Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/h2fUVc0uTggwQNtpWvNAhKf_vcc.roa
File: h2fUVc0uTggwQNtpWvNAhKf_vcc.roa (raw, json)
Hash identifier: orf+75UHl2iY/YBLm6vVB1Fs2+r5Fp37tfcdNlV94P0=
Subject key identifier: 87:67:D4:55:CD:2E:4E:08:30:40:DB:69:5A:F3:40:84:A7:FF:BD:C7
Certificate issuer: /CN=79ad074aface91ac3fdd0a3ebd60fadbc16de4fc
Certificate serial: 018CC500570F8DC0DDEB04FDC98250A621E9
Authority key identifier: 79:AD:07:4A:FA:CE:91:AC:3F:DD:0A:3E:BD:60:FA:DB:C1:6D:E4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/h2fUVc0uTggwQNtpWvNAhKf_vcc.roa
Signing time: Mon 01 Jan 2024 12:29:43 +0000
ROA not before: Mon 01 Jan 2024 12:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208633
IP address blocks: 2a0e:1dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:57:0f:8d:c0:dd:eb:04:fd:c9:82:50:a6:21:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79ad074aface91ac3fdd0a3ebd60fadbc16de4fc
Validity
Not Before: Jan 1 12:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8767d455cd2e4e083040db695af34084a7ffbdc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:88:05:b8:ac:40:fb:98:ac:4a:b2:32:90:72:
07:f1:15:0f:ae:75:2f:ee:16:67:9b:64:69:17:0d:
da:d3:22:a0:23:4a:11:73:00:5f:cb:92:83:94:7a:
b9:ab:26:43:51:a0:39:1f:f7:f0:60:b8:37:8f:1e:
7e:66:f7:7a:e2:74:1c:18:b2:64:1e:8d:d3:a8:14:
6d:39:27:96:6f:4e:09:a6:b1:9f:62:8d:af:b0:b8:
48:cc:d9:df:f0:a2:13:32:30:00:33:da:48:09:17:
8c:9b:4d:2c:3f:5d:61:51:fe:10:8a:13:fa:95:08:
24:e3:1e:2c:cb:b7:f1:67:55:4e:69:d0:5d:55:34:
84:9a:e7:07:69:07:d2:48:a0:4e:1e:06:de:be:1a:
db:6d:fb:16:9e:be:7b:23:14:ff:b6:16:ee:a5:ab:
f8:d7:94:21:63:cd:2d:a9:c5:24:80:18:ca:a2:a3:
3d:9f:92:d1:2b:9f:ac:e0:1d:be:e7:53:d4:39:4c:
5c:e7:76:4d:19:83:08:6c:b9:49:3c:55:37:4f:ad:
8a:a6:9a:03:d7:bf:af:5f:2e:1e:a2:70:c6:be:77:
09:3a:aa:0a:ea:69:b2:c7:87:47:0d:9a:56:bc:e3:
0c:ee:f4:48:ee:9a:85:f4:c7:37:6a:a5:f5:2a:b5:
8f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:67:D4:55:CD:2E:4E:08:30:40:DB:69:5A:F3:40:84:A7:FF:BD:C7
X509v3 Authority Key Identifier:
keyid:79:AD:07:4A:FA:CE:91:AC:3F:DD:0A:3E:BD:60:FA:DB:C1:6D:E4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/h2fUVc0uTggwQNtpWvNAhKf_vcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1f6de8-9e29-4cb3-aa4a-0a2e9336d6d0/1/ea0HSvrOkaw_3Qo-vWD628Ft5Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
69:0c:69:d1:74:ab:ba:56:d1:3c:62:42:81:f4:43:d2:19:a1:
02:2e:83:45:47:b6:f9:15:0d:d2:ae:61:30:1e:91:0c:86:da:
27:3c:34:d6:5d:6a:27:2e:26:e6:c6:4a:b7:aa:39:cc:0e:f4:
39:74:c6:44:8d:4e:50:7d:9c:f4:e7:15:5e:d6:46:ef:03:3d:
53:6a:cf:33:56:d1:bf:de:b3:e0:ad:4d:4b:e9:59:17:2c:b4:
f4:dc:5c:1f:d0:d7:5e:22:c2:9f:77:8e:af:24:17:33:e8:a9:
cd:91:70:48:55:b1:5f:cb:63:04:01:f7:42:1b:8f:bb:5f:b8:
cf:d8:91:b3:1f:1b:60:95:49:1b:9e:d3:99:4d:f1:82:f0:90:
57:fc:91:d5:5a:ab:99:b6:0c:5f:ab:c4:e2:69:e2:ab:6d:02:
bf:67:94:8a:35:71:26:1b:c3:b6:94:d5:4a:07:c6:9a:32:29:
4d:9d:98:73:04:cf:95:d5:c4:da:59:b3:02:5b:27:f1:bb:17:
f2:bd:1e:70:f0:4e:6f:d1:22:f6:1f:ed:b2:dd:53:9f:e5:f5:
68:65:f8:70:f1:96:1f:8a:b1:25:ef:9d:d5:36:f0:56:32:56:
6b:e4:fa:ac:9e:d9:80:ac:97:f1:9d:75:7a:62:9d:93:63:8b:
71:a7:6b:23
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAFcPjcDd6wT9yYJQpiHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YWQwNzRhZmFjZTkxYWMzZmRkMGEzZWJkNjBmYWRiYzE2
ZGU0ZmMwHhcNMjQwMTAxMTIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY3ZDQ1NWNkMmU0ZTA4MzA0MGRiNjk1YWYzNDA4NGE3ZmZiZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmogFuKxA+5isSrIykHIH8RUPrnUv
7hZnm2RpFw3a0yKgI0oRcwBfy5KDlHq5qyZDUaA5H/fwYLg3jx5+Zvd64nQcGLJk
Ho3TqBRtOSeWb04JprGfYo2vsLhIzNnf8KITMjAAM9pICReMm00sP11hUf4QihP6
lQgk4x4sy7fxZ1VOadBdVTSEmucHaQfSSKBOHgbevhrbbfsWnr57IxT/thbupav4
15QhY80tqcUkgBjKoqM9n5LRK5+s4B2+51PUOUxc53ZNGYMIbLlJPFU3T62KppoD
17+vXy4eonDGvncJOqoK6mmyx4dHDZpWvOMM7vRI7pqF9Mc3aqX1KrWPUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIdn1FXNLk4IMEDbaVrzQISn/73HMB8GA1UdIwQY
MBaAFHmtB0r6zpGsP90KPr1g+tvBbeT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWEwSFN2ck9rYXdfM1FvLXZXRDYyOEZ0NVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8xZjZkZTgtOWUyOS00Y2IzLWFhNGEt
MGEyZTkzMzZkNmQwLzEvaDJmVVZjMHVUZ2d3UU50cFd2TkFoS2ZfdmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8xZjZkZTgtOWUyOS00Y2IzLWFhNGEtMGEyZTkzMzZkNmQw
LzEvZWEwSFN2ck9rYXdfM1FvLXZXRDYyOEZ0NVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4dwDAN
BgkqhkiG9w0BAQsFAAOCAQEAaQxp0XSrulbRPGJCgfRD0hmhAi6DRUe2+RUN0q5h
MB6RDIbaJzw01l1qJy4m5sZKt6o5zA70OXTGRI1OUH2c9OcVXtZG7wM9U2rPM1bR
v96z4K1NS+lZFyy09NxcH9DXXiLCn3eOryQXM+ipzZFwSFWxX8tjBAH3QhuPu1+4
z9iRsx8bYJVJG57TmU3xgvCQV/yR1VqrmbYMX6vE4mniq20Cv2eUijVxJhvDtpTV
SgfGmjIpTZ2YcwTPldXE2lmzAlsn8bsX8r0ecPBOb9Ei9h/tst1Tn+X1aGX4cPGW
H4qxJe+d1TbwVjJWa+T6rJ7ZgKyX8Z11emKdk2OLcadrIw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:44:25 2024 by rpki-client on console-ams.rpki-client.org