Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/_rEbmElKh3btOsgFvJb9j7ef7MM.roa
File: _rEbmElKh3btOsgFvJb9j7ef7MM.roa (raw, json)
Hash identifier: 6yhcJxl96ARrxbsUXu9nqRDninb0Hhkk/klEY0LkRjQ=
Subject key identifier: FE:B1:1B:98:49:4A:87:76:ED:3A:C8:05:BC:96:FD:8F:B7:9F:EC:C3
Certificate issuer: /CN=468b68141796ca95e4c72f4bfa696acea5083af3
Certificate serial: 018CC6B7B70D0FB401B591A1B51D7407F0F4
Authority key identifier: 46:8B:68:14:17:96:CA:95:E4:C7:2F:4B:FA:69:6A:CE:A5:08:3A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotoFBeWypXkxy9L-mlqzqUIOvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/_rEbmElKh3btOsgFvJb9j7ef7MM.roa
Signing time: Mon 01 Jan 2024 20:29:37 +0000
ROA not before: Mon 01 Jan 2024 20:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210560
IP address blocks: 2a11:f740:2::/48 maxlen: 48
2a11:f740:22::/48 maxlen: 48
2a11:f740:20::/44 maxlen: 44
2a11:f740:20::/48 maxlen: 48
2a11:f740:21::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/RotoFBeWypXkxy9L-mlqzqUIOvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/RotoFBeWypXkxy9L-mlqzqUIOvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/RotoFBeWypXkxy9L-mlqzqUIOvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b7:0d:0f:b4:01:b5:91:a1:b5:1d:74:07:f0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b68141796ca95e4c72f4bfa696acea5083af3
Validity
Not Before: Jan 1 20:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=feb11b98494a8776ed3ac805bc96fd8fb79fecc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3b:3f:b1:ac:c5:6c:23:35:c7:1e:5e:e8:b7:
18:6d:1c:b6:ea:23:c7:07:c3:2a:d8:a4:9d:91:1d:
58:02:d7:36:61:f4:67:16:23:5c:9e:fd:18:ef:2b:
9f:72:0c:a4:e5:38:59:d6:2f:e7:8f:69:c4:cc:af:
07:8b:0d:10:e6:16:aa:22:09:bb:f2:34:4a:82:ee:
28:df:18:cb:19:35:19:57:72:ba:16:12:1c:38:db:
e0:0a:87:c2:27:89:db:69:c8:80:7e:e2:65:49:e3:
d9:d0:d6:cf:2b:ed:4a:78:3c:52:cc:bf:08:17:5c:
08:45:63:40:55:9d:42:bb:2d:8f:53:92:ad:88:4d:
74:2a:c8:f2:29:04:56:37:78:97:93:1b:d7:8a:ec:
64:e9:0d:9e:84:03:63:be:ad:8e:55:3e:a3:0a:49:
1e:34:5f:69:55:52:34:4b:8a:82:69:7c:15:c7:ca:
5e:1b:ba:61:87:e7:24:59:63:d7:e2:c4:f6:5f:8e:
7b:4a:c0:7b:cd:cd:4a:3e:70:53:95:db:f8:8b:6d:
23:7f:3a:3b:23:50:a0:4e:36:44:1b:2b:67:95:88:
62:c0:d6:fc:37:72:17:b6:80:68:0f:0e:2b:ed:7b:
99:d0:e1:c5:95:15:f8:fb:a5:1c:d4:f5:3b:b3:8e:
11:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B1:1B:98:49:4A:87:76:ED:3A:C8:05:BC:96:FD:8F:B7:9F:EC:C3
X509v3 Authority Key Identifier:
keyid:46:8B:68:14:17:96:CA:95:E4:C7:2F:4B:FA:69:6A:CE:A5:08:3A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotoFBeWypXkxy9L-mlqzqUIOvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/_rEbmElKh3btOsgFvJb9j7ef7MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/598e8b-a63f-425e-b4f7-452d6d3826f7/1/RotoFBeWypXkxy9L-mlqzqUIOvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f740:2::/48
2a11:f740:20::/44
Signature Algorithm: sha256WithRSAEncryption
92:a1:7e:3b:38:cd:37:fe:6f:08:7c:26:e3:4f:ae:ab:0d:a9:
b4:f3:50:60:07:e6:fb:28:fc:74:c9:bd:7c:59:86:a6:91:88:
99:b2:3f:93:e1:af:1c:c9:cd:72:08:62:ce:30:61:02:73:da:
ee:a0:8a:e3:0c:6c:1b:0d:5e:cd:b9:1c:87:16:4f:dd:bb:20:
d7:94:34:2c:88:33:ed:c1:5f:00:ec:b1:76:61:66:f9:60:e8:
9c:ed:98:66:8b:e6:9c:f0:06:45:71:16:fd:3a:22:46:69:3e:
5e:73:cc:45:48:48:c2:d9:1d:68:eb:91:02:52:ba:f1:b0:9b:
44:c9:f4:3a:9d:13:a5:15:5e:83:2f:ec:ed:88:38:ad:ae:ef:
3f:8e:af:22:b2:15:01:1a:13:05:55:9a:38:aa:1a:85:dc:0e:
1f:1c:03:e4:91:67:69:b0:a0:65:70:d9:8b:65:6a:10:34:39:
20:e8:3a:7c:6b:ca:b7:4f:fc:76:bd:d2:b5:e5:53:6b:76:35:
a5:bb:77:ae:e8:54:61:3f:4e:e7:0f:6d:ae:ee:84:94:f8:fe:
b4:d8:56:af:16:95:79:2b:ea:0d:61:25:8d:1d:b7:bf:85:04:
84:ea:86:8b:17:22:29:89:c4:42:ab:61:cf:cb:18:9a:be:34:
8b:11:ae:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGt7cND7QBtZGhtR10B/D0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI2ODE0MTc5NmNhOTVlNGM3MmY0YmZhNjk2YWNlYTUw
ODNhZjMwHhcNMjQwMTAxMjAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWIxMWI5ODQ5NGE4Nzc2ZWQzYWM4MDViYzk2ZmQ4ZmI3OWZlY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDs/sazFbCM1xx5e6LcYbRy26iPH
B8Mq2KSdkR1YAtc2YfRnFiNcnv0Y7yufcgyk5ThZ1i/nj2nEzK8Hiw0Q5haqIgm7
8jRKgu4o3xjLGTUZV3K6FhIcONvgCofCJ4nbaciAfuJlSePZ0NbPK+1KeDxSzL8I
F1wIRWNAVZ1Cuy2PU5KtiE10KsjyKQRWN3iXkxvXiuxk6Q2ehANjvq2OVT6jCkke
NF9pVVI0S4qCaXwVx8peG7phh+ckWWPX4sT2X457SsB7zc1KPnBTldv4i20jfzo7
I1CgTjZEGytnlYhiwNb8N3IXtoBoDw4r7XuZ0OHFlRX4+6Uc1PU7s44RlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP6xG5hJSod27TrIBbyW/Y+3n+zDMB8GA1UdIwQY
MBaAFEaLaBQXlsqV5McvS/ppas6lCDrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90b0ZCZVd5cFhreHk5TC1tbHF6cVVJT3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81OThlOGItYTYzZi00MjVlLWI0Zjct
NDUyZDZkMzgyNmY3LzEvX3JFYm1FbEtoM2J0T3NnRnZKYjlqN2VmN01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81OThlOGItYTYzZi00MjVlLWI0ZjctNDUyZDZkMzgyNmY3
LzEvUm90b0ZCZVd5cFhreHk5TC1tbHF6cVVJT3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhH3QAAC
AwcEKhH3QAAgMA0GCSqGSIb3DQEBCwUAA4IBAQCSoX47OM03/m8IfCbjT66rDam0
81BgB+b7KPx0yb18WYamkYiZsj+T4a8cyc1yCGLOMGECc9ruoIrjDGwbDV7NuRyH
Fk/duyDXlDQsiDPtwV8A7LF2YWb5YOic7Zhmi+ac8AZFcRb9OiJGaT5ec8xFSEjC
2R1o65ECUrrxsJtEyfQ6nROlFV6DL+ztiDitru8/jq8ishUBGhMFVZo4qhqF3A4f
HAPkkWdpsKBlcNmLZWoQNDkg6Dp8a8q3T/x2vdK15VNrdjWlu3eu6FRhP07nD22u
7oSU+P602FavFpV5K+oNYSWNHbe/hQSE6oaLFyIpicRCq2HPyxiavjSLEa4m
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:17:21 2024 by rpki-client on console-fra.rpki-client.org