Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/X8U1fXTvmTmSg8BFeD-IZRK9JYk.roa
File: X8U1fXTvmTmSg8BFeD-IZRK9JYk.roa (raw, json)
Hash identifier: Js4YjK71/RMeazKPVdm8wxLoz+u/XKl6k8BTbY+3pJc=
Subject key identifier: 5F:C5:35:7D:74:EF:99:39:92:83:C0:45:78:3F:88:65:12:BD:25:89
Certificate issuer: /CN=81413f5afc6443e8d2343518ac0b19fd30ba3c12
Certificate serial: 018CC42548D21D913449C3FEB028595827C3
Authority key identifier: 81:41:3F:5A:FC:64:43:E8:D2:34:35:18:AC:0B:19:FD:30:BA:3C:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/X8U1fXTvmTmSg8BFeD-IZRK9JYk.roa
Signing time: Mon 01 Jan 2024 08:30:26 +0000
ROA not before: Mon 01 Jan 2024 08:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213279
IP address blocks: 2001:678:d44::/48 maxlen: 48
2001:678:d44:1::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:48:d2:1d:91:34:49:c3:fe:b0:28:59:58:27:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81413f5afc6443e8d2343518ac0b19fd30ba3c12
Validity
Not Before: Jan 1 08:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fc5357d74ef99399283c045783f886512bd2589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ac:24:c9:c6:e8:eb:5d:f6:2c:83:95:c1:93:
6d:05:b2:a6:1a:d6:89:5b:fe:f0:a9:e9:63:ff:65:
a1:d6:ec:6c:98:7d:1e:c0:c3:c0:e2:0c:95:92:ee:
bd:56:6c:50:fa:3a:e8:3a:33:17:8e:83:d4:c6:39:
54:a4:82:82:99:c5:38:ef:3c:b0:03:22:97:1b:80:
e4:3f:37:ac:21:a5:e2:b1:8c:95:08:fd:a0:87:a5:
01:04:b0:4d:6f:6d:6e:e6:7b:ca:c4:36:c4:1d:b8:
2f:99:d9:e6:0b:be:20:90:85:a4:8f:40:78:a5:fb:
00:e1:28:f0:34:e4:13:ab:f0:56:57:06:41:ef:cf:
d3:f0:a7:a6:7b:f7:cd:bb:b3:fc:3f:d9:fb:ee:d4:
8b:36:e1:6f:1c:5c:30:f9:15:4d:2c:41:31:9f:3a:
6a:59:25:03:86:a6:be:47:a3:cd:0b:05:99:66:bd:
dd:db:57:d6:79:ab:9f:0d:1d:07:bd:31:cb:02:4b:
ef:71:93:ee:07:05:db:d4:26:5f:a5:4c:ae:cf:97:
7a:39:4a:c6:41:c2:39:fe:c4:ca:c9:d4:d4:63:ce:
69:8c:a2:4a:74:e0:1a:71:e6:cc:ba:ab:97:76:a2:
2c:00:59:60:27:ec:d2:b2:fd:7f:03:d9:e3:c2:02:
98:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C5:35:7D:74:EF:99:39:92:83:C0:45:78:3F:88:65:12:BD:25:89
X509v3 Authority Key Identifier:
keyid:81:41:3F:5A:FC:64:43:E8:D2:34:35:18:AC:0B:19:FD:30:BA:3C:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/X8U1fXTvmTmSg8BFeD-IZRK9JYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d44::/48
Signature Algorithm: sha256WithRSAEncryption
56:ae:22:8e:5b:96:7c:bc:0b:98:3e:a7:9a:60:a0:02:94:19:
42:a4:5e:5b:1d:4b:46:f4:67:24:64:d1:06:2a:35:40:f7:03:
d5:dc:8f:61:63:01:a1:d0:e9:51:e9:be:d3:ea:d1:2f:51:7c:
ad:ff:d9:b3:41:9c:c3:db:39:31:9a:85:14:c8:ae:bc:ca:3a:
f2:9a:bb:ea:b3:0b:cd:de:0e:d3:6d:0c:47:33:a8:a8:27:41:
b3:98:fb:2c:c6:e2:6e:d2:d0:ab:19:1a:6c:9e:3e:7e:85:87:
e4:0b:e2:44:cd:79:c3:5f:5c:ab:34:64:95:4c:a3:d2:2f:f0:
7f:de:6a:ce:8d:86:49:61:5c:a5:2f:7d:fe:ca:91:ee:60:1c:
aa:24:d0:09:ea:ee:09:82:9a:93:fb:96:51:e3:bc:20:17:14:
3c:59:bd:ea:51:82:06:ac:c2:86:80:09:96:e1:8e:5c:cf:bf:
42:09:df:2d:fc:85:7a:32:a8:81:05:9e:35:f6:98:26:95:61:
78:1d:d4:c4:cb:e0:2a:b0:a5:d1:da:b0:c7:9c:56:34:2e:91:
d5:87:1a:a8:0b:28:a0:15:1f:3d:25:cd:ad:c8:b6:eb:cf:e8:
0e:bb:a8:40:e8:49:e0:6b:c2:ca:e7:32:59:23:8b:22:f1:09:
bc:88:62:72
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJUjSHZE0ScP+sChZWCfDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNDEzZjVhZmM2NDQzZThkMjM0MzUxOGFjMGIxOWZkMzBi
YTNjMTIwHhcNMjQwMTAxMDgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmM1MzU3ZDc0ZWY5OTM5OTI4M2MwNDU3ODNmODg2NTEyYmQyNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36wkycbo6132LIOVwZNtBbKmGtaJ
W/7wqelj/2Wh1uxsmH0ewMPA4gyVku69VmxQ+jroOjMXjoPUxjlUpIKCmcU47zyw
AyKXG4DkPzesIaXisYyVCP2gh6UBBLBNb21u5nvKxDbEHbgvmdnmC74gkIWkj0B4
pfsA4SjwNOQTq/BWVwZB78/T8Keme/fNu7P8P9n77tSLNuFvHFww+RVNLEExnzpq
WSUDhqa+R6PNCwWZZr3d21fWeaufDR0HvTHLAkvvcZPuBwXb1CZfpUyuz5d6OUrG
QcI5/sTKydTUY85pjKJKdOAacebMuquXdqIsAFlgJ+zSsv1/A9njwgKYOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF/FNX1075k5koPARXg/iGUSvSWJMB8GA1UdIwQY
MBaAFIFBP1r8ZEPo0jQ1GKwLGf0wujwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1VFX1d2eGtRLWpTTkRVWXJBc1pfVEM2UEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMjQ5MWItNGZjNi00MDMzLTliZGEt
MjUxMGFkMzJjMmI0LzEvWDhVMWZYVHZtVG1TZzhCRmVELUlaUks5SllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMjQ5MWItNGZjNi00MDMzLTliZGEtMjUxMGFkMzJjMmI0
LzEvZ1VFX1d2eGtRLWpTTkRVWXJBc1pfVEM2UEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA1E
MA0GCSqGSIb3DQEBCwUAA4IBAQBWriKOW5Z8vAuYPqeaYKAClBlCpF5bHUtG9Gck
ZNEGKjVA9wPV3I9hYwGh0OlR6b7T6tEvUXyt/9mzQZzD2zkxmoUUyK68yjrymrvq
swvN3g7TbQxHM6ioJ0GzmPssxuJu0tCrGRpsnj5+hYfkC+JEzXnDX1yrNGSVTKPS
L/B/3mrOjYZJYVylL33+ypHuYByqJNAJ6u4JgpqT+5ZR47wgFxQ8Wb3qUYIGrMKG
gAmW4Y5cz79CCd8t/IV6MqiBBZ419pgmlWF4HdTEy+AqsKXR2rDHnFY0LpHVhxqo
CyigFR89Jc2tyLbrz+gOu6hA6Enga8LK5zJZI4si8Qm8iGJy
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:02:12 2024 by rpki-client on console-fra.rpki-client.org