Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/XSnZLLaq59qHkb6JKWUVJT544TE.roa
File: XSnZLLaq59qHkb6JKWUVJT544TE.roa (raw, json)
Hash identifier: nbNbgFoyL0JZYYPtY57q9Zw7aaDr2uFOVSvKmYf+QMc=
Subject key identifier: 5D:29:D9:2C:B6:AA:E7:DA:87:91:BE:89:29:65:15:25:3E:78:E1:31
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 018CC64B6794F44EED009475896D13E01D26
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/XSnZLLaq59qHkb6JKWUVJT544TE.roa
Signing time: Mon 01 Jan 2024 18:31:19 +0000
ROA not before: Mon 01 Jan 2024 18:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208302
IP address blocks: 2a0e:46c6:600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:67:94:f4:4e:ed:00:94:75:89:6d:13:e0:1d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 1 18:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d29d92cb6aae7da8791be89296515253e78e131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:72:bf:59:36:2d:f9:bb:d8:8b:f3:56:22:04:
72:a1:67:bc:68:dd:7d:de:3f:f6:e1:33:50:44:22:
6f:81:26:ca:b6:5c:ea:f0:8b:5f:c1:05:ab:0b:54:
c2:af:08:2c:68:e8:01:08:99:c2:9c:a1:dd:cd:14:
2d:63:0f:81:de:ec:b1:61:79:04:8c:01:33:d7:bb:
b9:96:08:89:e2:f2:7b:1c:e7:0c:2e:4e:8a:e5:10:
bf:36:c3:7a:52:3a:2b:8e:27:68:e1:95:bf:1b:3d:
f1:b1:9b:18:66:71:5f:36:c5:16:08:9c:d3:d6:a9:
86:5c:52:b5:ac:ff:75:51:44:3a:49:43:0f:b8:58:
27:06:ae:4c:22:bf:9e:60:ca:d6:a3:bb:1b:6c:63:
d3:28:56:d2:a1:1a:c4:55:fa:bd:3c:1b:b1:cd:63:
25:57:4a:68:b8:8d:d8:4e:82:82:15:87:8d:7a:6d:
4b:43:79:3f:bc:b8:1c:98:63:c6:4b:f7:49:c4:f3:
27:3a:cf:46:ad:24:50:bb:48:c5:60:03:3a:42:d5:
d2:3d:9b:7f:f7:a0:86:20:a6:95:67:b2:ca:3b:13:
19:00:b0:a8:18:10:65:5e:aa:62:8e:76:82:1b:3e:
9e:bc:44:aa:13:49:0a:6f:a9:44:a5:1e:53:4b:f6:
c2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:29:D9:2C:B6:AA:E7:DA:87:91:BE:89:29:65:15:25:3E:78:E1:31
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/XSnZLLaq59qHkb6JKWUVJT544TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c6:600::/40
Signature Algorithm: sha256WithRSAEncryption
9e:04:2a:a1:fd:e9:6e:0e:78:63:5e:03:99:04:8f:7c:d8:5c:
89:0b:93:3f:b6:5c:6a:70:16:bf:d3:fc:60:b5:a7:87:62:45:
2d:94:66:23:86:f3:58:18:8f:c3:8a:6c:1a:b5:20:66:2e:28:
7a:00:77:ee:45:91:76:e4:23:d8:30:87:36:93:52:78:af:dd:
d4:5b:25:d9:db:4c:88:d1:e9:d8:cf:ef:18:61:aa:82:ff:21:
f6:64:23:1e:62:0e:91:79:1a:ba:16:55:d8:5b:93:5a:ee:e1:
d7:2c:42:aa:62:6b:59:9c:a3:10:cd:e3:c9:be:6e:a0:42:de:
a5:c2:fe:6b:f7:f1:71:a0:b0:8e:d2:7f:12:b5:15:fb:ea:b4:
96:9b:a8:63:36:aa:4c:0b:d3:ad:80:d6:aa:51:f4:4b:00:2c:
81:1d:0c:c9:16:59:4c:ea:8b:21:af:3c:9c:c7:d7:6d:4f:c2:
50:99:36:ba:15:a8:28:c6:cd:f1:a2:57:6f:67:f4:03:a2:38:
e2:3b:08:e2:f7:e6:75:65:10:11:a2:93:da:47:82:3a:71:a2:
86:81:3a:f4:3d:af:25:3f:5e:87:cc:8a:7a:0f:f7:b1:db:56:
47:37:da:6b:fc:30:88:7e:41:6e:77:9e:fd:f7:75:b0:d7:05:
b2:68:30:75
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGS2eU9E7tAJR1iW0T4B0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjQwMTAxMTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI5ZDkyY2I2YWFlN2RhODc5MWJlODkyOTY1MTUyNTNlNzhlMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3K/WTYt+bvYi/NWIgRyoWe8aN19
3j/24TNQRCJvgSbKtlzq8ItfwQWrC1TCrwgsaOgBCJnCnKHdzRQtYw+B3uyxYXkE
jAEz17u5lgiJ4vJ7HOcMLk6K5RC/NsN6Ujorjido4ZW/Gz3xsZsYZnFfNsUWCJzT
1qmGXFK1rP91UUQ6SUMPuFgnBq5MIr+eYMrWo7sbbGPTKFbSoRrEVfq9PBuxzWMl
V0pouI3YToKCFYeNem1LQ3k/vLgcmGPGS/dJxPMnOs9GrSRQu0jFYAM6QtXSPZt/
96CGIKaVZ7LKOxMZALCoGBBlXqpijnaCGz6evESqE0kKb6lEpR5TS/bCRwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF0p2Sy2qufah5G+iSllFSU+eOExMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvWFNuWkxMYXE1OXFIa2I2SktXVVZKVDU0NFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg5GxgYw
DQYJKoZIhvcNAQELBQADggEBAJ4EKqH96W4OeGNeA5kEj3zYXIkLkz+2XGpwFr/T
/GC1p4diRS2UZiOG81gYj8OKbBq1IGYuKHoAd+5FkXbkI9gwhzaTUniv3dRbJdnb
TIjR6djP7xhhqoL/IfZkIx5iDpF5GroWVdhbk1ru4dcsQqpia1mcoxDN48m+bqBC
3qXC/mv38XGgsI7SfxK1FfvqtJabqGM2qkwL062A1qpR9EsALIEdDMkWWUzqiyGv
PJzH121PwlCZNroVqCjGzfGiV29n9AOiOOI7COL35nVlEBGik9pHgjpxooaBOvQ9
ryU/XofMinoP97HbVkc32mv8MIh+QW53nv33dbDXBbJoMHU=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:14:12 2024 by rpki-client on console-ams.rpki-client.org