12:22:ce:d6:cd:56:60:7a:f6:93:1f:f9:c8:
40:46:88:62:a8:23:14:9e:4f:ff:1f:bd:b0:88:13:0f:54:89:
ab:1f:ef:f9:6f:cf:f9:c6:5d:20:5e:c2:16:a8:f7:9b:e3:08:
6b:d4:09:5e:70:c7:d2:97:b9:14:e5:ed:38:1f:64:b3:3d:87:
41:93:d3:22:04:b4:bc:9c:72:ea:81:21:f0:69:8f:99:57:4a:
7a:7b:d3:b7:2c:20:3f:2f:0c:24:8a:a8:cf:39:cb:5d:ba:43:
11:32:bd:d7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzI3yggCcJiPCAEmcS7P1/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZjJmZGVhMjYzYjc5ZmNlMTEzODkwNTJiMGNkOTQwOTk1
YzZkZmUwHhcNMjQwMTAyMDYzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWFmNTkyZGEzYzU5YTAxM2ZlNjkzZWRlMjM0YzE0ZDY3MWU5NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpGbJA08AtzFa7IrwhmytahMe+as
x0unaiznTDj4XzsJql/vC6rWffny7kuYDfZFuGTn5WpT/eNIvDbojLoWON/I+ltN
kQqciJUAntwLCKifGar5fxYDgQmsHho95DjquVc9uAMTmPBu+tWivGTKupVs6g8w
ilMoz1+0o7pSzHd/RNDyCw/04SAz3fc39+6eXXZnHwMcNBjBTe9ZyQyxekWikSNb
qXteFk3Hhbeu/8zy5ilrDbpXujh0IEBe2wP7RCXC5AP6ns8ZAP460bb1eNzg9nTh
F4wWuXAtAIWN/0TekYF6xmI4Q3+/8EOe7ChCGVRryxvSmD+FDplXxjGqMwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFOmvWS2jxZoBP+aT7eI0wU1nHpc2MB8GA1UdIwQY
MBaAFKny/eomO3n84ROJBSsM2UCZXG3+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEt
ZjhhZmZlZjExMmQ4LzEvNmE5WkxhUEZtZ0VfNXBQdDRqVEJUV2NlbHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81M2ZmNjItYzFhZC00MjQ0LWI5MWEtZjhhZmZlZjExMmQ4
LzEvcWZMOTZpWTdlZnpoRTRrRkt3elpRSmxjYmY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQEqEtjC
AwUDKhLYwDANBgkqhkiG9w0BAQsFAAOCAQEAyLFkVjnlsF8sX5jlrJ1AGgwNIegm
4X67EqOrdTw0ffp2oL06IeTmg5hAyajsQE3g1HZ2z4zs49Apu6XbZWvhqczi1ifl
LJocjWJfpah9rmrgL5YJc8UUDtHeF1u+0kvizCamQpSS3+o1DVFLzLGoAHXra5S+
4p3bV/3awwmlHJtVJ2dACJ5eJUhf3WsGj9EV05rK6l0SIs7WzVZgevaTH/nIQEaI
YqgjFJ5P/x+9sIgTD1SJqx/v+W/P+cZdIF7CFqj3m+MIa9QJXnDH0pe5FOXtOB9k
sz2HQZPTIgS0vJxy6oEh8GmPmVdKenvTtywgPy8MJIqozznLXbpDETK91w==
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:45:42 2024 by rpki-client on console-ams.rpki-client.org