Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/bIaEW0_yfIAOdr1ZIWIVHpRuNU8.roa
File: bIaEW0_yfIAOdr1ZIWIVHpRuNU8.roa (raw, json)
Hash identifier: mHfEmXSjOkdPHijJSt6cnIdhwaZKo7aMio5VL8k7TdM=
Subject key identifier: 6C:86:84:5B:4F:F2:7C:80:0E:76:BD:59:21:62:15:1E:94:6E:35:4F
Certificate issuer: /CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Certificate serial: 018CC8DE60121F52720030F94B96BE96969F
Authority key identifier: 4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/bIaEW0_yfIAOdr1ZIWIVHpRuNU8.roa
Signing time: Tue 02 Jan 2024 06:31:05 +0000
ROA not before: Tue 02 Jan 2024 06:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212461
IP address blocks: 2a0b:6900:1ad::/48 maxlen: 48
2a0b:6903:1ad::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:60:12:1f:52:72:00:30:f9:4b:96:be:96:96:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Validity
Not Before: Jan 2 06:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c86845b4ff27c800e76bd592162151e946e354f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b1:40:7a:72:f7:3b:0d:a3:ba:f3:d8:eb:08:
21:7b:b7:d4:0c:af:43:09:00:45:db:4f:23:96:03:
38:25:7c:bd:95:33:41:86:88:cf:30:f0:1a:8b:ef:
92:39:3b:3f:fe:51:04:43:4e:58:54:56:24:73:98:
e9:ee:c5:d0:65:fe:16:fc:d3:88:5c:eb:7e:a7:b3:
37:d4:0a:40:99:1f:cf:19:7e:39:22:cf:af:4f:68:
21:3d:de:76:48:10:6d:90:b6:dc:68:d4:56:76:ad:
e2:68:b9:87:35:ad:f8:57:dc:0c:37:df:91:da:d2:
df:32:b2:9f:a9:ad:a0:a4:86:93:9f:e3:9b:27:1d:
b3:96:5b:71:84:09:e2:22:4f:76:ac:09:d6:a1:8c:
3e:e9:cc:1e:ea:04:a7:7f:12:5d:6d:22:96:9c:44:
8c:d1:b5:dc:a3:4a:1b:de:e2:29:e7:95:63:59:87:
b0:ce:54:f0:f1:df:32:61:1c:49:36:09:9e:71:6e:
d5:2f:35:78:b1:e3:23:c6:70:50:33:6d:07:90:9c:
0d:a7:54:e3:c5:8c:ea:2d:a9:5b:f9:45:11:6c:aa:
41:04:6d:73:06:33:e5:5e:30:a4:ed:4a:e2:29:8f:
b8:eb:33:e3:26:dd:3d:79:b7:9f:4c:8e:4f:27:e4:
41:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:86:84:5B:4F:F2:7C:80:0E:76:BD:59:21:62:15:1E:94:6E:35:4F
X509v3 Authority Key Identifier:
keyid:4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/bIaEW0_yfIAOdr1ZIWIVHpRuNU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6900:1ad::/48
2a0b:6903:1ad::/48
Signature Algorithm: sha256WithRSAEncryption
54:c6:bd:e5:da:ea:b3:1e:8c:2f:6b:f9:5c:98:7a:54:64:b2:
8e:e2:cb:17:c7:02:12:1e:dc:c7:c9:c2:0e:9d:53:35:17:85:
07:ad:0d:be:f2:46:3b:ea:e9:9b:2a:0b:78:30:ef:93:cc:37:
e7:87:44:77:da:48:20:d5:5c:1b:23:84:64:99:b6:7c:f6:77:
f9:71:38:12:dc:15:7b:fb:09:03:5a:3c:2a:8b:46:38:dc:df:
dd:6c:b2:c0:90:9d:7b:3e:40:56:00:54:29:21:6b:3f:b2:53:
c4:17:21:26:45:64:1f:9b:36:61:8f:0a:82:25:69:d4:fc:67:
5f:39:b2:8c:01:0b:b6:57:ad:91:ac:f8:79:29:b3:a9:7b:28:
42:f4:70:34:9c:93:e2:d4:fb:74:09:86:9c:5c:f3:22:60:56:
12:94:eb:1b:17:b8:ac:48:38:03:2c:05:7c:7a:fb:ca:84:bb:
e4:4b:71:c7:36:05:d9:08:8f:0c:50:53:8c:d6:89:09:64:3e:
a7:65:07:30:c3:19:80:ec:6d:ea:41:cd:e8:6d:59:a7:0c:b6:
91:87:d5:1c:4b:7a:1b:16:f2:de:58:0f:6e:9b:60:62:f9:29:
98:85:8a:fb:d3:87:9f:01:0f:41:ba:0e:d3:e1:d5:ed:a3:f8:
97:d8:6d:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3mASH1JyADD5S5a+lpafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWY2YWFlNmZiYTVjNjFhNjE3MzlhZmNhYjU1YTYyMjY2
ZTg5ZWUwHhcNMjQwMTAyMDYzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg2ODQ1YjRmZjI3YzgwMGU3NmJkNTkyMTYyMTUxZTk0NmUzNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLFAenL3Ow2juvPY6wghe7fUDK9D
CQBF208jlgM4JXy9lTNBhojPMPAai++SOTs//lEEQ05YVFYkc5jp7sXQZf4W/NOI
XOt+p7M31ApAmR/PGX45Is+vT2ghPd52SBBtkLbcaNRWdq3iaLmHNa34V9wMN9+R
2tLfMrKfqa2gpIaTn+ObJx2zlltxhAniIk92rAnWoYw+6cwe6gSnfxJdbSKWnESM
0bXco0ob3uIp55VjWYewzlTw8d8yYRxJNgmecW7VLzV4seMjxnBQM20HkJwNp1Tj
xYzqLalb+UURbKpBBG1zBjPlXjCk7UriKY+46zPjJt09ebefTI5PJ+RBHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGyGhFtP8nyADna9WSFiFR6UbjVPMB8GA1UdIwQY
MBaAFE7vaq5vulxhphc5r8q1WmImbonuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYt
YzM3NzkwZTZkNDgyLzEvYklhRVcwX3lmSUFPZHIxWklXSVZIcFJ1TlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYtYzM3NzkwZTZkNDgy
LzEvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgtpAAGt
AwcAKgtpAwGtMA0GCSqGSIb3DQEBCwUAA4IBAQBUxr3l2uqzHowva/lcmHpUZLKO
4ssXxwISHtzHycIOnVM1F4UHrQ2+8kY76umbKgt4MO+TzDfnh0R32kgg1VwbI4Rk
mbZ89nf5cTgS3BV7+wkDWjwqi0Y43N/dbLLAkJ17PkBWAFQpIWs/slPEFyEmRWQf
mzZhjwqCJWnU/GdfObKMAQu2V62RrPh5KbOpeyhC9HA0nJPi1Pt0CYacXPMiYFYS
lOsbF7isSDgDLAV8evvKhLvkS3HHNgXZCI8MUFOM1okJZD6nZQcwwxmA7G3qQc3o
bVmnDLaRh9UcS3obFvLeWA9um2Bi+SmYhYr704efAQ9Bug7T4dXto/iX2G1m
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:41 2024 by rpki-client on console-ams.rpki-client.org