Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/jCb8YsL7fwYv4bVVcN3dNi-Fwug.roa
File: jCb8YsL7fwYv4bVVcN3dNi-Fwug.roa (raw, json)
Hash identifier: 4iuZZmvEtBRttz0iWgXs4wPycyEtQWPw5I6cj3iLXwo=
Subject key identifier: 8C:26:FC:62:C2:FB:7F:06:2F:E1:B5:55:70:DD:DD:36:2F:85:C2:E8
Certificate issuer: /CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Certificate serial: 018CC793E59D98E0EE4BD9586231D67AE93D
Authority key identifier: FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/jCb8YsL7fwYv4bVVcN3dNi-Fwug.roa
Signing time: Tue 02 Jan 2024 00:30:07 +0000
ROA not before: Tue 02 Jan 2024 00:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12874
IP address blocks: 2a04:a580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/_RGW2Y3s046wP18GtI5VbHTyMfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/_RGW2Y3s046wP18GtI5VbHTyMfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:e5:9d:98:e0:ee:4b:d9:58:62:31:d6:7a:e9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd1196d98decd38eb03f5f06b48e556c74f231f4
Validity
Not Before: Jan 2 00:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c26fc62c2fb7f062fe1b55570dddd362f85c2e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:60:e8:89:69:3a:c4:00:e3:5d:e0:75:4f:2b:
50:25:4f:d0:82:09:2a:ff:d2:6c:ca:78:07:72:f5:
c1:79:7c:f3:b2:45:3f:42:51:a8:3b:21:e4:24:5c:
a9:cc:97:82:da:fc:66:6e:44:64:27:30:19:08:7e:
59:1a:bd:ee:db:8c:3b:77:1c:eb:fe:59:6e:9b:09:
6e:94:f4:86:89:ad:86:f2:d6:cc:8d:42:f0:63:8d:
fd:5d:e7:3e:74:09:2c:0d:7f:90:44:1b:00:55:d7:
71:09:25:c6:7c:a0:b8:69:45:22:41:4a:0e:f7:64:
cd:83:c8:5c:53:e5:a8:53:4f:a9:db:d4:5b:9f:6f:
39:96:6e:f2:6a:04:71:73:d9:9e:d1:46:3d:1d:43:
8f:aa:2b:40:bd:f7:14:89:f8:5a:99:ff:a8:4e:02:
b9:30:9e:88:e1:f3:47:b9:71:d3:aa:33:b9:6d:7c:
11:b6:69:b2:2c:2e:3c:0c:3b:84:0d:30:04:f2:ee:
cc:28:a9:45:6d:3a:72:ac:e8:c8:88:0b:c5:59:d6:
1f:a8:49:94:5d:b7:d1:1e:bb:3b:83:13:27:94:90:
33:38:af:60:8a:80:00:ae:b1:da:9b:cf:6f:de:35:
eb:cf:30:4d:bb:76:6b:84:26:df:a3:14:26:fd:0d:
51:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:26:FC:62:C2:FB:7F:06:2F:E1:B5:55:70:DD:DD:36:2F:85:C2:E8
X509v3 Authority Key Identifier:
keyid:FD:11:96:D9:8D:EC:D3:8E:B0:3F:5F:06:B4:8E:55:6C:74:F2:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_RGW2Y3s046wP18GtI5VbHTyMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/jCb8YsL7fwYv4bVVcN3dNi-Fwug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/4d5660-5364-4454-a9be-4f8902bfe172/1/_RGW2Y3s046wP18GtI5VbHTyMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a580::/29
Signature Algorithm: sha256WithRSAEncryption
09:56:f1:cc:ff:94:89:03:5d:73:95:e9:0e:6f:77:f8:33:8b:
3b:d6:35:b5:f4:22:e7:ec:7d:55:60:96:d9:be:a4:8e:bf:86:
75:20:9a:e9:8b:42:50:dd:1d:94:2f:fa:14:ea:db:33:b6:0c:
3c:0e:a6:b5:a7:76:89:91:95:7b:a1:e2:96:f0:b3:f2:a2:9c:
a5:27:08:ca:8c:11:19:9b:bf:83:4a:89:1f:ab:6a:57:0d:58:
1b:80:4c:d3:82:ef:c7:26:61:53:12:b9:99:4c:4c:d0:3f:6a:
4a:81:7b:95:3a:50:30:41:3f:06:b7:82:3e:68:2e:dc:92:5e:
47:6c:f2:3c:c3:68:e1:ee:0d:66:08:fb:81:0d:06:cd:79:89:
7c:c2:ff:5c:ae:31:2c:8a:47:1b:61:0f:4f:a3:82:42:a0:88:
c0:3f:53:c3:fd:16:eb:a4:7d:68:d7:7f:20:2b:1c:cb:91:49:
cb:3f:6b:c7:a9:dd:65:01:3f:bc:a3:49:91:17:6e:56:91:95:
72:4f:c7:3c:5e:3f:0a:f4:13:66:04:37:b3:40:ae:db:f8:bc:
fc:9f:c6:eb:2d:83:d6:73:04:5a:7a:dc:04:94:89:33:e9:ae:
39:e2:fc:13:3d:79:96:ee:1b:02:06:aa:4c:04:06:dc:c6:7e:
ca:40:92:3d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHk+WdmODuS9lYYjHWeuk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMTE5NmQ5OGRlY2QzOGViMDNmNWYwNmI0OGU1NTZjNzRm
MjMxZjQwHhcNMjQwMTAyMDAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzI2ZmM2MmMyZmI3ZjA2MmZlMWI1NTU3MGRkZGQzNjJmODVjMmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WDoiWk6xADjXeB1TytQJU/Qggkq
/9JsyngHcvXBeXzzskU/QlGoOyHkJFypzJeC2vxmbkRkJzAZCH5ZGr3u24w7dxzr
/llumwlulPSGia2G8tbMjULwY439Xec+dAksDX+QRBsAVddxCSXGfKC4aUUiQUoO
92TNg8hcU+WoU0+p29Rbn285lm7yagRxc9me0UY9HUOPqitAvfcUifhamf+oTgK5
MJ6I4fNHuXHTqjO5bXwRtmmyLC48DDuEDTAE8u7MKKlFbTpyrOjIiAvFWdYfqEmU
XbfRHrs7gxMnlJAzOK9gioAArrHam89v3jXrzzBNu3ZrhCbfoxQm/Q1R6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIwm/GLC+38GL+G1VXDd3TYvhcLoMB8GA1UdIwQY
MBaAFP0RltmN7NOOsD9fBrSOVWx08jH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1JHVzJZM3MwNDZ3UDE4R3RJNVZiSFR5TWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS80ZDU2NjAtNTM2NC00NDU0LWE5YmUt
NGY4OTAyYmZlMTcyLzEvakNiOFlzTDdmd1l2NGJWVmNOM2ROaS1Gd3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS80ZDU2NjAtNTM2NC00NDU0LWE5YmUtNGY4OTAyYmZlMTcy
LzEvX1JHVzJZM3MwNDZ3UDE4R3RJNVZiSFR5TWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgSlgDAN
BgkqhkiG9w0BAQsFAAOCAQEACVbxzP+UiQNdc5XpDm93+DOLO9Y1tfQi5+x9VWCW
2b6kjr+GdSCa6YtCUN0dlC/6FOrbM7YMPA6mtad2iZGVe6HilvCz8qKcpScIyowR
GZu/g0qJH6tqVw1YG4BM04LvxyZhUxK5mUxM0D9qSoF7lTpQMEE/BreCPmgu3JJe
R2zyPMNo4e4NZgj7gQ0GzXmJfML/XK4xLIpHG2EPT6OCQqCIwD9Tw/0W66R9aNd/
ICscy5FJyz9rx6ndZQE/vKNJkRduVpGVck/HPF4/CvQTZgQ3s0Cu2/i8/J/G6y2D
1nMEWnrcBJSJM+muOeL8Ez15lu4bAgaqTAQG3MZ+ykCSPQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:42 2024 by rpki-client on console-fra.rpki-client.org