Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cUHHgQ0MZ0QxGp6n8V-StKXONIk.roa
File: cUHHgQ0MZ0QxGp6n8V-StKXONIk.roa (raw, json)
Hash identifier: 1AXJUjHt7p8Xq6fXnuV1YwTOpLTZFr8g+TFgAFe2g1g=
Subject key identifier: 71:41:C7:81:0D:0C:67:44:31:1A:9E:A7:F1:5F:92:B4:A5:CE:34:89
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE90CF62AF80622FDB3463B94AE726
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cUHHgQ0MZ0QxGp6n8V-StKXONIk.roa
Signing time: Tue 02 Jan 2024 06:31:18 +0000
ROA not before: Tue 02 Jan 2024 06:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209562
IP address blocks: 2a09:9ac0::/48 maxlen: 48
2a09:95c0::/48 maxlen: 48
2a09:4f40::/48 maxlen: 48
2a09:9b40::/48 maxlen: 48
2a09:4fc0::/48 maxlen: 48
2a09:13c0::/48 maxlen: 48
2a09:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 12:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:90:cf:62:af:80:62:2f:db:34:63:b9:4a:e7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7141c7810d0c6744311a9ea7f15f92b4a5ce3489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:b9:88:ae:8b:ba:a2:64:f9:11:c0:d8:b4:
1d:96:03:7a:8f:d1:08:dd:02:dc:ba:12:a9:36:69:
57:48:d0:7f:a1:8b:3d:ef:c2:20:39:d0:1e:52:a1:
6a:14:fd:10:25:0b:d6:2e:1b:75:55:75:e7:f8:49:
a3:4b:03:1c:ee:68:0d:29:b5:6c:5f:1d:59:c7:1b:
a4:f0:90:9c:9c:32:be:e1:30:e9:49:76:a1:19:94:
f8:2e:4d:5b:d9:f8:1a:05:e4:e5:c8:e5:44:70:4b:
4a:bd:cb:4b:44:b8:3b:16:fd:21:ed:df:97:30:26:
4c:4a:05:eb:a0:c5:1c:b5:e5:98:b8:49:a3:25:c4:
b5:75:e9:de:9d:44:aa:86:2b:fa:0e:40:67:31:69:
e1:ae:d3:bc:a8:c4:56:7e:cb:2e:be:fc:f9:26:42:
e0:9f:1c:2e:5b:ca:37:42:5d:07:eb:0d:27:f9:06:
2d:e2:19:79:1d:9a:a1:ac:1e:81:c8:fa:16:d5:f5:
8c:f1:69:95:87:62:ed:3b:81:df:01:72:6f:33:e4:
27:f1:cd:f9:95:f1:99:7c:f8:61:eb:63:df:7a:2b:
31:a6:8b:36:2f:93:b2:22:ea:9c:ee:c4:21:2e:57:
28:4d:ac:40:02:bb:ae:24:d3:41:c6:61:40:db:76:
35:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:41:C7:81:0D:0C:67:44:31:1A:9E:A7:F1:5F:92:B4:A5:CE:34:89
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/cUHHgQ0MZ0QxGp6n8V-StKXONIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:13c0::/48
2a09:4f40::/48
2a09:4fc0::/48
2a09:5040::/48
2a09:95c0::/48
2a09:9ac0::/48
2a09:9b40::/48
Signature Algorithm: sha256WithRSAEncryption
99:3c:d0:15:8e:55:72:d7:e2:c3:c7:d9:5c:f0:7f:fd:66:b9:
e4:4a:ba:3b:f5:f2:0b:ad:1a:35:d1:8e:38:d9:9c:78:90:27:
b8:6c:4e:e9:c3:16:1b:b8:a4:7b:94:c5:bd:35:68:64:1b:26:
4d:df:ab:04:78:26:a2:2e:bc:5a:fb:ba:d9:21:9f:94:33:47:
1d:81:7f:aa:58:63:e5:dd:e1:f3:ee:19:83:f5:5e:be:66:49:
73:05:6e:ad:f0:32:d0:36:fa:11:ff:cc:8b:75:a3:b2:ac:e5:
d1:1d:1a:ed:ad:f3:09:8e:63:89:d1:97:d4:75:53:df:fc:5e:
be:fc:fa:40:b0:cb:71:d1:9d:67:1c:c2:a3:b1:6a:b8:a4:cf:
c3:2d:a2:b6:76:c4:25:88:e2:23:2a:b9:bc:f0:8a:c3:f7:2c:
2a:a9:e7:8d:e7:54:f0:77:80:c3:d5:3a:38:7d:e2:3e:b1:b6:
ee:a1:c4:3e:3d:95:81:40:aa:36:f3:c5:35:82:2b:ab:5b:b4:
22:b9:a4:8a:ac:b7:d3:ce:3d:8b:d2:9d:91:21:33:18:2f:8f:
e0:d8:4a:9e:0d:1b:2d:03:da:b4:23:0e:1e:9f:d6:b1:2f:6f:
b8:3e:4a:8c:61:a1:6f:21:ad:f3:57:72:97:72:8e:8c:58:95:
6d:53:3f:e8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzI3pDPYq+AYi/bNGO5SucmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQxYzc4MTBkMGM2NzQ0MzExYTllYTdmMTVmOTJiNGE1Y2UzNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEC5iK6LuqJk+RHA2LQdlgN6j9EI
3QLcuhKpNmlXSNB/oYs978IgOdAeUqFqFP0QJQvWLht1VXXn+EmjSwMc7mgNKbVs
Xx1Zxxuk8JCcnDK+4TDpSXahGZT4Lk1b2fgaBeTlyOVEcEtKvctLRLg7Fv0h7d+X
MCZMSgXroMUcteWYuEmjJcS1denenUSqhiv6DkBnMWnhrtO8qMRWfssuvvz5JkLg
nxwuW8o3Ql0H6w0n+QYt4hl5HZqhrB6ByPoW1fWM8WmVh2LtO4HfAXJvM+Qn8c35
lfGZfPhh62Pfeisxpos2L5OyIuqc7sQhLlcoTaxAAruuJNNBxmFA23Y1SQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHFBx4ENDGdEMRqep/FfkrSlzjSJMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvY1VISGdRME1aMFF4R3A2bjhWLVN0S1hPTklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgkTwAAA
AwcAKglPQAAAAwcAKglPwAAAAwcAKglQQAAAAwcAKgmVwAAAAwcAKgmawAAAAwcA
KgmbQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCZPNAVjlVy1+LDx9lc8H/9ZrnkSro7
9fILrRo10Y442Zx4kCe4bE7pwxYbuKR7lMW9NWhkGyZN36sEeCaiLrxa+7rZIZ+U
M0cdgX+qWGPl3eHz7hmD9V6+ZklzBW6t8DLQNvoR/8yLdaOyrOXRHRrtrfMJjmOJ
0ZfUdVPf/F6+/PpAsMtx0Z1nHMKjsWq4pM/DLaK2dsQliOIjKrm88IrD9ywqqeeN
51Twd4DD1To4feI+sbbuocQ+PZWBQKo288U1giurW7QiuaSKrLfTzj2L0p2RITMY
L4/g2EqeDRstA9q0Iw4en9axL2+4PkqMYaFvIa3zV3KXco6MWJVtUz/o
-----END CERTIFICATE-----
Generated at Wed May 8 19:40:45 2024 by rpki-client on console-fra.rpki-client.org