Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/jyHhTaRtrIt-HEtbEdwi2lq1s5c.roa
File: jyHhTaRtrIt-HEtbEdwi2lq1s5c.roa (raw, json)
Hash identifier: D32JjZfMCjT214MXwf52qO5S8rL84wzzzzyR4yFbf3A=
Subject key identifier: 8F:21:E1:4D:A4:6D:AC:8B:7E:1C:4B:5B:11:DC:22:DA:5A:B5:B3:97
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018CC2DB0300DA0578BCA0F9D1EA88A12A9F
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/jyHhTaRtrIt-HEtbEdwi2lq1s5c.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207401
IP address blocks: 2a0f:5707:fff4::/48 maxlen: 48
2a0f:5707:fff5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:03:00:da:05:78:bc:a0:f9:d1:ea:88:a1:2a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f21e14da46dac8b7e1c4b5b11dc22da5ab5b397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e9:3e:60:b1:69:f0:f0:01:da:4e:dd:96:30:
72:1e:52:9c:77:99:46:30:59:9e:cd:04:36:58:f9:
ce:b8:c9:3e:f7:c2:59:fa:be:d3:1a:56:4d:e5:b4:
1b:f6:a8:ff:7f:a8:a3:45:55:e7:bf:e8:06:1b:4d:
c1:30:15:e1:2c:fd:59:8e:c7:2f:5b:e3:f4:98:f3:
c5:c9:0e:d1:d4:fb:a4:85:b8:ac:cf:84:86:8f:76:
ff:8e:a1:2f:ae:bf:33:04:0c:2f:82:d8:53:72:c8:
b4:eb:8f:82:63:9a:16:69:09:63:e1:59:4b:66:29:
8c:d3:a4:f0:b6:a6:09:f1:c6:a1:22:d4:b4:c1:db:
20:06:b0:d4:30:13:f6:7b:fe:8a:f7:11:44:99:5b:
2a:5a:5c:03:56:1c:ed:6e:25:d1:4e:85:95:21:94:
0a:f1:bb:8e:35:64:7d:5a:b5:31:33:b1:56:38:de:
67:6d:0a:6a:48:f9:6f:58:cd:84:cc:52:17:14:80:
e7:81:ee:ed:34:58:dd:f9:51:43:ea:5c:a4:5d:95:
7d:8d:99:1b:b9:77:26:e1:82:c0:5f:43:93:c4:e3:
7c:87:f7:7c:1c:b6:5d:5a:03:d4:64:69:4c:d0:f2:
e8:99:10:b0:0e:ee:4f:33:1f:54:15:ee:ba:75:35:
ab:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:21:E1:4D:A4:6D:AC:8B:7E:1C:4B:5B:11:DC:22:DA:5A:B5:B3:97
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/jyHhTaRtrIt-HEtbEdwi2lq1s5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:fff4::/47
Signature Algorithm: sha256WithRSAEncryption
7c:a3:1f:5b:63:c9:f6:78:b0:77:9e:3c:3c:e5:ef:50:87:9b:
c4:41:81:ee:e2:04:d5:65:43:97:61:4d:80:14:32:57:20:d2:
4c:37:bd:27:b6:8c:9d:6a:02:a9:63:46:08:3a:f2:91:a1:56:
e4:d3:4e:df:65:ab:82:ef:58:9e:ad:34:69:3a:60:c5:7f:b5:
09:d2:76:da:48:c7:73:88:a8:9d:1e:c0:5d:3e:94:13:1e:5f:
ae:78:27:7b:ab:9b:2b:7d:29:96:29:7f:52:26:75:b7:44:91:
77:29:de:31:80:87:77:e1:83:03:af:ce:37:1f:3a:44:01:09:
38:55:a9:79:8a:d2:d1:8d:30:3f:49:d0:9a:81:8c:d5:7c:dd:
10:68:62:fd:fa:08:ee:43:a9:14:cf:e3:d8:59:88:de:3e:91:
56:dc:a6:0c:ce:fd:36:bc:6c:b7:3b:79:0d:f0:77:d2:f1:4d:
e2:6f:62:ac:03:04:bf:c7:3f:a0:b9:19:cb:2f:77:6e:49:15:
59:78:5c:61:f3:b3:cd:24:c9:15:2c:4d:d3:3c:db:71:f9:19:
97:c2:f4:48:ac:b0:9b:af:18:9c:08:e5:3a:a7:ea:fe:9a:ac:
45:9a:c4:1b:f1:2c:17:d7:ed:ea:5e:5d:75:96:37:41:84:31:
a6:84:4f:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2wMA2gV4vKD50eqIoSqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjIxZTE0ZGE0NmRhYzhiN2UxYzRiNWIxMWRjMjJkYTVhYjViMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquk+YLFp8PAB2k7dljByHlKcd5lG
MFmezQQ2WPnOuMk+98JZ+r7TGlZN5bQb9qj/f6ijRVXnv+gGG03BMBXhLP1Zjscv
W+P0mPPFyQ7R1Pukhbisz4SGj3b/jqEvrr8zBAwvgthTcsi064+CY5oWaQlj4VlL
ZimM06TwtqYJ8cahItS0wdsgBrDUMBP2e/6K9xFEmVsqWlwDVhztbiXRToWVIZQK
8buONWR9WrUxM7FWON5nbQpqSPlvWM2EzFIXFIDnge7tNFjd+VFD6lykXZV9jZkb
uXcm4YLAX0OTxON8h/d8HLZdWgPUZGlM0PLomRCwDu5PMx9UFe66dTWrqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI8h4U2kbayLfhxLWxHcItpatbOXMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvanlIaFRhUnRySXQtSEV0YkVkd2kybHExczVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg9XB//0
MA0GCSqGSIb3DQEBCwUAA4IBAQB8ox9bY8n2eLB3njw85e9Qh5vEQYHu4gTVZUOX
YU2AFDJXINJMN70ntoydagKpY0YIOvKRoVbk007fZauC71ierTRpOmDFf7UJ0nba
SMdziKidHsBdPpQTHl+ueCd7q5srfSmWKX9SJnW3RJF3Kd4xgId34YMDr843HzpE
AQk4Val5itLRjTA/SdCagYzVfN0QaGL9+gjuQ6kUz+PYWYjePpFW3KYMzv02vGy3
O3kN8HfS8U3ib2KsAwS/xz+guRnLL3duSRVZeFxh87PNJMkVLE3TPNtx+RmXwvRI
rLCbrxicCOU6p+r+mqxFmsQb8SwX1+3qXl11ljdBhDGmhE+H
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:07:36 2024 by rpki-client on console-fra.rpki-client.org