Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/ynCWUyfbJnTUiKxeySGl7jLw7_A.roa
File: ynCWUyfbJnTUiKxeySGl7jLw7_A.roa (raw, json)
Hash identifier: YVEdGzV6nStbfKY2Db/9ujcFGts1GAoDMMgGkOs/dNQ=
Subject key identifier: CA:70:96:53:27:DB:26:74:D4:88:AC:5E:C9:21:A5:EE:32:F0:EF:F0
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018CCA287F5A0DFE728A350E128E4C9E0B4F
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/ynCWUyfbJnTUiKxeySGl7jLw7_A.roa
Signing time: Tue 02 Jan 2024 12:31:40 +0000
ROA not before: Tue 02 Jan 2024 12:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61292
IP address blocks: 2a0e:1c80:1a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:7f:5a:0d:fe:72:8a:35:0e:12:8e:4c:9e:0b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 2 12:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca70965327db2674d488ac5ec921a5ee32f0eff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d5:4b:84:2f:c2:eb:eb:ce:49:24:bd:68:ab:
2a:3d:87:33:77:3a:76:a5:ef:14:ae:75:e3:fd:46:
fb:24:76:bb:6e:ce:07:c4:e2:0f:8f:f6:e8:75:56:
99:58:d9:bb:0c:dc:18:14:41:3e:57:34:63:ed:da:
9e:f6:4c:66:2b:e6:3b:ab:fc:20:0c:87:6c:18:f1:
45:d4:12:dc:75:70:62:9b:15:66:44:27:93:29:b4:
66:93:fd:ac:b4:8d:c4:aa:33:7e:20:d4:b7:79:b5:
76:6a:d9:b5:78:ac:5d:23:18:4f:b7:6b:86:42:42:
e6:df:00:97:ec:6a:3b:a6:cf:6c:d6:73:d0:e9:2f:
e5:d6:30:c0:af:5f:69:db:0b:0d:07:1d:e4:9e:88:
bd:c9:f8:9b:63:5f:74:6e:8f:9e:0c:53:eb:c1:a8:
10:61:79:c2:48:ec:73:61:11:e2:bd:d8:48:ba:a7:
5c:47:87:79:b6:d1:5f:45:7a:c2:9c:4a:24:56:2d:
00:b0:51:ff:a3:10:35:46:7a:39:00:64:1e:95:63:
db:12:f9:2c:4f:28:5c:70:f5:e0:fe:63:86:7e:15:
23:18:f3:43:ff:28:a8:20:67:6e:cc:57:82:ab:d9:
7e:ce:64:02:bd:52:e6:d2:ba:3f:33:87:34:88:e1:
cb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:70:96:53:27:DB:26:74:D4:88:AC:5E:C9:21:A5:EE:32:F0:EF:F0
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/ynCWUyfbJnTUiKxeySGl7jLw7_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:1a::/48
Signature Algorithm: sha256WithRSAEncryption
67:19:13:ec:c6:13:38:23:0b:91:16:f7:6e:d4:0a:cc:3d:31:
2c:dc:1c:89:44:91:5b:b1:fd:c1:08:fa:ac:7c:d4:45:5d:a9:
10:89:05:21:54:0c:af:75:be:73:88:5b:5a:78:d5:34:68:41:
e7:56:cf:cb:c1:60:8c:f7:e8:34:a4:2a:a2:3c:54:65:eb:30:
a5:f7:de:54:e8:a1:81:a7:16:11:1d:7c:f9:3c:c3:50:75:27:
3f:e1:2a:82:72:01:4c:94:53:1f:8d:48:f2:56:6f:6d:fd:52:
ac:30:dc:04:67:69:a7:3a:3b:95:e0:9d:e9:e8:5b:8c:4d:bf:
b9:74:db:52:d6:f6:12:35:8d:8d:47:07:95:ce:fe:c1:c0:df:
52:f6:ac:89:1d:ea:c0:e7:32:30:35:bc:10:97:69:dc:3e:38:
16:31:5c:56:f7:1d:ed:35:cd:b9:22:e4:60:c8:8c:d1:52:96:
d8:1b:ed:df:59:6c:cd:31:74:04:38:b1:92:85:ff:a8:f1:8e:
22:e4:60:cd:24:5e:01:fb:2f:6b:0a:3e:cf:3f:01:4c:cb:78:
20:7e:bb:d5:ce:f4:9c:f9:f5:63:76:50:80:08:84:ec:33:e4:
d5:2a:cf:9c:eb:89:43:27:34:73:8f:06:03:30:0b:53:a4:50:
26:88:91:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKH9aDf5yijUOEo5MngtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTcwOTY1MzI3ZGIyNjc0ZDQ4OGFjNWVjOTIxYTVlZTMyZjBlZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNVLhC/C6+vOSSS9aKsqPYczdzp2
pe8UrnXj/Ub7JHa7bs4HxOIPj/bodVaZWNm7DNwYFEE+VzRj7dqe9kxmK+Y7q/wg
DIdsGPFF1BLcdXBimxVmRCeTKbRmk/2stI3EqjN+INS3ebV2atm1eKxdIxhPt2uG
QkLm3wCX7Go7ps9s1nPQ6S/l1jDAr19p2wsNBx3knoi9yfibY190bo+eDFPrwagQ
YXnCSOxzYRHivdhIuqdcR4d5ttFfRXrCnEokVi0AsFH/oxA1Rno5AGQelWPbEvks
TyhccPXg/mOGfhUjGPND/yioIGduzFeCq9l+zmQCvVLm0ro/M4c0iOHLqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMpwllMn2yZ01IisXskhpe4y8O/wMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEveW5DV1V5ZmJKblRVaUt4ZXlTR2w3akx3N19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cgAAa
MA0GCSqGSIb3DQEBCwUAA4IBAQBnGRPsxhM4IwuRFvdu1ArMPTEs3ByJRJFbsf3B
CPqsfNRFXakQiQUhVAyvdb5ziFtaeNU0aEHnVs/LwWCM9+g0pCqiPFRl6zCl995U
6KGBpxYRHXz5PMNQdSc/4SqCcgFMlFMfjUjyVm9t/VKsMNwEZ2mnOjuV4J3p6FuM
Tb+5dNtS1vYSNY2NRweVzv7BwN9S9qyJHerA5zIwNbwQl2ncPjgWMVxW9x3tNc25
IuRgyIzRUpbYG+3fWWzNMXQEOLGShf+o8Y4i5GDNJF4B+y9rCj7PPwFMy3ggfrvV
zvSc+fVjdlCACITsM+TVKs+c64lDJzRzjwYDMAtTpFAmiJFY
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:02:07 2024 by rpki-client on console-fra.rpki-client.org