Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ysIx_tvAliVe-cva5N5Bj0x375I.roa
File: ysIx_tvAliVe-cva5N5Bj0x375I.roa (raw, json)
Hash identifier: rNWXNMnQeaViTht4SlZwvxEiGQs04fGR6sKxF9ecWUc=
Subject key identifier: CA:C2:31:FE:DB:C0:96:25:5E:F9:CB:DA:E4:DE:41:8F:4C:77:EF:92
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018CCA2A561FF25ECB5C3E7DB9EB8A0DAEEB
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ysIx_tvAliVe-cva5N5Bj0x375I.roa
Signing time: Tue 02 Jan 2024 12:33:41 +0000
ROA not before: Tue 02 Jan 2024 12:33:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206946
IP address blocks: 2a06:e881:260a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:56:1f:f2:5e:cb:5c:3e:7d:b9:eb:8a:0d:ae:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 12:33:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cac231fedbc096255ef9cbdae4de418f4c77ef92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:92:6e:5e:db:35:66:b4:5c:74:ed:95:92:5c:
92:6f:66:5f:3d:16:73:53:4a:c2:8e:e9:e5:98:63:
38:8c:ab:5d:e8:05:13:64:94:9d:90:27:ae:34:ca:
5b:48:54:11:1c:45:92:c7:f1:d0:12:1a:b2:4f:60:
53:62:96:c8:0b:20:bd:2a:8f:20:1a:a9:8a:fd:a4:
6c:82:08:ae:a5:8c:cf:7e:e1:a3:e5:b6:30:90:64:
c9:6e:3b:8a:69:3b:11:1c:c7:b7:09:0b:a3:09:44:
b0:5a:cd:aa:6f:f8:55:49:9d:e4:5a:62:57:cd:ee:
1c:ed:8a:a5:bd:dc:59:42:f2:9b:5b:a7:b2:39:da:
bf:25:cb:85:18:b5:5b:e2:13:67:74:36:18:ce:03:
91:ea:18:49:10:2f:e7:ad:01:b9:86:5a:ae:d4:61:
1a:a9:6a:be:0b:67:61:a1:f9:37:fb:1e:d0:0f:87:
98:aa:d7:6a:66:b9:54:da:41:da:7d:e4:d4:a8:f9:
e7:a4:d8:31:97:4d:bc:0f:d1:59:12:d5:a0:86:2b:
03:9b:9f:da:d5:32:d9:ce:ad:75:52:98:1b:98:f1:
17:dc:65:04:41:28:34:23:41:28:77:b2:b1:b5:8f:
78:d8:51:6c:43:52:2c:0a:d3:e6:2e:37:bb:ad:3d:
b7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C2:31:FE:DB:C0:96:25:5E:F9:CB:DA:E4:DE:41:8F:4C:77:EF:92
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ysIx_tvAliVe-cva5N5Bj0x375I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:260a::/48
Signature Algorithm: sha256WithRSAEncryption
00:5b:85:6e:7e:61:8a:28:5d:59:57:22:6a:03:2a:6a:9c:9e:
93:9d:4b:cb:c6:4a:de:32:b7:00:c2:04:8b:e9:e2:37:6c:6d:
a1:80:48:c9:91:fa:d9:dd:d3:31:82:8c:58:c1:22:1b:1e:56:
1e:fd:64:40:57:75:50:3d:12:11:c7:72:67:7f:a6:88:7d:b0:
7d:49:b5:16:e0:cb:f0:ca:c9:01:e9:88:32:2a:43:d4:3a:61:
3c:e6:f0:e5:e2:25:e8:cd:cf:57:94:72:a4:55:af:f9:12:87:
ae:08:24:95:49:4c:d2:cf:cb:6e:b2:e5:be:6f:da:0c:8f:a3:
52:50:bd:a6:ea:7e:f1:17:f3:b0:fe:8d:1c:72:f9:51:51:bf:
51:8e:cc:51:98:b0:07:57:f1:da:40:0d:9d:79:45:ab:6b:64:
99:ca:4a:ce:ed:69:09:09:02:c0:c2:98:59:10:ab:c7:1b:f3:
75:2e:33:cb:3c:c0:b2:4a:6f:cb:1e:23:18:8a:a4:10:e3:68:
cd:65:df:f6:a6:97:33:97:a4:6a:9e:cd:2d:ee:20:25:d4:19:
1c:d2:aa:85:05:ce:03:f6:5b:33:7b:87:bb:ac:a4:73:f2:69:
a4:2b:0b:ae:fe:a1:97:85:99:ca:31:53:6b:5d:4e:95:97:7c:
1c:67:81:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKlYf8l7LXD59ueuKDa7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwMTAyMTIzMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMyMzFmZWRiYzA5NjI1NWVmOWNiZGFlNGRlNDE4ZjRjNzdlZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5JuXts1ZrRcdO2VklySb2ZfPRZz
U0rCjunlmGM4jKtd6AUTZJSdkCeuNMpbSFQRHEWSx/HQEhqyT2BTYpbICyC9Ko8g
GqmK/aRsggiupYzPfuGj5bYwkGTJbjuKaTsRHMe3CQujCUSwWs2qb/hVSZ3kWmJX
ze4c7YqlvdxZQvKbW6eyOdq/JcuFGLVb4hNndDYYzgOR6hhJEC/nrQG5hlqu1GEa
qWq+C2dhofk3+x7QD4eYqtdqZrlU2kHafeTUqPnnpNgxl028D9FZEtWghisDm5/a
1TLZzq11UpgbmPEX3GUEQSg0I0Eod7KxtY942FFsQ1IsCtPmLje7rT230QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMrCMf7bwJYlXvnL2uTeQY9Md++SMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEveXNJeF90dkFsaVZlLWN2YTVONUJqMHgzNzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbogSYK
MA0GCSqGSIb3DQEBCwUAA4IBAQAAW4VufmGKKF1ZVyJqAypqnJ6TnUvLxkreMrcA
wgSL6eI3bG2hgEjJkfrZ3dMxgoxYwSIbHlYe/WRAV3VQPRIRx3Jnf6aIfbB9SbUW
4MvwyskB6YgyKkPUOmE85vDl4iXozc9XlHKkVa/5EoeuCCSVSUzSz8tusuW+b9oM
j6NSUL2m6n7xF/Ow/o0ccvlRUb9RjsxRmLAHV/HaQA2deUWra2SZykrO7WkJCQLA
wphZEKvHG/N1LjPLPMCySm/LHiMYiqQQ42jNZd/2ppczl6Rqns0t7iAl1Bkc0qqF
Bc4D9lsze4e7rKRz8mmkKwuu/qGXhZnKMVNrXU6Vl3wcZ4Hf
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:58:37 2024 by rpki-client on console-fra.rpki-client.org