Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/YJxBPcbL2KropNEniMdBnt4wcFQ.roa
File: YJxBPcbL2KropNEniMdBnt4wcFQ.roa (raw, json)
Hash identifier: 0SIuNT/tu1pEsxQtg67Spwm/8iC/D7S/XJe3DErvo38=
Subject key identifier: 60:9C:41:3D:C6:CB:D8:AA:E8:A4:D1:27:88:C7:41:9E:DE:30:70:54
Certificate issuer: /CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Certificate serial: 018CC8706728B029A15270BCB24B7D858C9B
Authority key identifier: BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/YJxBPcbL2KropNEniMdBnt4wcFQ.roa
Signing time: Tue 02 Jan 2024 04:30:58 +0000
ROA not before: Tue 02 Jan 2024 04:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211935
IP address blocks: 2a0e:f43::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:67:28:b0:29:a1:52:70:bc:b2:4b:7d:85:8c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea649ef6030fc80848fdfe21d4321ac8011fd10
Validity
Not Before: Jan 2 04:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=609c413dc6cbd8aae8a4d12788c7419ede307054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:2d:03:8e:c2:cb:87:d1:ed:0c:0d:5c:a9:
4f:6f:79:29:9c:3c:5d:82:55:93:ac:0b:ea:e2:b1:
e6:66:00:37:e9:97:7c:66:c1:f3:2e:08:9a:77:61:
2f:81:cc:c4:65:ad:3f:9e:79:5c:83:24:03:1d:e7:
e5:83:f4:46:ca:f2:fb:f6:c0:72:c2:b0:14:a8:f6:
9a:5e:70:ec:18:54:ec:fd:ed:c9:07:67:48:82:c5:
7f:05:dc:06:97:4d:2f:f0:bb:af:01:b8:fa:99:fd:
14:aa:00:54:c9:01:94:4e:d8:26:c2:52:2d:66:33:
7f:c0:46:7b:f5:52:1f:da:33:fe:62:11:fa:1d:17:
6d:c7:f4:0b:ec:39:e4:79:d5:fb:24:33:0f:11:0f:
a2:2d:db:d2:3c:90:b9:11:f0:48:6a:5f:0c:11:fe:
8f:f4:44:fb:eb:5b:13:65:bb:06:36:6e:2d:9f:7c:
4c:fc:cf:88:6b:15:78:80:0d:88:c6:96:5c:27:89:
1f:8f:1b:e7:69:81:ef:a7:5b:32:c8:4b:6e:35:10:
b5:7b:14:62:51:95:b1:01:79:d9:72:33:14:a2:b8:
8c:a7:77:0a:5f:9a:5d:e7:d2:e7:48:1f:78:52:38:
4a:3b:75:96:78:86:0b:49:f7:c4:fd:74:24:c7:ba:
6c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9C:41:3D:C6:CB:D8:AA:E8:A4:D1:27:88:C7:41:9E:DE:30:70:54
X509v3 Authority Key Identifier:
keyid:BE:A6:49:EF:60:30:FC:80:84:8F:DF:E2:1D:43:21:AC:80:11:FD:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/YJxBPcbL2KropNEniMdBnt4wcFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/19455b-d2cf-4e5f-bf58-21df55ba9ebf/1/vqZJ72Aw_ICEj9_iHUMhrIAR_RA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f43::/48
Signature Algorithm: sha256WithRSAEncryption
44:6f:96:02:f3:da:f7:b4:d6:2d:9e:16:cd:41:03:10:b2:72:
28:08:c1:16:ae:71:90:6f:2e:e4:71:3f:22:19:6b:93:47:88:
96:5c:8c:b8:a0:98:1a:48:ad:04:fd:15:f8:40:ed:74:18:f9:
c6:da:e5:ba:92:9a:37:d7:ba:70:93:05:92:0b:22:a8:9c:e7:
f5:b1:81:bf:21:03:6e:de:40:1b:ce:6c:01:7e:23:b6:bc:d7:
6c:09:a2:b9:92:ca:c6:de:36:6b:9f:7b:4d:47:d1:27:2f:17:
31:51:ae:e0:82:2e:cf:86:43:ab:47:a8:1a:4f:fa:13:b1:ca:
66:ca:62:42:f2:58:e4:3a:d3:76:0a:02:a6:ee:8d:b8:33:26:
f8:b5:67:78:1f:c5:af:6b:77:64:64:45:15:4a:88:df:71:c5:
29:40:da:40:ba:8d:43:89:10:cf:2b:96:b4:8f:41:ef:5b:0f:
95:d1:11:8f:25:ae:38:e2:8d:75:54:3c:89:98:01:c3:a2:e8:
c0:43:cd:83:d5:41:d2:be:84:79:bf:76:56:42:57:4b:e7:ab:
9d:b7:ba:90:6f:f3:a2:97:b7:28:da:3c:fd:3b:a6:f0:80:7c:
e1:33:c8:c1:76:fe:d9:eb:2e:28:5e:56:f8:8b:2f:11:aa:f7:
15:1c:0a:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIcGcosCmhUnC8skt9hYybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTY0OWVmNjAzMGZjODA4NDhmZGZlMjFkNDMyMWFjODAx
MWZkMTAwHhcNMjQwMTAyMDQzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDljNDEzZGM2Y2JkOGFhZThhNGQxMjc4OGM3NDE5ZWRlMzA3MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOYtA47Cy4fR7QwNXKlPb3kpnDxd
glWTrAvq4rHmZgA36Zd8ZsHzLgiad2EvgczEZa0/nnlcgyQDHeflg/RGyvL79sBy
wrAUqPaaXnDsGFTs/e3JB2dIgsV/BdwGl00v8LuvAbj6mf0UqgBUyQGUTtgmwlIt
ZjN/wEZ79VIf2jP+YhH6HRdtx/QL7DnkedX7JDMPEQ+iLdvSPJC5EfBIal8MEf6P
9ET761sTZbsGNm4tn3xM/M+IaxV4gA2IxpZcJ4kfjxvnaYHvp1syyEtuNRC1exRi
UZWxAXnZcjMUoriMp3cKX5pd59LnSB94UjhKO3WWeIYLSffE/XQkx7pszwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGCcQT3Gy9iq6KTRJ4jHQZ7eMHBUMB8GA1UdIwQY
MBaAFL6mSe9gMPyAhI/f4h1DIayAEf0QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgt
MjFkZjU1YmE5ZWJmLzEvWUp4QlBjYkwyS3JvcE5FbmlNZEJudDR3Y0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xOTQ1NWItZDJjZi00ZTVmLWJmNTgtMjFkZjU1YmE5ZWJm
LzEvdnFaSjcyQXdfSUNFajlfaUhVTWhySUFSX1JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4PQwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBEb5YC89r3tNYtnhbNQQMQsnIoCMEWrnGQby7k
cT8iGWuTR4iWXIy4oJgaSK0E/RX4QO10GPnG2uW6kpo317pwkwWSCyKonOf1sYG/
IQNu3kAbzmwBfiO2vNdsCaK5ksrG3jZrn3tNR9EnLxcxUa7ggi7PhkOrR6gaT/oT
scpmymJC8ljkOtN2CgKm7o24Myb4tWd4H8Wva3dkZEUVSojfccUpQNpAuo1DiRDP
K5a0j0HvWw+V0RGPJa444o11VDyJmAHDoujAQ82D1UHSvoR5v3ZWQldL56udt7qQ
b/Oil7co2jz9O6bwgHzhM8jBdv7Z6y4oXlb4iy8RqvcVHAr2
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:34:39 2024 by rpki-client on console-ams.rpki-client.org