Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/rZa4nTZ3ffncvWXNlO1ZfQSHqt0.roa
File: rZa4nTZ3ffncvWXNlO1ZfQSHqt0.roa (raw, json)
Hash identifier: dPu1M8WVqGSsUPBrC8c5SQH8Xu2qrBF2vWayQj6M8TI=
Subject key identifier: AD:96:B8:9D:36:77:7D:F9:DC:BD:65:CD:94:ED:59:7D:04:87:AA:DD
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018D65797A0BE17A68934D7A5DB7100AE3C0
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/rZa4nTZ3ffncvWXNlO1ZfQSHqt0.roa
Signing time: Thu 01 Feb 2024 16:21:16 +0000
ROA not before: Thu 01 Feb 2024 16:21:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a0f:5ec0::/29 maxlen: 32
2a0f:7fc0::/29 maxlen: 32
2a0f:edc0::/29 maxlen: 32
2a11:6600::/29 maxlen: 32
2a11:6c00::/29 maxlen: 32
2a11:d400::/29 maxlen: 32
2a11:f080::/29 maxlen: 32
2a12:3c80::/29 maxlen: 32
2a12:e4c0::/29 maxlen: 32
2a13:3a80::/29 maxlen: 32
2a13:3e80::/29 maxlen: 32
2a13:4680::/29 maxlen: 32
2a13:64c0::/29 maxlen: 32
2a13:6540::/29 maxlen: 32
2a13:6840::/29 maxlen: 32
2a13:68c0::/29 maxlen: 32
2a13:69c0::/29 maxlen: 32
2a13:6a40::/29 maxlen: 32
2a13:6ac0::/29 maxlen: 32
2a13:6bc0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:79:7a:0b:e1:7a:68:93:4d:7a:5d:b7:10:0a:e3:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 1 16:21:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad96b89d36777df9dcbd65cd94ed597d0487aadd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:7d:c0:dd:46:c5:08:43:4f:93:ba:ff:87:55:
cb:43:5b:56:c6:d4:b1:f0:fd:b3:90:3c:9f:dd:d0:
25:61:f1:9b:57:8c:c5:12:f7:dd:dc:d5:08:1c:b3:
df:56:bf:63:3a:46:b2:41:6d:bd:52:1b:d3:8a:46:
07:8c:b1:f9:4c:61:67:be:0d:c7:85:38:6d:8c:1d:
17:5d:2c:97:c4:a4:6a:c8:db:98:8b:56:4e:f1:56:
5b:6a:5f:4d:0b:8a:c0:06:1b:ad:f6:2b:d7:df:ab:
7c:69:de:de:60:91:1e:eb:d5:f1:4c:34:1c:54:e6:
a4:ab:89:61:e7:91:10:03:c2:ab:f2:20:ef:3b:8b:
5a:a5:4a:af:7b:e4:7e:4f:1c:8f:0e:16:01:58:71:
6e:df:f2:8d:47:b1:18:ce:f1:7d:5e:7d:76:70:c3:
e5:75:55:ad:9a:c8:28:cb:3b:27:46:8d:04:18:b9:
55:f5:b8:bb:7f:87:ce:70:ba:d0:19:f0:65:06:87:
69:2c:1d:1c:d6:f9:7b:b7:6b:18:17:63:ad:a2:8c:
41:fc:8e:04:ac:a0:36:74:83:2c:53:17:9b:3e:a4:
1b:ff:40:c9:73:66:7d:66:d5:5c:56:17:78:bf:ac:
df:0e:53:ab:c5:fe:76:32:c7:21:5e:cd:32:d8:ae:
6d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:96:B8:9D:36:77:7D:F9:DC:BD:65:CD:94:ED:59:7D:04:87:AA:DD
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/rZa4nTZ3ffncvWXNlO1ZfQSHqt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a11:6600::/29
2a11:6c00::/29
2a11:d400::/29
2a11:f080::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:70:1b:f0:a8:47:a0:e3:25:43:67:76:8a:f3:4b:62:9e:70:
28:16:4a:1a:94:07:8f:89:ae:c0:eb:b8:cb:01:fd:0b:d7:0a:
ab:87:4f:64:b4:d8:96:c5:0d:23:ca:ad:b6:32:fb:5d:82:7f:
fb:df:1a:14:6e:51:c2:7f:63:02:77:03:ee:f1:32:b7:d1:93:
da:b5:86:57:c2:57:5a:4e:fc:0a:de:24:4c:7c:ec:5e:a0:31:
78:35:fa:fb:75:38:58:fb:fe:d6:43:ce:7d:49:ba:8e:d2:1f:
85:c9:4e:fc:37:be:ea:02:41:9b:fc:f7:68:db:04:da:4a:11:
ca:e8:ab:03:70:21:14:69:2b:bf:6e:8e:9d:b5:7a:19:53:97:
ea:df:dd:85:96:0d:7c:01:9e:cf:b8:9d:90:ac:99:39:78:f6:
b4:60:70:96:06:98:2d:e7:df:b3:4c:e3:52:44:d9:54:13:a3:
35:b8:53:45:61:63:4a:35:fd:41:84:23:28:d3:6e:05:c6:57:
17:93:e2:10:4e:58:e7:60:d1:d8:7a:39:8e:04:56:b8:2b:99:
e3:b3:a7:b1:ca:41:7d:7f:54:bf:3b:16:c7:d5:f5:5a:34:d5:
92:91:0b:a3:72:92:1b:03:21:5f:28:d7:45:10:3a:cf:b6:9a:
bc:96:0f:f4
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAY1leXoL4Xpok016XbcQCuPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMjAxMTYyMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk2Yjg5ZDM2Nzc3ZGY5ZGNiZDY1Y2Q5NGVkNTk3ZDA0ODdhYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjH3A3UbFCENPk7r/h1XLQ1tWxtSx
8P2zkDyf3dAlYfGbV4zFEvfd3NUIHLPfVr9jOkayQW29UhvTikYHjLH5TGFnvg3H
hThtjB0XXSyXxKRqyNuYi1ZO8VZbal9NC4rABhut9ivX36t8ad7eYJEe69XxTDQc
VOakq4lh55EQA8Kr8iDvO4tapUqve+R+TxyPDhYBWHFu3/KNR7EYzvF9Xn12cMPl
dVWtmsgoyzsnRo0EGLlV9bi7f4fOcLrQGfBlBodpLB0c1vl7t2sYF2OtooxB/I4E
rKA2dIMsUxebPqQb/0DJc2Z9ZtVcVhd4v6zfDlOrxf52MschXs0y2K5tdwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFK2WuJ02d3353L1lzZTtWX0Eh6rdMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvclphNG5UWjNmZm5jdldYTmxPMVpmUVNIcXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAIwgYwDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqEWYAAwUDKhFsAAMFAyoR1AADBQMqEfCAAwUD
KhI8gAMFAyoS5MADBQMqEzqAAwUDKhM+gAMFAyoTRoADBQMqE2TAAwUDKhNlQAMF
AyoTaEADBQMqE2jAAwUDKhNpwAMFAyoTakADBQMqE2rAAwUDKhNrwDANBgkqhkiG
9w0BAQsFAAOCAQEAm3Ab8KhHoOMlQ2d2ivNLYp5wKBZKGpQHj4muwOu4ywH9C9cK
q4dPZLTYlsUNI8qttjL7XYJ/+98aFG5Rwn9jAncD7vEyt9GT2rWGV8JXWk78Ct4k
THzsXqAxeDX6+3U4WPv+1kPOfUm6jtIfhclO/De+6gJBm/z3aNsE2koRyuirA3Ah
FGkrv26OnbV6GVOX6t/dhZYNfAGez7idkKyZOXj2tGBwlgaYLeffs0zjUkTZVBOj
NbhTRWFjSjX9QYQjKNNuBcZXF5PiEE5Y52DR2Ho5jgRWuCuZ47OnscpBfX9UvzsW
x9X1WjTVkpELo3KSGwMhXyjXRRA6z7aavJYP9A==
-----END CERTIFICATE-----
Generated at Wed May 8 04:37:56 2024 by rpki-client on console-ams.rpki-client.org