Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/yN0U-yWGP1qqvZMViPHwnfDWkDs.roa
File: yN0U-yWGP1qqvZMViPHwnfDWkDs.roa (raw, json)
Hash identifier: U1nu8GwEN5FBkujWsx0hMur+gIVJVWVFqF4obEYaGss=
Subject key identifier: C8:DD:14:FB:25:86:3F:5A:AA:BD:93:15:88:F1:F0:9D:F0:D6:90:3B
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 0190487793D0E514B48C0320A8B0E8955F06
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/yN0U-yWGP1qqvZMViPHwnfDWkDs.roa
Signing time: Mon 24 Jun 2024 04:18:34 +0000
ROA not before: Mon 24 Jun 2024 04:18:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60262
IP address blocks: 2a04:ca80::/29 maxlen: 29
2a07:dd80::/29 maxlen: 29
2a09:8140::/29 maxlen: 29
2a0a:ca40::/29 maxlen: 29
2a0c:b140::/29 maxlen: 29
2a0c:b500::/29 maxlen: 29
2a11:2dc0::/29 maxlen: 29
2a11:4840::/29 maxlen: 29
2a11:4d00::/29 maxlen: 29
2a11:5a00::/29 maxlen: 29
2a11:5c00::/29 maxlen: 29
2a11:5e40::/29 maxlen: 29
2a11:76c0::/29 maxlen: 29
2a11:9f80::/29 maxlen: 29
2a11:a4c0::/29 maxlen: 29
2a11:a900::/29 maxlen: 29
2a11:bf40::/29 maxlen: 29
2a11:cf80::/29 maxlen: 29
2a11:fa00::/29 maxlen: 29
2a12:200::/29 maxlen: 29
2a12:3000::/29 maxlen: 29
2a12:4480::/29 maxlen: 29
2a12:7500::/29 maxlen: 29
2a12:a680::/29 maxlen: 29
2a12:e600::/29 maxlen: 29
2a12:f700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:48:77:93:d0:e5:14:b4:8c:03:20:a8:b0:e8:95:5f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jun 24 04:18:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8dd14fb25863f5aaabd931588f1f09df0d6903b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:56:7a:27:5c:a5:80:85:e8:b0:fe:96:2a:
ef:bf:73:b4:78:86:15:6e:a4:f6:6c:06:81:e3:9e:
00:46:39:1a:73:1b:99:19:fb:51:77:af:b8:40:60:
bc:23:8a:d1:e7:e6:cf:14:ea:0b:41:5e:ab:2c:2c:
86:fe:8b:ec:98:70:07:f7:ec:53:ef:61:07:fa:55:
5e:6d:65:8b:d9:e5:f0:1a:21:14:af:9d:e6:92:bc:
ff:10:5a:7c:c8:08:e7:1c:fb:e2:51:07:1b:20:25:
54:f1:c6:4a:97:df:60:39:47:d8:db:b6:75:20:0a:
e0:66:6c:e9:4e:b5:e0:e8:db:d0:d3:49:c1:eb:fb:
4f:91:36:bc:9e:f4:61:50:cf:7e:d5:f4:be:46:bb:
04:91:84:10:d3:ad:bf:46:4c:d8:bd:31:91:5b:bd:
dd:07:36:d8:94:6f:86:49:f4:90:0b:53:eb:ab:cd:
0b:ff:8d:cd:6b:9d:70:b5:11:85:fc:b5:4e:5c:6f:
bf:5e:95:8b:d5:cb:8a:6a:77:97:c5:d4:bd:86:1e:
2c:d5:5f:a1:11:28:0e:10:e1:d6:f7:39:31:ec:79:
52:30:69:33:f0:89:93:d0:4a:e5:47:e6:09:75:25:
dd:63:9f:5d:50:1c:da:b5:0b:c8:9a:61:56:e2:ff:
fd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DD:14:FB:25:86:3F:5A:AA:BD:93:15:88:F1:F0:9D:F0:D6:90:3B
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/yN0U-yWGP1qqvZMViPHwnfDWkDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ca80::/29
2a07:dd80::/29
2a09:8140::/29
2a0a:ca40::/29
2a0c:b140::/29
2a0c:b500::/29
2a11:2dc0::/29
2a11:4840::/29
2a11:4d00::/29
2a11:5a00::/29
2a11:5c00::/29
2a11:5e40::/29
2a11:76c0::/29
2a11:9f80::/29
2a11:a4c0::/29
2a11:a900::/29
2a11:bf40::/29
2a11:cf80::/29
2a11:fa00::/29
2a12:200::/29
2a12:3000::/29
2a12:4480::/29
2a12:7500::/29
2a12:a680::/29
2a12:e600::/29
2a12:f700::/29
Signature Algorithm: sha256WithRSAEncryption
8a:45:ef:fd:f6:9e:e6:16:53:5b:8c:3f:2b:6f:32:c3:89:04:
8f:39:a5:ef:ad:65:d4:56:80:c1:e0:37:a7:66:84:10:c2:d6:
92:db:51:f5:99:a2:48:19:b4:f1:bf:17:da:38:87:b4:79:25:
99:6a:ee:0d:e4:5b:ff:2e:f8:c5:3f:dd:fa:e0:cd:ac:17:8b:
a1:9c:9e:fd:7f:b5:15:86:63:81:86:bc:9f:69:76:89:1d:db:
9c:96:c9:6f:42:bd:4a:a9:12:29:e6:6a:02:01:e1:f7:1b:ee:
f0:c9:51:6f:80:77:bf:35:09:7a:0c:af:27:77:7e:65:27:79:
f0:78:98:55:a1:11:1a:b1:30:73:26:46:b5:d3:56:ff:74:43:
a4:c8:98:b0:33:b1:8b:04:0f:9a:4e:92:85:95:87:5d:cc:10:
9d:81:e1:e0:23:1e:9f:01:65:00:f0:80:f6:20:44:80:fd:66:
04:f2:78:b9:fd:6e:8e:f8:a0:a6:8a:2c:2e:51:a4:3c:66:36:
cd:89:c1:35:1f:22:23:4f:1e:d0:4a:af:9a:15:5c:f9:1b:fd:
1c:4b:ec:f8:be:ab:9a:f9:f8:69:23:f7:43:ca:4f:06:38:a8:
05:19:03:51:90:ca:5c:3b:96:b2:4a:bc:89:4b:ba:f2:19:f6:
ca:0b:39:13
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZBId5PQ5RS0jAMgqLDolV8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjQwNjI0MDQxODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRkMTRmYjI1ODYzZjVhYWFiZDkzMTU4OGYxZjA5ZGYwZDY5MDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwONWeidcpYCF6LD+lirvv3O0eIYV
bqT2bAaB454ARjkacxuZGftRd6+4QGC8I4rR5+bPFOoLQV6rLCyG/ovsmHAH9+xT
72EH+lVebWWL2eXwGiEUr53mkrz/EFp8yAjnHPviUQcbICVU8cZKl99gOUfY27Z1
IArgZmzpTrXg6NvQ00nB6/tPkTa8nvRhUM9+1fS+RrsEkYQQ062/RkzYvTGRW73d
BzbYlG+GSfSQC1Prq80L/43Na51wtRGF/LVOXG+/XpWL1cuKaneXxdS9hh4s1V+h
ESgOEOHW9zkx7HlSMGkz8ImT0ErlR+YJdSXdY59dUBzatQvImmFW4v/9dQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFMjdFPslhj9aqr2TFYjx8J3w1pA7MB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEveU4wVS15V0dQMXFxdlpNVmlQSHduZkRXa0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAIwgbYDBQMq
BMqAAwUDKgfdgAMFAyoJgUADBQMqCspAAwUDKgyxQAMFAyoMtQADBQMqES3AAwUD
KhFIQAMFAyoRTQADBQMqEVoAAwUDKhFcAAMFAyoRXkADBQMqEXbAAwUDKhGfgAMF
AyoRpMADBQMqEakAAwUDKhG/QAMFAyoRz4ADBQMqEfoAAwUDKhICAAMFAyoSMAAD
BQMqEkSAAwUDKhJ1AAMFAyoSpoADBQMqEuYAAwUDKhL3ADANBgkqhkiG9w0BAQsF
AAOCAQEAikXv/fae5hZTW4w/K28yw4kEjzml761l1FaAweA3p2aEEMLWkttR9Zmi
SBm08b8X2jiHtHklmWruDeRb/y74xT/d+uDNrBeLoZye/X+1FYZjgYa8n2l2iR3b
nJbJb0K9SqkSKeZqAgHh9xvu8MlRb4B3vzUJegyvJ3d+ZSd58HiYVaERGrEwcyZG
tdNW/3RDpMiYsDOxiwQPmk6ShZWHXcwQnYHh4CMenwFlAPCA9iBEgP1mBPJ4uf1u
jvigpoosLlGkPGY2zYnBNR8iI08e0EqvmhVc+Rv9HEvs+L6rmvn4aSP3Q8pPBjio
BRkDUZDKXDuWskq8iUu68hn2ygs5Ew==
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:05:33 2024 by rpki-client on console-ams.rpki-client.org