Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/f8GezFn4Djg1OS7aVfRyZ-Ut_Qo.roa
File: f8GezFn4Djg1OS7aVfRyZ-Ut_Qo.roa (raw, json)
Hash identifier: jki+DkdRo2Eh/gDNJpRck8FkvL7XHTZSu/NjR44Uxu4=
Subject key identifier: 7F:C1:9E:CC:59:F8:0E:38:35:39:2E:DA:55:F4:72:67:E5:2D:FD:0A
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018D7A7C301DDF054A8CEFB9EB377A74CBD1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/f8GezFn4Djg1OS7aVfRyZ-Ut_Qo.roa
Signing time: Mon 05 Feb 2024 18:16:15 +0000
ROA not before: Mon 05 Feb 2024 18:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a0f:5ec0::/29 maxlen: 32
2a0f:7fc0::/29 maxlen: 32
2a0f:edc0::/29 maxlen: 32
2a11:6600::/29 maxlen: 32
2a11:6c00::/29 maxlen: 32
2a11:d400::/29 maxlen: 32
2a11:f080::/29 maxlen: 32
2a12:3c80::/29 maxlen: 32
2a12:e4c0::/29 maxlen: 32
2a13:3a80::/29 maxlen: 32
2a13:3e80::/29 maxlen: 32
2a13:4680::/29 maxlen: 32
2a13:64c0::/29 maxlen: 32
2a13:6540::/29 maxlen: 32
2a13:6840::/29 maxlen: 32
2a13:68c0::/29 maxlen: 32
2a13:69c0::/29 maxlen: 32
2a13:6a40::/29 maxlen: 32
2a13:6ac0::/29 maxlen: 32
2a13:6bc0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:7c:30:1d:df:05:4a:8c:ef:b9:eb:37:7a:74:cb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 5 18:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fc19ecc59f80e3835392eda55f47267e52dfd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c5:af:c5:1d:5a:0f:42:ac:8c:73:1e:2b:ae:
f5:5d:76:81:8b:57:18:9c:b2:fa:11:88:00:bd:09:
74:b0:81:3a:3a:c3:c3:fd:36:75:fb:e8:b8:58:6e:
1c:ff:cb:ac:25:37:e3:18:87:69:2d:1e:77:15:b6:
6c:37:e7:92:0b:98:e5:b7:2c:51:41:d3:14:25:e1:
ce:ed:11:71:b3:b9:dd:5d:49:33:05:00:7c:8c:e3:
ef:1a:56:77:a6:73:1e:c4:58:a9:a6:0e:8a:88:74:
9a:13:e0:c4:16:02:bc:fa:04:f9:59:50:04:9c:b4:
a9:3b:b8:e1:4e:a0:8c:f8:13:d8:1c:88:bd:9e:1e:
60:5b:f7:3b:88:a8:13:3a:29:b6:f4:90:45:07:de:
03:81:5f:5f:cc:f8:ec:8a:83:8b:24:96:22:1d:eb:
cf:18:7b:38:ba:59:2b:85:77:7f:83:e8:b3:6d:91:
bf:35:69:02:b9:10:e4:a7:ec:71:da:c6:28:c6:aa:
3d:62:b1:e9:19:b4:c4:6b:09:02:da:a3:6b:e7:4d:
9f:09:10:4e:5d:fa:8e:5e:c1:10:5b:ef:b0:e8:18:
3f:ce:7f:1b:52:c2:ea:6c:45:f2:46:64:0b:a0:1a:
ec:89:34:1d:80:b6:de:c7:dc:87:4c:b9:1f:29:2a:
2c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C1:9E:CC:59:F8:0E:38:35:39:2E:DA:55:F4:72:67:E5:2D:FD:0A
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/f8GezFn4Djg1OS7aVfRyZ-Ut_Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a11:6600::/29
2a11:6c00::/29
2a11:d400::/29
2a11:f080::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:34:74:4f:af:36:f0:05:ce:fe:80:ed:e3:3d:4e:9b:14:3a:
7b:44:0d:15:e7:0c:70:a3:69:56:22:90:fc:6b:6a:d6:82:6a:
83:2a:df:cb:21:12:f5:08:98:da:ec:45:91:41:89:97:23:b3:
ca:75:dc:48:ad:f1:f5:e3:38:4d:45:6e:40:8f:ca:65:ea:3d:
6c:36:d5:ae:fe:44:3e:4c:6f:ae:6a:d7:9d:2a:5d:21:1d:9e:
fb:c3:12:b7:c6:14:85:6e:48:ca:8d:68:d9:b6:19:7b:c6:0b:
35:65:9d:73:d3:d0:1d:54:cd:9b:25:03:4c:a0:a9:80:e7:d1:
9a:f7:66:4b:fa:39:ed:02:9b:db:7c:32:38:65:31:20:0d:eb:
b7:b5:ae:10:7c:b0:64:96:58:5f:1a:8f:b3:f9:8b:50:ac:7f:
a7:a7:92:76:a4:fc:27:72:ec:2f:b7:80:14:1b:af:2c:0a:ff:
e4:84:57:83:dc:1c:4b:9e:12:5f:25:6f:f0:8c:d0:da:80:56:
90:7d:15:7d:a3:84:40:45:43:bb:4d:f1:6a:c0:53:4b:ba:f3:
17:88:70:c9:66:16:24:7c:e3:58:cd:17:ac:fd:04:99:ab:5f:
16:1a:16:a4:2b:e4:30:04:56:3c:8b:c1:49:e5:a3:3a:07:eb:
8e:cb:ac:7e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAY16fDAd3wVKjO+56zd6dMvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMjA1MTgxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmMxOWVjYzU5ZjgwZTM4MzUzOTJlZGE1NWY0NzI2N2U1MmRmZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsWvxR1aD0KsjHMeK671XXaBi1cY
nLL6EYgAvQl0sIE6OsPD/TZ1++i4WG4c/8usJTfjGIdpLR53FbZsN+eSC5jltyxR
QdMUJeHO7RFxs7ndXUkzBQB8jOPvGlZ3pnMexFippg6KiHSaE+DEFgK8+gT5WVAE
nLSpO7jhTqCM+BPYHIi9nh5gW/c7iKgTOim29JBFB94DgV9fzPjsioOLJJYiHevP
GHs4ulkrhXd/g+izbZG/NWkCuRDkp+xx2sYoxqo9YrHpGbTEawkC2qNr502fCRBO
XfqOXsEQW++w6Bg/zn8bUsLqbEXyRmQLoBrsiTQdgLbex9yHTLkfKSos9QIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFH/BnsxZ+A44NTku2lX0cmflLf0KMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZjhHZXpGbjREamcxT1M3YVZmUnlaLVV0X1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAIwgYwDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqEWYAAwUDKhFsAAMFAyoR1AADBQMqEfCAAwUD
KhI8gAMFAyoS5MADBQMqEzqAAwUDKhM+gAMFAyoTRoADBQMqE2TAAwUDKhNlQAMF
AyoTaEADBQMqE2jAAwUDKhNpwAMFAyoTakADBQMqE2rAAwUDKhNrwDANBgkqhkiG
9w0BAQsFAAOCAQEAsjR0T6828AXO/oDt4z1OmxQ6e0QNFecMcKNpViKQ/Gtq1oJq
gyrfyyES9QiY2uxFkUGJlyOzynXcSK3x9eM4TUVuQI/KZeo9bDbVrv5EPkxvrmrX
nSpdIR2e+8MSt8YUhW5Iyo1o2bYZe8YLNWWdc9PQHVTNmyUDTKCpgOfRmvdmS/o5
7QKb23wyOGUxIA3rt7WuEHywZJZYXxqPs/mLUKx/p6eSdqT8J3LsL7eAFBuvLAr/
5IRXg9wcS54SXyVv8IzQ2oBWkH0VfaOEQEVDu03xasBTS7rzF4hwyWYWJHzjWM0X
rP0EmatfFhoWpCvkMARWPIvBSeWjOgfrjsusfg==
-----END CERTIFICATE-----
Generated at Wed May 8 22:59:56 2024 by rpki-client on console-ams.rpki-client.org