Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/c8WrLVu_21_PKTbhCc7excuHkV8.roa
File: c8WrLVu_21_PKTbhCc7excuHkV8.roa (raw, json)
Hash identifier: 5qQ/9bSH4F/YykiMEHSAjGwjG3PSHqJlXb+t1DVhdbE=
Subject key identifier: 73:C5:AB:2D:5B:BF:DB:5F:CF:29:36:E1:09:CE:DE:C5:CB:87:91:5F
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 018CC492E3E1EFE36B067367B92D65192A02
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/c8WrLVu_21_PKTbhCc7excuHkV8.roa
Signing time: Mon 01 Jan 2024 10:30:10 +0000
ROA not before: Mon 01 Jan 2024 10:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3308
IP address blocks: 2001:2010::/28 maxlen: 28
2001:2010::/31 maxlen: 31
2001:2000:1000::/40 maxlen: 40
2001:2012::/32 maxlen: 32
2001:2092::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e3:e1:ef:e3:6b:06:73:67:b9:2d:65:19:2a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 10:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73c5ab2d5bbfdb5fcf2936e109cedec5cb87915f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:68:9e:9a:b0:8d:08:74:cf:ea:42:95:df:46:
b6:71:a5:68:05:8e:7a:bc:e9:a1:18:0e:49:6e:37:
9a:13:71:ad:2e:45:fd:69:ea:cf:27:37:3a:7b:9d:
50:82:58:45:bc:9b:fa:ea:57:fa:78:95:18:a4:c0:
44:e8:9e:67:5c:11:15:1e:cf:cb:c0:33:dd:fb:3f:
ec:1d:06:4b:e0:91:1c:58:42:e4:23:6c:08:22:6a:
2a:5a:f8:ea:f0:d6:1e:0a:45:ba:5d:69:9a:56:35:
39:f7:05:ec:fa:10:74:05:12:64:f6:e0:f0:c0:bc:
a9:51:67:5f:49:eb:9b:94:e7:f1:88:25:cd:01:bd:
0e:f8:86:9b:a8:21:0b:9e:3a:ae:a3:30:55:20:c8:
22:e2:28:ab:43:7d:b3:40:ae:45:b3:54:04:01:2e:
dc:60:6b:30:12:4b:5d:33:16:db:be:03:bc:91:b1:
54:a9:74:2b:71:f2:3a:24:bb:8d:2d:fc:cb:40:31:
9c:9f:e0:29:61:ad:db:58:7b:f0:11:82:1c:ab:72:
1d:71:b2:3b:a2:86:d1:e3:e0:f7:c1:61:22:cb:6b:
56:ce:6f:7b:ac:fe:c0:1d:f3:80:41:67:51:d4:c3:
5f:91:c5:70:9f:89:30:d2:a9:e6:f3:7a:96:56:f4:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C5:AB:2D:5B:BF:DB:5F:CF:29:36:E1:09:CE:DE:C5:CB:87:91:5F
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/c8WrLVu_21_PKTbhCc7excuHkV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:1000::/40
2001:2010::/28
2001:2092::/32
Signature Algorithm: sha256WithRSAEncryption
4d:ca:6b:e8:0a:28:c6:46:d5:bb:c2:28:a8:60:7c:f1:90:68:
06:96:2e:a4:2d:d6:67:8d:f5:07:02:bd:f0:51:2e:b4:87:79:
b5:f6:95:95:27:2f:27:70:b4:56:6d:bb:32:0f:99:37:6a:00:
51:c6:8f:24:68:ec:6a:9a:e5:03:3b:2b:a3:45:b7:71:1e:6f:
0b:ef:4b:3c:9a:a9:23:7e:79:1c:4e:29:d7:2a:44:85:eb:42:
fb:b1:c0:67:ec:be:eb:cd:c7:9d:18:b2:94:49:ab:2b:3b:a7:
cf:cd:c4:6b:8a:5f:0f:d8:0d:f7:b9:45:aa:bb:fe:f5:59:9b:
fa:c0:3a:69:2c:88:b3:1e:16:3f:ae:a7:97:9f:f0:60:dc:7b:
9e:3f:ee:0f:a7:5b:1a:da:b8:5c:d9:88:bd:7a:9c:0c:5e:3e:
f6:e6:1f:10:14:f6:1c:ef:40:0c:a4:95:fc:d8:10:0b:b1:91:
32:8c:1e:79:a0:23:99:68:4a:ff:e6:08:4a:86:ba:fe:13:cf:
b0:d5:b8:41:4c:32:e1:23:2a:46:ff:3e:f3:8d:9c:b4:c3:45:
39:c5:7f:e1:8a:35:97:1c:2e:a0:bd:e6:01:1e:6c:2c:f7:e5:
8d:ad:ab:4d:46:a9:0b:d9:27:ee:28:af:bf:f5:09:ba:91:b4:
52:9c:d5:9d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzEkuPh7+NrBnNnuS1lGSoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjQwMTAxMTAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2M1YWIyZDViYmZkYjVmY2YyOTM2ZTEwOWNlZGVjNWNiODc5MTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmiemrCNCHTP6kKV30a2caVoBY56
vOmhGA5JbjeaE3GtLkX9aerPJzc6e51QglhFvJv66lf6eJUYpMBE6J5nXBEVHs/L
wDPd+z/sHQZL4JEcWELkI2wIImoqWvjq8NYeCkW6XWmaVjU59wXs+hB0BRJk9uDw
wLypUWdfSeublOfxiCXNAb0O+IabqCELnjquozBVIMgi4iirQ32zQK5Fs1QEAS7c
YGswEktdMxbbvgO8kbFUqXQrcfI6JLuNLfzLQDGcn+ApYa3bWHvwEYIcq3IdcbI7
oobR4+D3wWEiy2tWzm97rP7AHfOAQWdR1MNfkcVwn4kw0qnm83qWVvREGQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHPFqy1bv9tfzyk24QnO3sXLh5FfMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvYzhXckxWdV8yMV9QS1RiaENjN2V4Y3VIa1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAAjAWAwYAIAEgABAD
BQQgASAQAwUAIAEgkjANBgkqhkiG9w0BAQsFAAOCAQEATcpr6AooxkbVu8IoqGB8
8ZBoBpYupC3WZ431BwK98FEutId5tfaVlScvJ3C0Vm27Mg+ZN2oAUcaPJGjsaprl
Azsro0W3cR5vC+9LPJqpI355HE4p1ypEhetC+7HAZ+y+683HnRiylEmrKzunz83E
a4pfD9gN97lFqrv+9Vmb+sA6aSyIsx4WP66nl5/wYNx7nj/uD6dbGtq4XNmIvXqc
DF4+9uYfEBT2HO9ADKSV/NgQC7GRMoweeaAjmWhK/+YISoa6/hPPsNW4QUwy4SMq
Rv8+842ctMNFOcV/4Yo1lxwuoL3mAR5sLPflja2rTUapC9kn7iivv/UJupG0UpzV
nQ==
-----END CERTIFICATE-----
Generated at Sun May 19 23:02:54 2024 by rpki-client on console-fra.rpki-client.org