Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/NYWmiaGl_h3OuWAWbxVYKEsyEgM.roa
File: NYWmiaGl_h3OuWAWbxVYKEsyEgM.roa (raw, json)
Hash identifier: b1r0llXY7NRbOUL/a9iE8kOHpuFlZ7+ZzzvSsfj5Qi8=
Subject key identifier: 35:85:A6:89:A1:A5:FE:1D:CE:B9:60:16:6F:15:58:28:4B:32:12:03
Certificate issuer: /CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Certificate serial: 018F2E004C25B0C21FAA888ED31F1A98B4FA
Authority key identifier: 4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/NYWmiaGl_h3OuWAWbxVYKEsyEgM.roa
Signing time: Tue 30 Apr 2024 07:55:22 +0000
ROA not before: Tue 30 Apr 2024 07:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203038
IP address blocks: 2a0d:bbc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:00:4c:25:b0:c2:1f:aa:88:8e:d3:1f:1a:98:b4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Validity
Not Before: Apr 30 07:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3585a689a1a5fe1dceb960166f1558284b321203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8b:50:ca:ef:e5:f3:5d:01:6c:35:de:14:3a:
ba:31:16:f0:9b:6c:e3:5e:b3:fb:45:12:87:2b:83:
73:58:a3:88:47:5a:e2:1d:13:f6:7d:21:56:47:93:
6e:c1:7c:a9:96:a6:b1:0f:88:dc:8d:e6:b4:57:54:
37:00:7d:44:78:ff:17:12:15:a9:76:07:09:45:9d:
dd:04:5d:0d:e2:5c:2c:9c:c8:9d:3d:94:c7:e9:88:
47:47:b4:7d:a8:99:84:6d:97:9b:b5:d1:bb:ba:ce:
ca:4c:f3:17:4d:67:59:69:31:cb:bf:be:a0:97:ce:
9c:d0:89:87:99:1c:0c:05:34:5d:dc:52:22:76:02:
f1:f5:dd:a9:11:0f:c7:fe:83:e9:83:41:bd:6e:e1:
df:d1:d1:38:58:e8:b6:48:7e:4c:e3:4b:68:1d:36:
7c:03:8c:d8:fd:40:f6:ed:40:ff:17:60:19:e2:03:
01:5a:25:e2:6c:a8:db:71:25:99:5b:80:ce:5e:3b:
a1:c7:38:c7:ec:4c:70:c9:f8:58:82:2e:92:7c:34:
06:fc:e2:08:a4:95:a0:f4:10:69:65:36:d5:06:9f:
88:0f:3d:95:2d:97:73:97:3e:5b:05:b5:8b:aa:a0:
82:fe:a9:62:04:9e:7b:1c:b8:e1:9d:c4:c8:05:aa:
74:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:85:A6:89:A1:A5:FE:1D:CE:B9:60:16:6F:15:58:28:4B:32:12:03
X509v3 Authority Key Identifier:
keyid:4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/NYWmiaGl_h3OuWAWbxVYKEsyEgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:bbc0::/29
Signature Algorithm: sha256WithRSAEncryption
36:96:3b:63:b1:7a:86:df:3c:c2:da:4e:f5:43:cd:ad:99:8d:
0d:9d:4c:6d:b6:e7:ea:b2:67:9d:6b:8d:b1:34:04:e7:87:82:
da:53:c4:e8:18:ef:82:ac:1a:af:15:8a:f3:f9:f8:d0:53:c5:
ef:2a:a6:b8:50:02:d0:96:2a:1f:b9:23:f0:a9:5f:9f:ff:4e:
df:89:fe:c3:8f:16:61:f0:e3:cd:29:ec:74:ff:68:e1:d7:57:
27:d4:e1:f3:e1:f3:b4:4d:5a:58:ef:19:3b:d4:39:76:c2:fb:
36:e9:ef:7d:7d:a4:35:00:7b:e7:42:10:c1:2b:f4:51:35:3c:
11:5a:8b:96:c2:6f:1a:4c:a8:52:6b:27:15:39:a5:88:db:71:
25:d7:1c:f6:b8:57:6b:84:46:75:37:73:38:38:1e:62:52:b2:
83:42:e3:d8:df:a7:10:55:a6:89:a2:71:83:75:8a:48:3d:69:
38:89:dc:5d:bd:6f:5b:1c:30:c8:4a:67:1f:20:f4:1e:c6:f1:
fc:3e:7c:e4:ad:40:b3:94:f3:58:95:e0:5a:00:78:5e:8f:98:
38:af:2d:2f:a3:da:0f:32:0d:87:c4:2e:cf:5c:08:82:35:5c:
61:27:f9:ba:f0:b0:f1:8c:05:6c:6f:f9:9c:50:ee:d9:ac:3c:
26:c6:f2:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8uAEwlsMIfqoiO0x8amLT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjgwODAyYzY1NzlhNGQ0YTEwNjA4ZGNmOTJlOWFjZTk5
MDViMTYwHhcNMjQwNDMwMDc1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTg1YTY4OWExYTVmZTFkY2ViOTYwMTY2ZjE1NTgyODRiMzIxMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvItQyu/l810BbDXeFDq6MRbwm2zj
XrP7RRKHK4NzWKOIR1riHRP2fSFWR5NuwXyplqaxD4jcjea0V1Q3AH1EeP8XEhWp
dgcJRZ3dBF0N4lwsnMidPZTH6YhHR7R9qJmEbZebtdG7us7KTPMXTWdZaTHLv76g
l86c0ImHmRwMBTRd3FIidgLx9d2pEQ/H/oPpg0G9buHf0dE4WOi2SH5M40toHTZ8
A4zY/UD27UD/F2AZ4gMBWiXibKjbcSWZW4DOXjuhxzjH7ExwyfhYgi6SfDQG/OII
pJWg9BBpZTbVBp+IDz2VLZdzlz5bBbWLqqCC/qliBJ57HLjhncTIBap0BwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDWFpomhpf4dzrlgFm8VWChLMhIDMB8GA1UdIwQY
MBaAFEz4CALGV5pNShBgjc+S6azpkFsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAt
OTFmNDlkOGQxMTVkLzEvTllXbWlhR2xfaDNPdVdBV2J4VllLRXN5RWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAtOTFmNDlkOGQxMTVk
LzEvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg27wDAN
BgkqhkiG9w0BAQsFAAOCAQEANpY7Y7F6ht88wtpO9UPNrZmNDZ1Mbbbn6rJnnWuN
sTQE54eC2lPE6BjvgqwarxWK8/n40FPF7yqmuFAC0JYqH7kj8Klfn/9O34n+w48W
YfDjzSnsdP9o4ddXJ9Th8+HztE1aWO8ZO9Q5dsL7NunvfX2kNQB750IQwSv0UTU8
EVqLlsJvGkyoUmsnFTmliNtxJdcc9rhXa4RGdTdzODgeYlKyg0Lj2N+nEFWmiaJx
g3WKSD1pOIncXb1vWxwwyEpnHyD0Hsbx/D585K1As5TzWJXgWgB4Xo+YOK8tL6Pa
DzINh8Quz1wIgjVcYSf5uvCw8YwFbG/5nFDu2aw8Jsby6w==
-----END CERTIFICATE-----
Generated at Wed Jun 26 05:13:00 2024 by rpki-client on console-ams.rpki-client.org