Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/YEIDM5VP6pDNSzhVyIBvi8lDeCI.roa
File: YEIDM5VP6pDNSzhVyIBvi8lDeCI.roa (raw, json)
Hash identifier: VfO7RaDBQnJXW+DJDu274bJ0HgDUiIBNrxwmhRosZYY=
Subject key identifier: 60:42:03:33:95:4F:EA:90:CD:4B:38:55:C8:80:6F:8B:C9:43:78:22
Certificate issuer: /CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Certificate serial: 018CC9BBF5E14B9B545431030EABC3AD4550
Authority key identifier: 53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/YEIDM5VP6pDNSzhVyIBvi8lDeCI.roa
Signing time: Tue 02 Jan 2024 10:33:07 +0000
ROA not before: Tue 02 Jan 2024 10:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48605
IP address blocks: 2a06:8181::/32 maxlen: 32
2a06:8184::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f5:e1:4b:9b:54:54:31:03:0e:ab:c3:ad:45:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f47a725c768d4de78fb31bb40fe16eba19f20d
Validity
Not Before: Jan 2 10:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60420333954fea90cd4b3855c8806f8bc9437822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f2:3b:5e:ed:a7:05:3e:7f:8a:62:6d:18:d6:
f8:0e:03:0a:9a:9e:8b:9d:c1:76:9d:96:18:ac:9e:
23:c1:97:ec:d2:0c:42:8b:36:cc:39:87:48:5b:55:
0c:31:51:54:1f:4d:88:9b:fb:98:5e:62:40:52:7c:
ec:49:52:b2:fd:b6:ee:7d:d0:94:86:5d:c9:23:f3:
47:93:9f:85:10:63:dd:00:da:8f:d6:5a:83:75:f2:
19:95:b7:ad:91:20:81:52:cd:b9:ce:5f:e7:eb:71:
c2:fb:26:f1:a9:e6:c5:f4:46:ae:02:41:84:bb:71:
f7:21:ed:c5:c0:0d:70:8d:fe:69:0c:86:63:bb:ba:
44:60:a4:34:0f:a4:23:b7:46:12:ce:e5:8d:4d:f4:
0f:0c:7f:ec:cf:d4:3b:d7:ee:2c:38:ba:8b:b5:4f:
d3:86:e2:14:f9:12:9f:d5:f1:5f:b0:14:9b:fa:0f:
30:ca:1d:97:78:34:93:05:a2:29:86:ab:1f:db:7d:
56:4a:65:8e:06:95:ee:61:a7:f7:7d:4b:38:e0:d5:
12:f5:f2:97:a2:7c:59:15:05:a2:89:98:40:cb:53:
43:05:f1:08:39:94:83:5a:a5:f5:44:ba:cb:0e:6e:
cd:17:c9:da:ab:35:64:10:80:9a:51:e0:af:cc:e8:
0d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:42:03:33:95:4F:EA:90:CD:4B:38:55:C8:80:6F:8B:C9:43:78:22
X509v3 Authority Key Identifier:
keyid:53:F4:7A:72:5C:76:8D:4D:E7:8F:B3:1B:B4:0F:E1:6E:BA:19:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_R6clx2jU3nj7MbtA_hbroZ8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/YEIDM5VP6pDNSzhVyIBvi8lDeCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6401f3-6df0-4038-b0bc-574713845dbc/1/U_R6clx2jU3nj7MbtA_hbroZ8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:8181::/32
2a06:8184::/32
Signature Algorithm: sha256WithRSAEncryption
8f:79:81:43:c0:87:fc:58:cd:02:da:51:48:55:26:37:e2:0d:
3a:c4:61:ef:87:cb:65:5b:d7:88:4a:cb:e9:5b:5d:6e:02:fa:
b2:a8:04:16:70:1a:bf:8f:ea:bd:b1:d6:97:e8:79:66:9d:79:
de:40:0a:f4:64:c5:3e:b3:6e:17:68:ce:32:1b:80:6e:af:13:
1e:22:a4:f6:df:50:f7:f7:0f:1d:eb:44:69:2a:c4:3a:bd:15:
42:a5:22:f4:ce:eb:33:fd:6f:0c:86:08:9a:ba:84:de:05:1f:
d9:35:d8:46:3e:d3:6f:85:08:c3:79:c3:23:62:90:09:47:f2:
fd:13:eb:f6:ef:2f:f7:45:f1:17:11:b7:57:3b:4e:e2:65:92:
e4:59:02:98:68:bb:cc:0e:75:40:67:1a:5b:2f:47:a7:4b:f5:
bf:e9:a7:c4:32:23:a3:63:f5:d0:10:de:f5:84:8f:c6:33:3d:
b0:b9:12:4c:5f:e7:e0:5a:bc:46:ff:0a:39:4e:3b:9f:7a:4e:
73:63:77:ea:a0:47:91:27:ff:09:03:cb:53:c0:69:87:fd:bc:
0b:13:7a:2c:ce:a2:fa:4c:74:85:1e:37:66:d0:24:f0:33:9a:
0f:9a:a6:62:54:12:42:44:dd:e2:bb:70:f8:aa:58:b1:0d:65:
d5:69:fa:2e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJu/XhS5tUVDEDDqvDrUVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjQ3YTcyNWM3NjhkNGRlNzhmYjMxYmI0MGZlMTZlYmEx
OWYyMGQwHhcNMjQwMTAyMTAzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQyMDMzMzk1NGZlYTkwY2Q0YjM4NTVjODgwNmY4YmM5NDM3ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/I7Xu2nBT5/imJtGNb4DgMKmp6L
ncF2nZYYrJ4jwZfs0gxCizbMOYdIW1UMMVFUH02Im/uYXmJAUnzsSVKy/bbufdCU
hl3JI/NHk5+FEGPdANqP1lqDdfIZlbetkSCBUs25zl/n63HC+ybxqebF9EauAkGE
u3H3Ie3FwA1wjf5pDIZju7pEYKQ0D6Qjt0YSzuWNTfQPDH/sz9Q71+4sOLqLtU/T
huIU+RKf1fFfsBSb+g8wyh2XeDSTBaIphqsf231WSmWOBpXuYaf3fUs44NUS9fKX
onxZFQWiiZhAy1NDBfEIOZSDWqX1RLrLDm7NF8naqzVkEICaUeCvzOgNtwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGBCAzOVT+qQzUs4VciAb4vJQ3giMB8GA1UdIwQY
MBaAFFP0enJcdo1N54+zG7QP4W66GfINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMt
NTc0NzEzODQ1ZGJjLzEvWUVJRE01VlA2cEROU3poVnlJQnZpOGxEZUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82NDAxZjMtNmRmMC00MDM4LWIwYmMtNTc0NzEzODQ1ZGJj
LzEvVV9SNmNseDJqVTNuajdNYnRBX2hicm9aOGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgaBgQMF
ACoGgYQwDQYJKoZIhvcNAQELBQADggEBAI95gUPAh/xYzQLaUUhVJjfiDTrEYe+H
y2Vb14hKy+lbXW4C+rKoBBZwGr+P6r2x1pfoeWaded5ACvRkxT6zbhdozjIbgG6v
Ex4ipPbfUPf3Dx3rRGkqxDq9FUKlIvTO6zP9bwyGCJq6hN4FH9k12EY+02+FCMN5
wyNikAlH8v0T6/bvL/dF8RcRt1c7TuJlkuRZAphou8wOdUBnGlsvR6dL9b/pp8Qy
I6Nj9dAQ3vWEj8YzPbC5Ekxf5+BavEb/CjlOO596TnNjd+qgR5En/wkDy1PAaYf9
vAsTeizOovpMdIUeN2bQJPAzmg+apmJUEkJE3eK7cPiqWLENZdVp+i4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:29:19 2024 by rpki-client on console-fra.rpki-client.org