Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/J-iE8h7abWlRE7kUl139Zu1NTJg.roa
File: J-iE8h7abWlRE7kUl139Zu1NTJg.roa (raw, json)
Hash identifier: CTqPVZb/7lyoaNzlLaPA34FdzrH7dRrxnVwwWwP6XO8=
Subject key identifier: 27:E8:84:F2:1E:DA:6D:69:51:13:B9:14:97:5D:FD:66:ED:4D:4C:98
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 018CC793DAD45295E9D67A4BA0182DFB7550
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/J-iE8h7abWlRE7kUl139Zu1NTJg.roa
Signing time: Tue 02 Jan 2024 00:30:04 +0000
ROA not before: Tue 02 Jan 2024 00:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212996
IP address blocks: 2a13:d8c0::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:da:d4:52:95:e9:d6:7a:4b:a0:18:2d:fb:75:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 2 00:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27e884f21eda6d695113b914975dfd66ed4d4c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:8f:de:b3:ed:9b:5e:c4:1d:94:36:2c:7d:
85:7d:b4:3f:40:45:be:dd:f4:31:46:87:ba:08:33:
11:c1:f3:a1:6b:bf:fa:3d:4e:e1:7f:2c:fd:45:63:
5b:9b:21:11:e7:a0:22:46:42:9e:e2:68:59:2c:e3:
7a:b2:72:2b:c6:9a:6f:0f:73:25:83:c9:56:a9:12:
dd:d3:c8:86:6d:ab:4b:a5:ef:e4:34:3a:13:f8:89:
81:ab:bf:5b:d9:9f:d2:0e:62:2a:0d:b3:af:bb:0b:
52:e2:45:51:15:17:64:08:77:d7:36:51:90:00:2c:
ed:5b:a5:ba:a0:87:49:ff:be:5d:f3:65:2a:8a:db:
17:9b:4b:77:43:17:60:f7:a9:98:ce:59:35:d2:d8:
91:1e:35:29:0e:4e:a7:ec:af:e4:ab:8f:aa:c7:a3:
18:02:72:df:d4:81:e1:cf:8a:e4:25:0f:39:06:d3:
ab:35:3a:a8:8d:9c:73:cb:16:4b:20:53:1e:73:46:
ce:51:8e:3f:bb:dd:72:b6:ff:41:f4:b2:f6:ed:16:
ce:52:86:1b:90:81:70:ea:b0:f7:c0:3d:16:b2:79:
a0:0e:97:50:bb:e3:f0:17:c4:b6:c7:5b:5d:83:ba:
5e:19:91:49:fb:0c:36:a7:9e:70:65:0e:27:85:fb:
ba:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E8:84:F2:1E:DA:6D:69:51:13:B9:14:97:5D:FD:66:ED:4D:4C:98
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/J-iE8h7abWlRE7kUl139Zu1NTJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
23:9e:d9:24:05:d0:37:86:3e:45:de:64:1c:e9:c1:69:69:44:
42:f8:9e:12:84:12:ca:21:ae:c9:54:23:f3:5f:af:99:b9:6a:
8b:76:23:b5:52:7d:5b:07:c4:07:a1:7a:cb:70:da:97:b4:67:
88:aa:8a:6b:7f:1b:d5:ab:d9:21:5e:89:23:7d:88:e3:fa:20:
8b:fd:57:e5:2d:5b:5e:cd:d5:22:97:b0:25:7d:22:0c:24:7b:
7e:a4:59:24:c6:e6:69:37:c1:7c:f5:6a:95:dd:1b:8b:47:62:
d9:16:25:4c:44:98:cf:2f:d3:bd:b9:f5:91:f0:2a:b3:49:e5:
d6:ba:5e:8b:af:8c:e8:8b:65:eb:28:d8:08:12:5a:a1:a8:50:
b0:12:63:20:ad:c1:c5:25:d1:46:2d:4d:96:3c:74:75:e0:47:
28:89:6e:4e:0e:94:c4:c8:9d:40:29:0e:a8:0c:a5:dc:2a:83:
16:78:52:39:d7:ec:f4:4c:7f:48:24:96:50:9f:af:a1:37:a5:
d5:43:ee:5a:c7:c9:ae:38:3e:09:78:15:28:56:79:a9:2f:92:
8a:24:81:76:50:f1:7b:10:7f:17:f9:26:9b:a8:48:b2:83:a9:
78:d7:d7:00:d6:e6:5d:3e:5c:82:34:19:2f:c1:2d:56:90:29:
9a:18:e3:d3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHk9rUUpXp1npLoBgt+3VQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjQwMTAyMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2U4ODRmMjFlZGE2ZDY5NTExM2I5MTQ5NzVkZmQ2NmVkNGQ0Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopSP3rPtm17EHZQ2LH2FfbQ/QEW+
3fQxRoe6CDMRwfOha7/6PU7hfyz9RWNbmyER56AiRkKe4mhZLON6snIrxppvD3Ml
g8lWqRLd08iGbatLpe/kNDoT+ImBq79b2Z/SDmIqDbOvuwtS4kVRFRdkCHfXNlGQ
ACztW6W6oIdJ/75d82UqitsXm0t3Qxdg96mYzlk10tiRHjUpDk6n7K/kq4+qx6MY
AnLf1IHhz4rkJQ85BtOrNTqojZxzyxZLIFMec0bOUY4/u91ytv9B9LL27RbOUoYb
kIFw6rD3wD0WsnmgDpdQu+PwF8S2x1tdg7peGZFJ+ww2p55wZQ4nhfu6owIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCfohPIe2m1pURO5FJdd/WbtTUyYMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvSi1pRThoN2FiV2xSRTdrVWwxMzladTFOVEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAI57ZJAXQN4Y+Rd5kHOnBaWlEQvieEoQSyiGuyVQj
81+vmblqi3YjtVJ9WwfEB6F6y3Dal7RniKqKa38b1avZIV6JI32I4/ogi/1X5S1b
Xs3VIpewJX0iDCR7fqRZJMbmaTfBfPVqld0bi0di2RYlTESYzy/Tvbn1kfAqs0nl
1rpei6+M6Itl6yjYCBJaoahQsBJjIK3BxSXRRi1Nljx0deBHKIluTg6UxMidQCkO
qAyl3CqDFnhSOdfs9Ex/SCSWUJ+voTel1UPuWsfJrjg+CXgVKFZ5qS+SiiSBdlDx
exB/F/kmm6hIsoOpeNfXANbmXT5cgjQZL8EtVpApmhjj0w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:10 2024 by rpki-client on console-fra.rpki-client.org