Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/hY1tcjYpv1vzar1uc13nY4sXqdQ.roa
File: hY1tcjYpv1vzar1uc13nY4sXqdQ.roa (raw, json)
Hash identifier: 08sKAcFdNVJus7MWgIpE65RP6QXRza+V2m9oi67eUwk=
Subject key identifier: 85:8D:6D:72:36:29:BF:5B:F3:6A:BD:6E:73:5D:E7:63:8B:17:A9:D4
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018D633D44B3C95ECFC07543118B81348CB0
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/hY1tcjYpv1vzar1uc13nY4sXqdQ.roa
Signing time: Thu 01 Feb 2024 05:56:16 +0000
ROA not before: Thu 01 Feb 2024 05:56:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44445
IP address blocks: 2a12:c6c7:3000::/36 maxlen: 48
2a12:c6c7:4000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:3d:44:b3:c9:5e:cf:c0:75:43:11:8b:81:34:8c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Feb 1 05:56:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=858d6d723629bf5bf36abd6e735de7638b17a9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:42:d1:ba:39:9c:3d:60:13:c7:45:75:dc:29:
e0:ad:be:c7:5f:53:51:3c:ad:13:fb:6a:7a:fb:43:
78:55:dd:09:99:bb:1a:e1:70:4c:f2:a1:46:12:6d:
0b:60:2a:05:0b:e0:a9:1a:96:77:f3:a2:f3:2e:06:
8f:1e:e1:03:7d:ca:49:29:e2:f4:d1:17:6e:5c:b5:
2f:3b:7f:18:a7:54:e8:f4:27:bd:d1:e2:37:02:f2:
4d:1e:f9:b3:0a:88:ee:5e:d9:bd:13:58:68:00:30:
ec:f2:94:4e:b7:af:83:94:57:f0:ee:ed:df:f1:aa:
80:50:d8:dc:5a:d5:ce:8d:9e:b7:ab:45:59:0a:c0:
62:46:de:2d:0c:c5:a4:61:64:9b:e4:76:99:a3:ac:
2e:ec:de:8c:75:92:87:3a:40:6c:c8:4d:b7:36:15:
85:f3:85:f3:d0:4d:cc:e2:7d:03:5d:87:ac:e0:43:
19:1a:a5:cf:40:32:6d:2d:ad:08:eb:84:b8:0b:af:
96:85:2b:3a:1b:57:80:80:ee:8c:08:1f:fa:e8:aa:
4f:bd:9f:3a:29:b6:90:de:82:18:0a:54:52:0a:20:
0a:f4:f2:b4:c1:08:37:bd:f5:89:65:8a:8a:42:d9:
02:50:d9:1b:53:83:7a:b8:3d:fa:e2:64:17:0c:06:
cb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8D:6D:72:36:29:BF:5B:F3:6A:BD:6E:73:5D:E7:63:8B:17:A9:D4
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/hY1tcjYpv1vzar1uc13nY4sXqdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:c6c7:3000::-2a12:c6c7:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c0:1d:9c:5a:09:47:05:d2:0a:b5:5b:ad:35:0d:80:75:09:30:
74:0e:aa:33:65:03:0e:79:93:d6:78:a7:b3:9d:b0:19:35:a6:
62:09:c7:f9:fd:8b:87:6c:75:61:65:ea:c0:3f:8c:72:e8:af:
4d:75:28:d8:d0:04:5b:46:e8:14:31:0d:62:cf:2c:ad:12:e6:
76:2d:27:e9:77:46:02:d9:5f:21:9b:db:d0:6b:75:dd:bc:f0:
62:4b:55:2c:2a:cb:65:ce:56:34:d2:f2:a2:32:4c:f0:8f:ce:
01:20:d7:a8:60:ec:ee:3f:c5:e0:76:92:30:3e:68:a8:27:6f:
57:b8:98:f6:34:d6:42:b1:a4:96:83:30:2d:03:38:2a:64:8e:
19:0a:00:f3:9c:06:4f:4d:95:d6:1e:c3:bb:f6:2e:a3:f9:4f:
32:d4:8d:be:38:60:78:31:e4:35:d2:4f:05:25:a4:b6:e3:9c:
69:73:fc:e2:bd:13:12:ed:c8:24:d3:5a:06:1c:6e:61:7c:c0:
fc:36:ec:59:28:09:94:a0:78:a1:31:4c:35:00:5c:2a:7d:ef:
03:92:7a:0b:63:d5:d2:de:96:f9:64:b5:96:17:de:52:f9:53:
79:07:a7:14:15:6c:bb:55:0d:9d:71:92:b3:83:be:14:ec:8d:
60:ce:23:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1jPUSzyV7PwHVDEYuBNIywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMjAxMDU1NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NThkNmQ3MjM2MjliZjViZjM2YWJkNmU3MzVkZTc2MzhiMTdhOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0LRujmcPWATx0V13Cngrb7HX1NR
PK0T+2p6+0N4Vd0Jmbsa4XBM8qFGEm0LYCoFC+CpGpZ386LzLgaPHuEDfcpJKeL0
0RduXLUvO38Yp1To9Ce90eI3AvJNHvmzCojuXtm9E1hoADDs8pROt6+DlFfw7u3f
8aqAUNjcWtXOjZ63q0VZCsBiRt4tDMWkYWSb5HaZo6wu7N6MdZKHOkBsyE23NhWF
84Xz0E3M4n0DXYes4EMZGqXPQDJtLa0I64S4C6+WhSs6G1eAgO6MCB/66KpPvZ86
KbaQ3oIYClRSCiAK9PK0wQg3vfWJZYqKQtkCUNkbU4N6uD364mQXDAbL5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIWNbXI2Kb9b82q9bnNd52OLF6nUMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvaFkxdGNqWXB2MXZ6YXIxdWMxM25ZNHNYcWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgQqEsbH
MAMGBCoSxsdAMA0GCSqGSIb3DQEBCwUAA4IBAQDAHZxaCUcF0gq1W601DYB1CTB0
DqozZQMOeZPWeKeznbAZNaZiCcf5/YuHbHVhZerAP4xy6K9NdSjY0ARbRugUMQ1i
zyytEuZ2LSfpd0YC2V8hm9vQa3XdvPBiS1UsKstlzlY00vKiMkzwj84BINeoYOzu
P8XgdpIwPmioJ29XuJj2NNZCsaSWgzAtAzgqZI4ZCgDznAZPTZXWHsO79i6j+U8y
1I2+OGB4MeQ10k8FJaS245xpc/zivRMS7cgk01oGHG5hfMD8NuxZKAmUoHihMUw1
AFwqfe8DknoLY9XS3pb5ZLWWF95S+VN5B6cUFWy7VQ2dcZKzg74U7I1gziO8
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:21:55 2024 by rpki-client on console-fra.rpki-client.org