Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/rYc3J-elJAITQg8UxNkM8T9-RfM.roa
File: rYc3J-elJAITQg8UxNkM8T9-RfM.roa (raw, json)
Hash identifier: Wztc/y0K6iKk/TuJx2K3MT67ESSQGkOUPA84gDB6Aiw=
Subject key identifier: AD:87:37:27:E7:A5:24:02:13:42:0F:14:C4:D9:0C:F1:3F:7E:45:F3
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 018FDECF21E57F5B07DFC28CF2F2CCA41168
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/rYc3J-elJAITQg8UxNkM8T9-RfM.roa
Signing time: Mon 03 Jun 2024 15:54:27 +0000
ROA not before: Mon 03 Jun 2024 15:54:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 2a04:cfc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:cf:21:e5:7f:5b:07:df:c2:8c:f2:f2:cc:a4:11:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jun 3 15:54:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad873727e7a5240213420f14c4d90cf13f7e45f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a1:95:56:da:55:31:04:b9:10:ac:69:63:60:
d0:34:06:cb:ac:4f:14:a5:e8:fd:3d:c0:85:e2:52:
98:10:83:d5:2c:19:01:a7:1e:78:25:79:cd:e0:0c:
78:d2:88:0a:bc:b7:e0:22:e3:c0:d2:ed:4e:90:19:
a9:7c:c6:d4:73:e5:a3:29:2e:67:f9:37:97:35:bd:
8c:30:22:4e:7c:fd:8c:65:a0:5e:f6:68:94:5a:29:
33:5d:5f:ef:df:85:ca:84:7f:67:d2:73:f7:c2:da:
75:4c:ef:76:3d:fa:d9:3d:ef:29:7e:39:60:62:26:
c0:69:04:89:c0:37:76:01:50:86:d1:04:16:c9:09:
2e:0d:78:8f:4f:b5:5b:75:a7:67:e1:6c:7e:d2:74:
81:b8:a9:e4:5f:ff:fe:12:ac:eb:84:93:e6:1c:ce:
b3:05:eb:ab:31:73:1d:09:1d:74:fb:51:95:42:c1:
58:e7:8f:b4:be:c8:b8:d1:c8:68:2c:ca:57:13:13:
84:a4:0f:43:7e:d4:11:5b:ce:c6:76:21:0e:43:0b:
ca:47:a1:99:9e:b2:e9:13:fa:60:37:6a:af:8c:da:
9a:06:0a:15:c8:7a:da:c0:78:81:a6:ee:48:d8:ab:
fb:cb:92:2c:22:2b:64:14:ee:88:88:54:8c:1c:e0:
45:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:87:37:27:E7:A5:24:02:13:42:0F:14:C4:D9:0C:F1:3F:7E:45:F3
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/rYc3J-elJAITQg8UxNkM8T9-RfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
d5:14:c9:85:3c:05:df:83:d2:d9:b0:45:b6:87:41:d1:96:42:
75:d0:2a:19:3f:12:01:6b:0c:ba:bf:6a:eb:d9:34:69:e9:1b:
88:dc:ef:e2:d9:4d:6f:da:d2:03:18:fc:ad:75:d6:ce:15:32:
a1:4b:3d:8e:eb:ba:81:e5:4b:fb:f7:c7:00:10:f8:e4:b7:aa:
7a:c3:dd:03:a9:13:5c:a0:79:62:e0:0f:ec:f0:ad:26:b0:2c:
b3:38:37:a0:49:c2:13:83:20:b0:51:ea:b2:38:32:a6:87:39:
d8:c0:fb:f5:cb:12:4d:bf:ed:b0:0b:29:c1:f4:e2:88:23:1c:
ad:ce:ad:83:3d:5a:bb:bd:c8:66:f3:7c:bd:7b:2b:c3:a8:8f:
e1:0c:37:57:38:58:64:0c:2d:7d:62:33:f7:62:c7:11:8e:4f:
fa:3b:f0:0c:94:26:15:99:3a:b1:fa:d6:c0:33:c1:ea:b4:e4:
9b:bb:fc:9c:29:80:b2:e1:d3:17:f8:8d:07:d6:88:70:fe:8f:
3f:fe:aa:a4:3d:46:e9:81:43:97:6a:05:39:65:b3:4f:5a:87:
ef:69:4e:76:af:45:5c:ec:9c:10:d9:21:5f:86:c4:56:f9:df:
1e:3f:c5:08:4a:e0:0f:98:60:8a:83:4d:37:d4:55:95:13:be:
54:98:30:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY/ezyHlf1sH38KM8vLMpBFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjQwNjAzMTU1NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDg3MzcyN2U3YTUyNDAyMTM0MjBmMTRjNGQ5MGNmMTNmN2U0NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaGVVtpVMQS5EKxpY2DQNAbLrE8U
pej9PcCF4lKYEIPVLBkBpx54JXnN4Ax40ogKvLfgIuPA0u1OkBmpfMbUc+WjKS5n
+TeXNb2MMCJOfP2MZaBe9miUWikzXV/v34XKhH9n0nP3wtp1TO92PfrZPe8pfjlg
YibAaQSJwDd2AVCG0QQWyQkuDXiPT7Vbdadn4Wx+0nSBuKnkX//+EqzrhJPmHM6z
BeurMXMdCR10+1GVQsFY54+0vsi40choLMpXExOEpA9DftQRW87GdiEOQwvKR6GZ
nrLpE/pgN2qvjNqaBgoVyHrawHiBpu5I2Kv7y5IsIitkFO6IiFSMHOBFdwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK2HNyfnpSQCE0IPFMTZDPE/fkXzMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvclljM0otZWxKQUlUUWc4VXhOa004VDktUmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgTPwDAN
BgkqhkiG9w0BAQsFAAOCAQEA1RTJhTwF34PS2bBFtodB0ZZCddAqGT8SAWsMur9q
69k0aekbiNzv4tlNb9rSAxj8rXXWzhUyoUs9juu6geVL+/fHABD45LeqesPdA6kT
XKB5YuAP7PCtJrAsszg3oEnCE4MgsFHqsjgypoc52MD79csSTb/tsAspwfTiiCMc
rc6tgz1au73IZvN8vXsrw6iP4Qw3VzhYZAwtfWIz92LHEY5P+jvwDJQmFZk6sfrW
wDPB6rTkm7v8nCmAsuHTF/iNB9aIcP6PP/6qpD1G6YFDl2oFOWWzT1qH72lOdq9F
XOycENkhX4bEVvnfHj/FCErgD5hgioNNN9RVlRO+VJgwRg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:08 2024 by rpki-client on console-ams.rpki-client.org