Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/26tFgjgcf7yAw77EBfDadbJDTis.roa
File: 26tFgjgcf7yAw77EBfDadbJDTis.roa (raw, json)
Hash identifier: RWCxBk3vhvnVCfxrSw1EgBBrAKb5m4lXs72Y9UKfpuo=
Subject key identifier: DB:AB:45:82:38:1C:7F:BC:80:C3:BE:C4:05:F0:DA:75:B2:43:4E:2B
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 018CC7958A7EB31E83F3E9E0689FAA6AC173
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/26tFgjgcf7yAw77EBfDadbJDTis.roa
Signing time: Tue 02 Jan 2024 00:31:55 +0000
ROA not before: Tue 02 Jan 2024 00:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57010
IP address blocks: 2a04:ac00:4::/48 maxlen: 48
2a04:ac00:5::/48 maxlen: 48
2a04:ac00:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8a:7e:b3:1e:83:f3:e9:e0:68:9f:aa:6a:c1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 00:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbab4582381c7fbc80c3bec405f0da75b2434e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b8:0e:50:f0:0e:4a:7e:fd:9b:90:94:2c:c3:
96:5d:d9:e6:e8:6a:9a:c7:fd:2c:91:dd:fb:be:42:
db:06:00:f0:17:9b:e5:67:1a:d0:09:d5:2d:2f:80:
26:5b:ab:fa:ce:41:3b:c2:ea:f6:e9:58:22:a4:bf:
39:68:64:6b:92:f0:b4:01:60:d7:61:ab:19:70:bb:
cb:1e:31:d7:37:1e:f5:f6:78:ff:f4:06:a9:b5:e9:
a1:50:54:79:73:b8:c3:49:aa:7f:93:6b:ec:55:cf:
e4:a1:fe:4c:3c:2e:33:23:c9:4e:d9:3f:a7:40:55:
7b:8f:ad:30:97:d2:79:b6:75:92:15:54:02:1f:a0:
52:eb:cf:fe:11:8f:89:50:74:da:94:bc:5d:fb:bc:
0e:3f:c5:98:97:3a:7a:ff:77:95:c3:40:be:b3:84:
be:12:27:dd:70:95:4c:f4:74:39:5c:d0:5d:f0:f2:
7d:44:b2:fb:16:c8:1a:16:38:bb:d4:5b:2f:6e:f0:
63:96:87:5d:ff:86:c2:58:ae:de:33:5f:80:6e:c2:
4a:12:e4:e6:0d:d2:94:c0:ed:ba:fc:34:11:37:f8:
0c:e0:2e:17:29:b6:47:b5:2a:61:71:29:95:87:a0:
cf:9b:a7:26:09:fc:e7:86:f8:ae:92:2f:37:a0:82:
48:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AB:45:82:38:1C:7F:BC:80:C3:BE:C4:05:F0:DA:75:B2:43:4E:2B
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/26tFgjgcf7yAw77EBfDadbJDTis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ac00:4::/47
2a04:ac00:8::/48
Signature Algorithm: sha256WithRSAEncryption
74:94:d9:85:05:33:90:68:a9:6d:ec:a3:3c:f5:1f:7c:5a:f5:
79:26:3b:71:a1:6f:52:a3:7b:3a:22:28:a6:dd:92:ce:7e:61:
02:aa:75:71:2d:d4:a4:e2:42:fb:87:64:81:d9:01:20:72:f8:
5c:c9:d3:25:88:bb:3d:bd:4f:f9:74:3c:53:0c:c4:ef:3a:a2:
bb:01:a2:2c:9f:91:7a:ee:77:58:e9:c8:82:0d:3f:d1:6f:70:
4a:b9:4f:1b:7c:ab:a1:d9:5b:72:b6:4d:93:31:28:73:5f:17:
1c:1e:f4:97:bf:be:54:4f:3b:4d:a1:48:76:c5:c8:0f:d3:96:
2d:20:86:f5:f3:87:0a:5a:ed:02:eb:a6:78:ea:1d:f6:4f:45:
ce:1b:39:90:53:9d:c8:5b:0a:97:e3:9b:94:6e:b5:d9:4b:43:
a5:3d:a5:c4:4c:21:22:61:92:34:ca:f6:90:3f:9a:ff:da:49:
df:58:44:8e:16:d4:94:5f:53:2c:21:86:3b:10:c8:f2:be:03:
f0:41:c4:a0:36:b6:36:12:f2:bf:04:9d:e5:89:5a:90:b1:fe:
6b:4d:e5:13:9a:58:fd:2f:5f:81:3c:46:0e:d7:ae:5a:06:4c:
dc:63:cb:ab:6c:33:76:36:56:bf:d4:7e:aa:81:9d:e1:c8:29:
29:30:16:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlYp+sx6D8+ngaJ+qasFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjQwMTAyMDAzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmFiNDU4MjM4MWM3ZmJjODBjM2JlYzQwNWYwZGE3NWIyNDM0ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLgOUPAOSn79m5CULMOWXdnm6Gqa
x/0skd37vkLbBgDwF5vlZxrQCdUtL4AmW6v6zkE7wur26VgipL85aGRrkvC0AWDX
YasZcLvLHjHXNx719nj/9AaptemhUFR5c7jDSap/k2vsVc/kof5MPC4zI8lO2T+n
QFV7j60wl9J5tnWSFVQCH6BS68/+EY+JUHTalLxd+7wOP8WYlzp6/3eVw0C+s4S+
EifdcJVM9HQ5XNBd8PJ9RLL7FsgaFji71FsvbvBjlodd/4bCWK7eM1+AbsJKEuTm
DdKUwO26/DQRN/gM4C4XKbZHtSphcSmVh6DPm6cmCfznhviuki83oIJIwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNurRYI4HH+8gMO+xAXw2nWyQ04rMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvMjZ0RmdqZ2NmN3lBdzc3RUJmRGFkYkpEVGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcBKgSsAAAE
AwcAKgSsAAAIMA0GCSqGSIb3DQEBCwUAA4IBAQB0lNmFBTOQaKlt7KM89R98WvV5
JjtxoW9So3s6Iiim3ZLOfmECqnVxLdSk4kL7h2SB2QEgcvhcydMliLs9vU/5dDxT
DMTvOqK7AaIsn5F67ndY6ciCDT/Rb3BKuU8bfKuh2Vtytk2TMShzXxccHvSXv75U
TztNoUh2xcgP05YtIIb184cKWu0C66Z46h32T0XOGzmQU53IWwqX45uUbrXZS0Ol
PaXETCEiYZI0yvaQP5r/2knfWESOFtSUX1MsIYY7EMjyvgPwQcSgNrY2EvK/BJ3l
iVqQsf5rTeUTmlj9L1+BPEYO165aBkzcY8urbDN2Nla/1H6qgZ3hyCkpMBba
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:26 2024 by rpki-client on console-ams.rpki-client.org