Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/uEkq7oeIIHvOTSH_sqXxqyt4bM4.roa
File: uEkq7oeIIHvOTSH_sqXxqyt4bM4.roa (raw, json)
Hash identifier: xv56lLwgDgfFZKqIE8KDMM6r28GVlObB7r8Nz5wkLuU=
Subject key identifier: B8:49:2A:EE:87:88:20:7B:CE:4D:21:FF:B2:A5:F1:AB:2B:78:6C:CE
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 018F4EDE83E8B3441EFE08B027D314126F91
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/uEkq7oeIIHvOTSH_sqXxqyt4bM4.roa
Signing time: Mon 06 May 2024 17:05:56 +0000
ROA not before: Mon 06 May 2024 17:05:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1764
IP address blocks: 2001:678:c1c::/48 maxlen: 48
2a01:190::/29 maxlen: 32
2a03:e600::/29 maxlen: 32
2a04:9300::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:de:83:e8:b3:44:1e:fe:08:b0:27:d3:14:12:6f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: May 6 17:05:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8492aee8788207bce4d21ffb2a5f1ab2b786cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:33:95:38:b5:73:f3:dd:86:0d:e4:2b:ac:5a:
60:d8:07:3a:bc:7c:ec:a0:c0:68:1a:95:6e:6a:3e:
fc:ad:90:a8:42:47:46:71:fc:00:e1:27:5a:c9:13:
f4:ae:3e:e7:8f:fa:7d:b3:9a:ce:3e:f3:ac:88:f6:
66:68:58:5e:24:17:f9:e5:e1:f0:e4:b2:dd:68:35:
5a:29:f5:e5:93:25:ba:90:ac:f1:e7:58:83:e1:82:
2c:f8:88:e1:4c:05:e6:da:b4:2e:24:de:d3:ea:db:
42:39:f9:a1:a8:45:66:34:45:aa:9b:3e:1c:ef:bd:
ed:c3:42:b6:a5:64:e5:8c:41:6e:96:34:59:4b:e6:
ab:6a:76:72:a0:e1:1f:a9:bd:9f:d3:09:dc:6d:9e:
9b:f7:63:a5:df:5c:38:0b:a6:96:c9:df:56:d6:db:
e5:a6:69:25:4e:d3:d1:82:0a:f0:ce:56:d1:a7:4f:
45:99:1e:62:46:bd:8c:da:b6:d4:93:41:3f:7d:89:
2b:80:7f:be:6d:90:85:ec:e5:24:39:43:09:82:a7:
d8:a7:ac:4d:98:6b:c3:51:89:63:f4:91:d0:90:ff:
ff:c2:41:f1:b7:8a:42:d7:95:52:a0:53:53:fb:0c:
ed:d5:d2:df:e1:ca:3f:3c:f5:30:ce:87:1c:96:93:
52:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:49:2A:EE:87:88:20:7B:CE:4D:21:FF:B2:A5:F1:AB:2B:78:6C:CE
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/uEkq7oeIIHvOTSH_sqXxqyt4bM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c1c::/48
2a01:190::/29
2a03:e600::/29
2a04:9300::/29
Signature Algorithm: sha256WithRSAEncryption
11:72:d2:1a:4c:a6:f3:e2:2b:58:45:62:0d:b7:e3:89:be:b4:
3f:ad:4d:ad:84:f2:53:6d:15:71:14:6b:58:4c:3b:b3:ea:cc:
73:5f:ee:54:0a:7f:be:39:40:a1:93:ea:ed:60:68:1a:cd:52:
43:9e:af:71:15:26:2e:08:8c:ac:fe:8c:1a:db:27:7c:69:14:
f1:3f:b6:75:d2:c1:ba:76:b7:d1:14:fc:8a:fb:9a:a1:85:7d:
41:b8:0f:3e:75:09:05:3f:9e:33:75:50:10:a1:c9:68:87:81:
ba:e3:c9:13:3d:8e:4f:06:9a:e9:44:94:3b:40:b8:dd:2c:f0:
0b:0f:0b:05:6b:d3:b6:a7:cd:e5:95:d7:a3:ac:07:8e:d5:bc:
76:17:4d:82:10:38:cf:63:06:1a:9e:79:04:44:23:85:77:a5:
3b:46:a2:d0:20:05:18:a8:bc:e2:e0:92:73:33:cf:d5:37:e7:
12:1d:c7:bf:c3:09:07:5b:93:aa:fd:b8:1f:a9:cf:03:d2:8b:
7f:81:da:c7:a8:d9:56:77:c0:52:a0:69:1a:6b:52:8b:bd:57:
a0:b2:fc:a1:64:cc:6b:52:63:fd:50:9f:2e:ea:d5:1c:75:71:
26:66:f4:74:12:75:d5:29:66:02:b4:61:c4:c9:6d:96:43:01:
a5:0f:a4:d6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY9O3oPos0Qe/giwJ9MUEm+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjQwNTA2MTcwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQ5MmFlZTg3ODgyMDdiY2U0ZDIxZmZiMmE1ZjFhYjJiNzg2Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DOVOLVz892GDeQrrFpg2Ac6vHzs
oMBoGpVuaj78rZCoQkdGcfwA4SdayRP0rj7nj/p9s5rOPvOsiPZmaFheJBf55eHw
5LLdaDVaKfXlkyW6kKzx51iD4YIs+IjhTAXm2rQuJN7T6ttCOfmhqEVmNEWqmz4c
773tw0K2pWTljEFuljRZS+aranZyoOEfqb2f0wncbZ6b92Ol31w4C6aWyd9W1tvl
pmklTtPRggrwzlbRp09FmR5iRr2M2rbUk0E/fYkrgH++bZCF7OUkOUMJgqfYp6xN
mGvDUYlj9JHQkP//wkHxt4pC15VSoFNT+wzt1dLf4co/PPUwzocclpNSWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLhJKu6HiCB7zk0h/7Kl8asreGzOMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvdUVrcTdvZUlJSHZPVFNIX3NxWHhxeXQ0Yk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwcAIAEGeAwc
AwUDKgEBkAMFAyoD5gADBQMqBJMAMA0GCSqGSIb3DQEBCwUAA4IBAQARctIaTKbz
4itYRWINt+OJvrQ/rU2thPJTbRVxFGtYTDuz6sxzX+5UCn++OUChk+rtYGgazVJD
nq9xFSYuCIys/owa2yd8aRTxP7Z10sG6drfRFPyK+5qhhX1BuA8+dQkFP54zdVAQ
ocloh4G648kTPY5PBprpRJQ7QLjdLPALDwsFa9O2p83lldejrAeO1bx2F02CEDjP
YwYannkERCOFd6U7RqLQIAUYqLzi4JJzM8/VN+cSHce/wwkHW5Oq/bgfqc8D0ot/
gdrHqNlWd8BSoGkaa1KLvVegsvyhZMxrUmP9UJ8u6tUcdXEmZvR0EnXVKWYCtGHE
yW2WQwGlD6TW
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:13 2024 by rpki-client on console-fra.rpki-client.org