Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/xaBpymlkRYOAbp3xbuTjP-xBIkg.roa
File: xaBpymlkRYOAbp3xbuTjP-xBIkg.roa (raw, json)
Hash identifier: qWGguHRZEX3sBBtn8xmnopwe5cf6EFFbnLPZ2U51J4c=
Subject key identifier: C5:A0:69:CA:69:64:45:83:80:6E:9D:F1:6E:E4:E3:3F:EC:41:22:48
Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial: 018CC9BA808C604B60BA1FD69D92CE34ADF3
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/xaBpymlkRYOAbp3xbuTjP-xBIkg.roa
Signing time: Tue 02 Jan 2024 10:31:32 +0000
ROA not before: Tue 02 Jan 2024 10:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42474
IP address blocks: 2a06:dd01::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:80:8c:60:4b:60:ba:1f:d6:9d:92:ce:34:ad:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
Validity
Not Before: Jan 2 10:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5a069ca69644583806e9df16ee4e33fec412248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e3:ee:b6:96:c4:0b:63:ae:0a:ac:c1:02:f5:
73:63:96:00:9c:dc:2d:a9:5f:c9:9d:d2:5b:57:33:
ea:f4:cf:41:3e:e0:a1:68:b8:41:a6:91:c6:59:6b:
71:b6:b8:1e:7e:35:9a:85:d3:8d:ad:04:20:a4:c5:
6b:47:93:67:17:4c:29:02:b8:d3:19:7e:3c:75:78:
81:d0:3c:bb:93:ad:48:35:70:dc:04:69:49:2b:71:
fc:f1:95:61:64:47:d5:53:6e:79:17:d4:c5:c1:b0:
6f:17:78:0f:c9:ab:97:3d:82:48:36:4c:bd:87:25:
60:9c:19:7d:d7:0f:2f:a0:31:89:d1:d7:c4:27:b9:
56:cb:a5:84:35:76:79:bc:0c:23:5f:42:59:61:63:
b4:6c:ff:c3:97:7a:7a:08:c0:df:6e:7b:62:43:95:
95:e4:43:90:e4:ec:b1:28:5a:ab:26:e6:f4:7d:6a:
ec:56:6a:4d:2c:1e:34:f5:c6:cb:13:f8:c5:55:4d:
c9:f6:7f:6b:eb:c1:f4:da:c4:51:50:d8:77:b5:00:
72:66:78:a1:fb:fa:2c:15:93:b8:6f:f5:0a:51:1a:
c3:c1:05:63:79:da:7b:f3:ad:e2:92:ab:77:d8:dc:
75:20:01:55:c1:06:0a:42:7c:83:00:f8:11:1a:02:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A0:69:CA:69:64:45:83:80:6E:9D:F1:6E:E4:E3:3F:EC:41:22:48
X509v3 Authority Key Identifier:
keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/xaBpymlkRYOAbp3xbuTjP-xBIkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:dd01::/32
Signature Algorithm: sha256WithRSAEncryption
1a:c7:61:27:61:e8:17:d5:7e:5e:25:d9:3e:fb:12:3b:a9:78:
85:94:32:75:e8:c0:94:1b:ce:7c:64:f6:37:0b:c5:54:ec:6d:
2d:c6:99:31:a1:78:9c:52:bd:32:f0:dc:25:2d:56:4a:ad:d8:
88:31:08:fc:78:2d:9f:e3:57:aa:9d:16:9a:fd:e2:bb:ca:50:
a6:c3:c4:9f:af:e3:b6:de:d5:f9:de:68:5e:28:42:70:8a:45:
a1:de:46:7a:89:e2:fb:62:d7:63:47:53:49:f3:7f:a6:6f:25:
d3:b2:f6:2b:6d:8a:86:ab:60:4d:82:d8:ca:1d:da:6b:fd:84:
55:29:20:c4:06:b2:95:11:2c:87:89:70:86:c2:0d:86:ce:68:
61:63:b5:a0:e0:1b:90:b1:fb:32:0e:2d:10:d9:ce:f3:ea:d1:
ca:86:aa:7b:a4:c5:aa:7f:7e:c3:24:ec:2d:36:ce:5e:dd:c6:
19:66:e2:a0:86:21:42:b5:11:6e:ea:cf:d1:9f:48:38:0c:bf:
4e:22:0c:c2:69:84:e1:52:32:a0:9f:73:ce:84:44:f6:da:6f:
11:7e:cd:cd:11:49:49:f3:b8:56:17:92:4b:90:9e:59:33:25:
ba:61:87:c8:7b:8c:23:3b:0f:31:07:b8:ab:91:6f:e4:aa:a2:
15:2b:a8:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJuoCMYEtguh/WnZLONK3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDVi
MzJjZjIwHhcNMjQwMTAyMTAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWEwNjljYTY5NjQ0NTgzODA2ZTlkZjE2ZWU0ZTMzZmVjNDEyMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOPutpbEC2OuCqzBAvVzY5YAnNwt
qV/JndJbVzPq9M9BPuChaLhBppHGWWtxtrgefjWahdONrQQgpMVrR5NnF0wpArjT
GX48dXiB0Dy7k61INXDcBGlJK3H88ZVhZEfVU255F9TFwbBvF3gPyauXPYJINky9
hyVgnBl91w8voDGJ0dfEJ7lWy6WENXZ5vAwjX0JZYWO0bP/Dl3p6CMDfbntiQ5WV
5EOQ5OyxKFqrJub0fWrsVmpNLB409cbLE/jFVU3J9n9r68H02sRRUNh3tQByZnih
+/osFZO4b/UKURrDwQVjedp7863ikqt32Nx1IAFVwQYKQnyDAPgRGgKH9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMWgacppZEWDgG6d8W7k4z/sQSJIMB8GA1UdIwQY
MBaAFNViDOxwl00DfXdpdYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTkt
YmU0MzRjYjlmOGY4LzEveGFCcHltbGtSWU9BYnAzeGJ1VGpQLXhCSWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4
LzEvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgbdATAN
BgkqhkiG9w0BAQsFAAOCAQEAGsdhJ2HoF9V+XiXZPvsSO6l4hZQydejAlBvOfGT2
NwvFVOxtLcaZMaF4nFK9MvDcJS1WSq3YiDEI/Hgtn+NXqp0Wmv3iu8pQpsPEn6/j
tt7V+d5oXihCcIpFod5Geoni+2LXY0dTSfN/pm8l07L2K22KhqtgTYLYyh3aa/2E
VSkgxAaylREsh4lwhsINhs5oYWO1oOAbkLH7Mg4tENnO8+rRyoaqe6TFqn9+wyTs
LTbOXt3GGWbioIYhQrURburP0Z9IOAy/TiIMwmmE4VIyoJ9zzoRE9tpvEX7NzRFJ
SfO4VheSS5CeWTMlumGHyHuMIzsPMQe4q5Fv5KqiFSuoQg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:39:09 2024 by rpki-client on console-fra.rpki-client.org