Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/yBH-PuuC7JTiiHmYfl03jkZ7A6I.roa
File: yBH-PuuC7JTiiHmYfl03jkZ7A6I.roa (raw, json)
Hash identifier: MHF3WUFLj0xu5jZYgsBNTfH+BQJtJCHmt3TdzrdhKc4=
Subject key identifier: C8:11:FE:3E:EB:82:EC:94:E2:88:79:98:7E:5D:37:8E:46:7B:03:A2
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3B4A3103B76BBE593653E48C51A77
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/yBH-PuuC7JTiiHmYfl03jkZ7A6I.roa
Signing time: Thu 21 Nov 2024 09:00:37 +0000
ROA not before: Thu 21 Nov 2024 09:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206058
IP address blocks: 2a01:e901:10d::/48 maxlen: 48
2a01:e901:11d::/48 maxlen: 48
2a01:e901:12d::/48 maxlen: 48
2a01:e901:13d::/48 maxlen: 48
2a01:e901:14d::/48 maxlen: 48
2a01:e901:15d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:b4:a3:10:3b:76:bb:e5:93:65:3e:48:c5:1a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c811fe3eeb82ec94e28879987e5d378e467b03a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:12:f7:bf:cf:71:4e:e3:12:34:c3:35:85:c1:
31:36:ca:6d:1e:a8:c0:2f:80:12:63:6f:4d:e9:b3:
76:dd:35:41:85:32:02:a9:4a:45:67:cd:20:8b:0a:
6a:2a:f9:41:cf:30:5b:bf:a9:cb:54:b0:8c:74:d7:
c6:b1:3e:66:6f:7d:7b:0c:ac:33:4a:20:a5:44:6d:
da:9d:c0:2a:69:82:80:66:d0:af:fb:a0:5b:9c:8b:
94:f5:9c:d5:2e:4c:0c:18:1b:88:ab:4b:fb:d7:e9:
98:8e:36:87:ad:90:84:f7:da:ce:89:5e:7e:a0:c4:
3b:e6:2e:2d:d7:96:c1:7f:32:1b:51:ad:67:78:2e:
31:b4:14:06:54:be:27:db:32:cf:af:ae:b3:bf:59:
ff:bd:db:6d:8e:0a:98:3e:37:0a:5f:0a:d4:19:46:
5e:9d:f8:42:bf:29:92:07:10:ec:ed:da:57:a9:5c:
66:0b:1b:b1:a6:2e:f8:00:c6:3f:34:03:ef:91:16:
0d:ee:69:38:de:9b:49:b8:d2:a2:0c:16:f9:de:18:
e3:9c:63:4f:7d:b4:37:4d:55:f8:70:22:c2:81:15:
76:65:d5:ed:bf:66:5e:c8:3f:cb:48:11:60:91:c8:
3d:77:d2:6a:9d:13:e4:59:94:a5:2c:db:8d:c5:b6:
a2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:11:FE:3E:EB:82:EC:94:E2:88:79:98:7E:5D:37:8E:46:7B:03:A2
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/yBH-PuuC7JTiiHmYfl03jkZ7A6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10d::/48
2a01:e901:11d::/48
2a01:e901:12d::/48
2a01:e901:13d::/48
2a01:e901:14d::/48
2a01:e901:15d::/48
Signature Algorithm: sha256WithRSAEncryption
37:66:f0:b2:58:8d:b1:b4:4b:95:6e:65:3a:24:27:61:71:b9:
ea:1a:88:33:f6:dd:0e:bc:1e:7f:84:71:e9:66:5a:1d:52:59:
0a:f8:fe:43:34:9e:86:20:73:b0:9a:30:38:c6:7e:ab:2a:5f:
71:89:28:4e:35:1c:3a:65:7c:ec:5f:cd:5d:af:bb:4e:85:88:
fb:eb:b0:ee:00:d5:05:f7:97:d6:5c:29:09:e4:f1:62:f4:f6:
a2:58:16:d2:83:c0:84:9d:cc:f1:5c:0a:f3:ce:13:5e:3a:c5:
c8:1a:f4:13:85:1d:ba:74:62:cd:5f:24:5f:56:11:4e:45:45:
3e:09:cc:c6:c8:67:c7:f7:5c:82:6f:4a:12:47:8e:f9:ea:18:
78:42:7d:9b:c9:f2:e1:1d:6d:05:fa:3e:5f:32:53:d0:02:3c:
34:46:f4:4e:d2:42:07:df:ec:06:1c:b3:55:7a:f5:a2:33:f6:
cd:09:22:4b:98:5c:1f:5a:9d:24:43:00:0b:8c:38:6c:8a:65:
dd:24:db:95:40:1b:90:7a:f3:4b:e2:d4:ae:40:8c:94:06:e8:
87:ad:3d:df:58:32:ef:f5:5d:00:ed:99:92:d6:d8:36:86:43:
05:9d:d1:a0:d0:69:f8:6d:e6:58:50:fa:1a:4b:f0:be:2d:e2:
12:a4:dd:ba
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87SjEDt2u+WTZT5IxRp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODExZmUzZWViODJlYzk0ZTI4ODc5OTg3ZTVkMzc4ZTQ2N2IwM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRL3v89xTuMSNMM1hcExNsptHqjA
L4ASY29N6bN23TVBhTICqUpFZ80giwpqKvlBzzBbv6nLVLCMdNfGsT5mb317DKwz
SiClRG3ancAqaYKAZtCv+6BbnIuU9ZzVLkwMGBuIq0v71+mYjjaHrZCE99rOiV5+
oMQ75i4t15bBfzIbUa1neC4xtBQGVL4n2zLPr66zv1n/vdttjgqYPjcKXwrUGUZe
nfhCvymSBxDs7dpXqVxmCxuxpi74AMY/NAPvkRYN7mk43ptJuNKiDBb53hjjnGNP
fbQ3TVX4cCLCgRV2ZdXtv2ZeyD/LSBFgkcg9d9JqnRPkWZSlLNuNxbaiUwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMgR/j7rguyU4oh5mH5dN45GewOiMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEveUJILVB1dUM3SlRpaUhtWWZsMDNqa1o3QTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEN
AwcAKgHpAQEdAwcAKgHpAQEtAwcAKgHpAQE9AwcAKgHpAQFNAwcAKgHpAQFdMA0G
CSqGSIb3DQEBCwUAA4IBAQA3ZvCyWI2xtEuVbmU6JCdhcbnqGogz9t0OvB5/hHHp
ZlodUlkK+P5DNJ6GIHOwmjA4xn6rKl9xiShONRw6ZXzsX81dr7tOhYj767DuANUF
95fWXCkJ5PFi9PaiWBbSg8CEnczxXArzzhNeOsXIGvQThR26dGLNXyRfVhFORUU+
CczGyGfH91yCb0oSR4756hh4Qn2byfLhHW0F+j5fMlPQAjw0RvRO0kIH3+wGHLNV
evWiM/bNCSJLmFwfWp0kQwALjDhsimXdJNuVQBuQevNL4tSuQIyUBuiHrT3fWDLv
9V0A7ZmS1tg2hkMFndGg0Gn4beZYUPoaS/C+LeISpN26
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:32 2024 by rpki-client on console-fra.rpki-client.org