Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wfLHfkY6cDiZu_U78fzBsSsqQLs.roa
File: wfLHfkY6cDiZu_U78fzBsSsqQLs.roa (raw, json)
Hash identifier: Npz8DwPeDN5z5uvocsORRfBMeYmr2qrL3UteeWPJVkg=
Subject key identifier: C1:F2:C7:7E:46:3A:70:38:99:BB:F5:3B:F1:FC:C1:B1:2B:2A:40:BB
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018FAA8E977CB9DD6379B8174668FF98E758
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wfLHfkY6cDiZu_U78fzBsSsqQLs.roa
Signing time: Fri 24 May 2024 12:23:42 +0000
ROA not before: Fri 24 May 2024 12:23:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:c0c0::/29 maxlen: 29
2a11:d900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:8e:97:7c:b9:dd:63:79:b8:17:46:68:ff:98:e7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: May 24 12:23:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1f2c77e463a703899bbf53bf1fcc1b12b2a40bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:15:21:d6:f1:0e:28:65:d6:29:27:54:37:e5:
47:55:fc:45:cc:ad:fe:2a:a7:9e:80:3d:7e:e1:92:
aa:58:b1:e2:82:6c:65:4e:24:df:46:7c:cb:c1:38:
3a:83:95:44:d3:b2:0b:66:b3:7d:dc:06:02:c8:d3:
ab:70:e2:8a:19:15:ab:99:87:89:67:20:e2:dc:7e:
d8:64:65:6d:1d:79:ca:b7:4a:ee:17:c3:66:2a:fe:
6a:40:82:82:0e:9a:66:ed:91:2a:d5:10:b7:73:2e:
44:c7:26:97:2c:b0:57:9e:ca:28:e2:b3:d1:54:81:
e0:9a:a2:2d:71:7b:f7:34:ea:d4:61:6d:05:72:10:
b8:79:63:d0:62:d6:dd:65:ae:10:d3:e8:22:2f:49:
08:87:36:04:6c:7a:38:b0:79:5d:86:87:a1:f5:bb:
f7:32:1f:ce:1b:61:85:ed:94:cf:c1:0d:c5:f4:d4:
d3:a1:cd:26:ce:2f:9b:e5:e4:ae:ed:01:ea:65:43:
e7:27:9f:11:ab:16:fd:ad:4b:d9:54:66:29:47:c3:
23:3f:d0:d8:91:99:c2:e3:79:c5:f7:d3:e7:ad:c0:
91:91:56:ee:24:06:44:7a:61:8e:de:1b:61:1d:11:
6b:e9:25:84:40:0f:f7:9c:b9:d4:25:ba:cb:f1:e8:
46:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F2:C7:7E:46:3A:70:38:99:BB:F5:3B:F1:FC:C1:B1:2B:2A:40:BB
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/wfLHfkY6cDiZu_U78fzBsSsqQLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c0c0::/29
2a11:d900::/29
Signature Algorithm: sha256WithRSAEncryption
43:8b:ac:a6:54:9a:92:51:3f:ab:a8:c1:38:ab:03:61:e9:37:
6f:ba:c6:ef:a2:75:00:f6:7e:ab:c4:6c:e9:e3:13:2e:ec:38:
7b:d7:c3:f0:5a:11:1a:dd:32:2a:28:62:7c:9c:ec:a3:5d:c0:
67:d9:e1:66:f7:0f:09:ae:bf:26:e8:e9:85:dc:31:3c:6a:34:
97:51:93:24:81:f4:ad:ed:35:e6:b1:d5:e3:4a:24:95:2a:4d:
0e:a0:c4:90:78:17:4d:40:a8:1d:ff:d6:4c:77:97:e8:2d:89:
3d:1c:34:5f:c2:78:a0:19:97:4d:5d:14:4b:61:20:39:cb:d9:
e5:4f:5d:e7:c5:65:c5:37:d3:6b:62:37:7b:bf:8f:7b:8f:ab:
37:5a:ef:2d:15:1c:4e:cc:33:d9:fb:0c:b2:8d:97:67:77:06:
59:a5:11:f6:0a:0a:7e:77:8d:de:d2:cd:2c:97:c9:8c:d2:a2:
60:46:af:5f:c8:90:49:c0:82:46:38:2a:1d:0b:37:c9:f9:cd:
7d:cc:2f:d2:8b:ab:1f:35:d8:eb:c4:0d:98:4f:25:12:f6:af:
4d:ee:64:7f:0c:4c:43:a5:49:3a:2e:54:f2:23:cd:16:59:41:
5b:07:59:72:67:3c:f5:96:e5:26:c6:6f:3e:ef:eb:5f:27:72:
6d:8b:2a:b6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY+qjpd8ud1jebgXRmj/mOdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwNTI0MTIyMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYyYzc3ZTQ2M2E3MDM4OTliYmY1M2JmMWZjYzFiMTJiMmE0MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hUh1vEOKGXWKSdUN+VHVfxFzK3+
KqeegD1+4ZKqWLHigmxlTiTfRnzLwTg6g5VE07ILZrN93AYCyNOrcOKKGRWrmYeJ
ZyDi3H7YZGVtHXnKt0ruF8NmKv5qQIKCDppm7ZEq1RC3cy5ExyaXLLBXnsoo4rPR
VIHgmqItcXv3NOrUYW0FchC4eWPQYtbdZa4Q0+giL0kIhzYEbHo4sHldhoeh9bv3
Mh/OG2GF7ZTPwQ3F9NTToc0mzi+b5eSu7QHqZUPnJ58Rqxb9rUvZVGYpR8MjP9DY
kZnC43nF99PnrcCRkVbuJAZEemGO3hthHRFr6SWEQA/3nLnUJbrL8ehGmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMHyx35GOnA4mbv1O/H8wbErKkC7MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvd2ZMSGZrWTZjRGladV9VNzhmekJzU3NxUUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhHAwAMF
AyoR2QAwDQYJKoZIhvcNAQELBQADggEBAEOLrKZUmpJRP6uowTirA2HpN2+6xu+i
dQD2fqvEbOnjEy7sOHvXw/BaERrdMiooYnyc7KNdwGfZ4Wb3Dwmuvybo6YXcMTxq
NJdRkySB9K3tNeax1eNKJJUqTQ6gxJB4F01AqB3/1kx3l+gtiT0cNF/CeKAZl01d
FEthIDnL2eVPXefFZcU302tiN3u/j3uPqzda7y0VHE7MM9n7DLKNl2d3BlmlEfYK
Cn53jd7SzSyXyYzSomBGr1/IkEnAgkY4Kh0LN8n5zX3ML9KLqx812OvEDZhPJRL2
r03uZH8MTEOlSTouVPIjzRZZQVsHWXJnPPWW5SbGbz7v618ncm2LKrY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:40:35 2024 by rpki-client on console-ams.rpki-client.org