Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/y5lN1Br1U5sMnwQLEgeYSeqvKCo.roa
File: y5lN1Br1U5sMnwQLEgeYSeqvKCo.roa (raw, json)
Hash identifier: Oxn/Ms5LcRmxmZYfamVA4qCqFYUbsMy9KzZoqwNnvJQ=
Subject key identifier: CB:99:4D:D4:1A:F5:53:9B:0C:9F:04:0B:12:07:98:49:EA:AF:28:2A
Certificate issuer: /CN=8f8d7ea47d1b700c3d6b799358aa7ea5eca8b3d2
Certificate serial: 018CCA2850D718BB36937F3B5606C1D87833
Authority key identifier: 8F:8D:7E:A4:7D:1B:70:0C:3D:6B:79:93:58:AA:7E:A5:EC:A8:B3:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j41-pH0bcAw9a3mTWKp-peyos9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/y5lN1Br1U5sMnwQLEgeYSeqvKCo.roa
Signing time: Tue 02 Jan 2024 12:31:28 +0000
ROA not before: Tue 02 Jan 2024 12:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212378
IP address blocks: 2001:678:ec0::/48 maxlen: 48
2001:678:ec4::/48 maxlen: 48
2001:678:9e4::/48 maxlen: 48
2001:67c:11f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/j41-pH0bcAw9a3mTWKp-peyos9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/j41-pH0bcAw9a3mTWKp-peyos9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/j41-pH0bcAw9a3mTWKp-peyos9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:50:d7:18:bb:36:93:7f:3b:56:06:c1:d8:78:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8d7ea47d1b700c3d6b799358aa7ea5eca8b3d2
Validity
Not Before: Jan 2 12:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb994dd41af5539b0c9f040b12079849eaaf282a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b3:85:0d:1b:e7:02:b3:5b:0a:af:03:8b:7f:
ce:bc:83:01:c7:54:34:35:65:66:5e:db:7c:71:34:
f5:54:c4:6d:fc:33:f0:3e:fc:77:93:63:82:97:fc:
6b:39:29:67:3f:a9:fd:65:2f:8c:ff:66:a6:7c:14:
95:6c:75:52:b6:e9:96:9e:14:63:e7:fa:de:54:36:
03:78:0e:01:31:3b:99:86:f5:64:8f:8d:2d:8f:a5:
2c:5c:20:12:73:d1:f3:65:0a:56:20:66:dc:f5:5a:
64:cb:00:ce:78:85:38:46:82:ef:f1:ce:1a:c0:14:
58:3e:06:0e:13:56:44:ea:7b:f1:b0:e0:c8:55:13:
24:9b:cd:41:d3:26:3b:8c:88:6d:4b:d9:b5:ad:c0:
35:cc:da:57:db:1a:02:26:78:49:53:bc:a3:01:32:
95:7c:37:08:19:03:52:47:8c:d9:19:3e:39:cc:ad:
4f:d9:44:d3:02:4b:6c:c5:db:58:c9:df:c2:00:7d:
5d:38:48:b3:83:ab:3e:35:5a:2e:38:8d:2a:4b:45:
93:e2:97:93:08:5a:56:84:97:06:66:f5:59:70:46:
6f:50:da:d4:4f:c8:b6:b8:44:4f:52:e5:ab:b6:10:
c4:fc:3f:b9:ca:0d:d4:57:89:cd:1c:11:08:c4:fe:
91:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:99:4D:D4:1A:F5:53:9B:0C:9F:04:0B:12:07:98:49:EA:AF:28:2A
X509v3 Authority Key Identifier:
keyid:8F:8D:7E:A4:7D:1B:70:0C:3D:6B:79:93:58:AA:7E:A5:EC:A8:B3:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j41-pH0bcAw9a3mTWKp-peyos9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/y5lN1Br1U5sMnwQLEgeYSeqvKCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6314e5-a964-44f6-ada1-20520e6b617a/1/j41-pH0bcAw9a3mTWKp-peyos9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:9e4::/48
2001:678:ec0::/48
2001:678:ec4::/48
2001:67c:11f0::/48
Signature Algorithm: sha256WithRSAEncryption
6b:9b:17:c0:9c:90:8c:5f:da:28:cc:30:c6:fb:f2:a7:bd:da:
9c:15:1d:ea:a0:58:1a:66:6d:f8:c7:b8:7d:11:df:d3:16:ee:
7d:ec:64:0b:52:aa:ff:01:6d:14:48:8e:6c:46:68:49:83:f5:
98:ef:61:d0:4b:5c:b9:56:eb:61:54:cc:7b:0c:57:88:15:31:
18:8a:ed:40:53:1e:62:f0:10:a5:3c:e0:5c:1b:5b:49:2d:9d:
32:95:b9:91:e0:13:7a:d7:f9:43:cf:13:f3:58:f2:33:a0:d5:
38:cb:2d:f6:3e:15:6b:05:47:c0:d2:88:56:10:32:34:1a:da:
60:4b:5c:4e:cb:f4:8e:a8:26:28:ae:11:81:86:46:cc:59:1a:
f3:67:93:f6:b5:f5:89:2d:78:ed:86:6f:07:7f:c3:60:be:d4:
c9:42:b0:6b:cc:00:79:39:f0:cc:75:42:75:67:7e:f4:66:45:
a5:73:33:af:2f:46:2d:7b:74:88:90:c7:19:d6:e4:3d:8f:b9:
89:bc:4e:4f:b6:0e:4d:11:16:5c:c7:d1:23:dc:85:f5:d1:16:
a8:60:54:fa:2c:b5:29:1e:00:5a:17:8f:8b:7b:f2:c6:07:93:
79:50:96:2a:14:2e:e4:20:c6:77:d0:82:9f:90:3e:1c:4c:ad:
65:d9:be:ed
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKKFDXGLs2k387VgbB2HgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOGQ3ZWE0N2QxYjcwMGMzZDZiNzk5MzU4YWE3ZWE1ZWNh
OGIzZDIwHhcNMjQwMTAyMTIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk5NGRkNDFhZjU1MzliMGM5ZjA0MGIxMjA3OTg0OWVhYWYyODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorOFDRvnArNbCq8Di3/OvIMBx1Q0
NWVmXtt8cTT1VMRt/DPwPvx3k2OCl/xrOSlnP6n9ZS+M/2amfBSVbHVStumWnhRj
5/reVDYDeA4BMTuZhvVkj40tj6UsXCASc9HzZQpWIGbc9VpkywDOeIU4RoLv8c4a
wBRYPgYOE1ZE6nvxsODIVRMkm81B0yY7jIhtS9m1rcA1zNpX2xoCJnhJU7yjATKV
fDcIGQNSR4zZGT45zK1P2UTTAktsxdtYyd/CAH1dOEizg6s+NVouOI0qS0WT4peT
CFpWhJcGZvVZcEZvUNrUT8i2uERPUuWrthDE/D+5yg3UV4nNHBEIxP6R9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMuZTdQa9VObDJ8ECxIHmEnqrygqMB8GA1UdIwQY
MBaAFI+NfqR9G3AMPWt5k1iqfqXsqLPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajQxLXBIMGJjQXc5YTNtVFdLcC1wZXlvczlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82MzE0ZTUtYTk2NC00NGY2LWFkYTEt
MjA1MjBlNmI2MTdhLzEveTVsTjFCcjFVNXNNbndRTEVnZVlTZXF2S0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82MzE0ZTUtYTk2NC00NGY2LWFkYTEtMjA1MjBlNmI2MTdh
LzEvajQxLXBIMGJjQXc5YTNtVFdLcC1wZXlvczlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAnk
AwcAIAEGeA7AAwcAIAEGeA7EAwcAIAEGfBHwMA0GCSqGSIb3DQEBCwUAA4IBAQBr
mxfAnJCMX9oozDDG+/KnvdqcFR3qoFgaZm34x7h9Ed/TFu597GQLUqr/AW0USI5s
RmhJg/WY72HQS1y5VuthVMx7DFeIFTEYiu1AUx5i8BClPOBcG1tJLZ0ylbmR4BN6
1/lDzxPzWPIzoNU4yy32PhVrBUfA0ohWEDI0GtpgS1xOy/SOqCYorhGBhkbMWRrz
Z5P2tfWJLXjthm8Hf8NgvtTJQrBrzAB5OfDMdUJ1Z370ZkWlczOvL0Yte3SIkMcZ
1uQ9j7mJvE5Ptg5NERZcx9Ej3IX10RaoYFT6LLUpHgBaF4+Le/LGB5N5UJYqFC7k
IMZ30IKfkD4cTK1l2b7t
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:31:19 2024 by rpki-client on console-ams.rpki-client.org