Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/hyL2cK4VHoae0mCCMCQVsg6MNN0.roa
File: hyL2cK4VHoae0mCCMCQVsg6MNN0.roa (raw, json)
Hash identifier: tli/ARRAG6zAhI6a3AeMT1nOEJanX2l8FtOPRCUTGAs=
Subject key identifier: 87:22:F6:70:AE:15:1E:86:9E:D2:60:82:30:24:15:B2:0E:8C:34:DD
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018F2F490FFA4CFA705D138B36DDCA3CCA29
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/hyL2cK4VHoae0mCCMCQVsg6MNN0.roa
Signing time: Tue 30 Apr 2024 13:54:28 +0000
ROA not before: Tue 30 Apr 2024 13:54:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208973
IP address blocks: 2a07:3500:10c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:49:0f:fa:4c:fa:70:5d:13:8b:36:dd:ca:3c:ca:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Apr 30 13:54:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8722f670ae151e869ed26082302415b20e8c34dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7a:56:36:b6:0f:68:e9:c2:c9:4d:ce:cc:f9:
59:32:1a:8a:81:bc:ba:4f:a4:87:5a:15:b3:0a:4c:
5f:0a:92:79:03:8a:fb:48:43:8a:b4:39:d1:86:5f:
b5:45:3b:f5:b8:0f:fe:84:38:1a:cd:66:28:09:a5:
83:f3:0b:f6:a2:b2:da:59:85:61:15:03:60:be:3a:
13:0d:3e:6f:5f:06:80:cf:34:f3:7b:d7:d2:1b:30:
7b:24:3a:c9:ee:04:a0:6d:16:52:86:1c:56:20:32:
08:16:d6:98:c2:35:e7:50:b5:31:8b:33:8a:18:8d:
da:3c:30:38:10:1d:00:e7:23:45:c0:8d:18:6b:5a:
7d:c6:c0:41:71:c7:6f:81:b6:0f:aa:ff:5a:88:9c:
d2:44:3f:c6:bb:a3:cf:29:30:db:43:91:ab:07:90:
6b:e7:b8:19:fb:09:fb:79:a8:82:3f:0e:52:f2:43:
34:21:95:20:0c:d7:72:2f:d2:40:6e:43:d9:5e:96:
63:7d:14:c7:dd:51:5d:3d:75:12:96:c4:d4:2f:a1:
8b:40:f3:d1:07:13:0d:f2:e3:05:7e:ca:56:70:90:
11:9d:f9:60:58:08:20:e7:7d:ba:e1:a4:82:d1:b4:
d8:2a:76:67:7a:cf:27:8f:ad:3d:38:8e:66:02:89:
69:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:22:F6:70:AE:15:1E:86:9E:D2:60:82:30:24:15:B2:0E:8C:34:DD
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/hyL2cK4VHoae0mCCMCQVsg6MNN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:10c0::/48
Signature Algorithm: sha256WithRSAEncryption
a9:9e:ac:68:7c:3a:95:5f:bc:e6:37:bb:1d:c8:e0:91:7a:b0:
bd:e6:fa:cd:47:9b:a2:4e:f0:39:e5:64:37:73:56:3e:2c:31:
b5:1a:a3:f1:7a:58:32:89:f3:b1:56:8c:77:eb:35:0c:af:dd:
79:4c:e1:5e:f0:e5:f3:8b:d9:1c:02:cb:ed:19:ac:6a:3c:ac:
09:59:ac:b1:20:ce:52:d5:ae:f5:b9:36:76:15:af:27:7d:1c:
b4:d7:c2:34:e4:d6:a7:c2:55:03:42:fc:d3:f3:44:a5:cd:fa:
73:78:11:f0:e9:89:82:0d:af:92:83:31:e9:57:9a:c2:e3:a4:
e0:e4:43:29:5b:b9:c7:c2:b6:79:12:b3:77:4f:fb:23:f3:bc:
8d:b0:a7:19:e3:13:38:f3:6a:3c:d8:3a:52:b8:3a:ee:ab:fc:
c6:b5:51:17:35:24:fd:62:5d:31:5b:65:43:66:71:e0:12:19:
e9:06:1a:8c:c8:20:23:69:28:3f:ee:b3:93:e2:75:e3:3b:10:
b4:21:eb:51:e4:cb:b0:39:25:12:28:5d:35:2c:0d:66:71:40:
37:b9:2e:d0:0b:1d:4d:f4:eb:42:78:c3:ba:d5:64:1f:b2:8c:
12:56:79:11:27:8a:22:c2:52:6e:94:2e:3b:b6:2e:ab:24:fb:
e3:37:6c:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8vSQ/6TPpwXROLNt3KPMopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwNDMwMTM1NDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzIyZjY3MGFlMTUxZTg2OWVkMjYwODIzMDI0MTViMjBlOGMzNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnpWNrYPaOnCyU3OzPlZMhqKgby6
T6SHWhWzCkxfCpJ5A4r7SEOKtDnRhl+1RTv1uA/+hDgazWYoCaWD8wv2orLaWYVh
FQNgvjoTDT5vXwaAzzTze9fSGzB7JDrJ7gSgbRZShhxWIDIIFtaYwjXnULUxizOK
GI3aPDA4EB0A5yNFwI0Ya1p9xsBBccdvgbYPqv9aiJzSRD/Gu6PPKTDbQ5GrB5Br
57gZ+wn7eaiCPw5S8kM0IZUgDNdyL9JAbkPZXpZjfRTH3VFdPXUSlsTUL6GLQPPR
BxMN8uMFfspWcJARnflgWAgg53264aSC0bTYKnZnes8nj609OI5mAolp9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIci9nCuFR6GntJggjAkFbIOjDTdMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvaHlMMmNLNFZIb2FlMG1DQ01DUVZzZzZNTk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgc1ABDA
MA0GCSqGSIb3DQEBCwUAA4IBAQCpnqxofDqVX7zmN7sdyOCRerC95vrNR5uiTvA5
5WQ3c1Y+LDG1GqPxelgyifOxVox36zUMr915TOFe8OXzi9kcAsvtGaxqPKwJWayx
IM5S1a71uTZ2Fa8nfRy018I05NanwlUDQvzT80SlzfpzeBHw6YmCDa+SgzHpV5rC
46Tg5EMpW7nHwrZ5ErN3T/sj87yNsKcZ4xM482o82DpSuDruq/zGtVEXNST9Yl0x
W2VDZnHgEhnpBhqMyCAjaSg/7rOT4nXjOxC0IetR5MuwOSUSKF01LA1mcUA3uS7Q
Cx1N9OtCeMO61WQfsowSVnkRJ4oiwlJulC47ti6rJPvjN2y3
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:50:37 2024 by rpki-client on console-fra.rpki-client.org