Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/6RBKAqggjec7fqJu8S0b9OHUJqA.roa
File: 6RBKAqggjec7fqJu8S0b9OHUJqA.roa (raw, json)
Hash identifier: bGQSSKjplcMFq9Qj6W1umq13pl7ZIN4nO1Gz5RwQgx4=
Subject key identifier: E9:10:4A:02:A8:20:8D:E7:3B:7E:A2:6E:F1:2D:1B:F4:E1:D4:26:A0
Certificate issuer: /CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Certificate serial: 018CC493767D885C9F4CEF1D77B8EA29AB2A
Authority key identifier: 5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/6RBKAqggjec7fqJu8S0b9OHUJqA.roa
Signing time: Mon 01 Jan 2024 10:30:47 +0000
ROA not before: Mon 01 Jan 2024 10:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 2a02:7720::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:76:7d:88:5c:9f:4c:ef:1d:77:b8:ea:29:ab:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9104a02a8208de73b7ea26ef12d1bf4e1d426a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:be:f8:99:ad:66:17:9a:11:c6:64:79:ae:
c2:af:b5:bc:80:4a:71:0a:9d:44:98:ea:1a:b7:b0:
83:fb:1f:76:2c:16:85:79:fe:7a:ba:e7:5d:4d:33:
88:88:eb:4a:15:74:ad:93:40:a8:73:92:72:fa:86:
20:61:7f:f6:23:dd:79:d6:e8:9a:9f:00:37:46:56:
a0:7e:47:b0:8c:8e:81:a8:2e:76:68:ed:25:85:80:
5e:1e:6e:a5:48:25:11:cc:bc:fe:e8:98:05:fd:b8:
48:c2:a3:93:41:4e:13:c5:97:7d:27:19:14:27:ab:
9a:7f:d2:11:b3:e6:f8:a2:cb:25:fb:90:4e:28:0d:
79:db:07:4c:14:dd:45:e4:a0:2e:e5:9c:d8:36:7d:
4c:8f:4f:b5:da:43:5c:f8:fe:11:31:6d:da:74:a5:
3f:75:26:2f:9e:54:1b:3f:03:84:27:83:cd:d1:b6:
aa:dc:d7:e6:30:2a:c0:87:6b:fe:1c:8f:f0:ab:42:
43:9b:24:0c:64:98:79:68:e2:8e:ae:30:ba:cd:86:
26:9e:7f:d0:1b:60:1d:de:b9:0f:19:e9:4e:7f:a7:
6f:b3:1e:06:b6:12:b1:fa:76:35:bc:9f:f6:01:fd:
7b:8d:71:49:d8:71:e0:bf:00:49:58:31:8a:d0:5e:
7d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:10:4A:02:A8:20:8D:E7:3B:7E:A2:6E:F1:2D:1B:F4:E1:D4:26:A0
X509v3 Authority Key Identifier:
keyid:5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/6RBKAqggjec7fqJu8S0b9OHUJqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:7720::/32
Signature Algorithm: sha256WithRSAEncryption
72:07:1b:2f:e1:b6:e4:38:d7:02:58:af:6e:ea:37:4e:6e:c1:
55:ea:b9:12:c5:03:f7:24:8d:35:40:ea:dc:a6:02:c1:e5:31:
f0:26:53:1f:4a:12:39:8a:13:98:8d:e6:6c:b4:5f:60:00:02:
97:69:a5:c4:10:dc:f3:f9:94:df:ad:b0:c2:ab:9b:2e:df:eb:
c9:0a:76:30:48:20:3f:e3:e0:a7:30:8c:88:9c:84:5f:53:22:
a5:6a:91:fc:ab:fd:7e:b2:93:58:5b:bb:29:1a:8f:4a:3e:df:
95:63:eb:f5:02:40:2b:b8:59:ba:92:86:1e:56:0f:42:7e:fe:
b5:f6:7c:a6:7f:bc:19:b0:e4:52:32:eb:8c:3c:f5:23:aa:e1:
c5:4d:6d:86:93:08:07:7b:f9:d0:09:90:b1:5d:0e:ee:4f:91:
3c:c0:a0:eb:74:83:35:4f:80:17:1a:5b:07:0a:0c:09:86:fa:
d4:c1:34:4a:dd:39:f1:8a:e5:c4:b0:f8:db:be:28:35:29:ee:
8b:17:da:ee:47:5a:a4:aa:72:32:05:d7:08:99:d5:7a:7f:22:
e5:06:bc:b7:38:76:6b:2d:01:66:8b:5b:31:5f:46:62:5a:2f:
fe:1b:10:b2:32:71:89:91:85:79:c6:b5:e7:4b:87:3c:a6:f9:
1f:91:b1:00
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEk3Z9iFyfTO8dd7jqKasqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzQ2ZTlmMTJjMmMwZTU0NTlmZTRlM2Q0MTNjMWM4OWRl
NmRiMGUwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTEwNGEwMmE4MjA4ZGU3M2I3ZWEyNmVmMTJkMWJmNGUxZDQyNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcK++JmtZheaEcZkea7Cr7W8gEpx
Cp1EmOoat7CD+x92LBaFef56uuddTTOIiOtKFXStk0Coc5Jy+oYgYX/2I9151uia
nwA3RlagfkewjI6BqC52aO0lhYBeHm6lSCURzLz+6JgF/bhIwqOTQU4TxZd9JxkU
J6uaf9IRs+b4ossl+5BOKA152wdMFN1F5KAu5ZzYNn1Mj0+12kNc+P4RMW3adKU/
dSYvnlQbPwOEJ4PN0baq3NfmMCrAh2v+HI/wq0JDmyQMZJh5aOKOrjC6zYYmnn/Q
G2Ad3rkPGelOf6dvsx4GthKx+nY1vJ/2Af17jXFJ2HHgvwBJWDGK0F59xQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOkQSgKoII3nO36ibvEtG/Th1CagMB8GA1UdIwQY
MBaAFFx0bp8SwsDlRZ/k49QTwcid5tsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMt
ZTU5NDc2MTRlZjNmLzEvNlJCS0FxZ2dqZWM3ZnFKdThTMGI5T0hVSnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMtZTU5NDc2MTRlZjNm
LzEvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgJ3IDAN
BgkqhkiG9w0BAQsFAAOCAQEAcgcbL+G25DjXAlivbuo3Tm7BVeq5EsUD9ySNNUDq
3KYCweUx8CZTH0oSOYoTmI3mbLRfYAACl2mlxBDc8/mU362wwqubLt/ryQp2MEgg
P+PgpzCMiJyEX1MipWqR/Kv9frKTWFu7KRqPSj7flWPr9QJAK7hZupKGHlYPQn7+
tfZ8pn+8GbDkUjLrjDz1I6rhxU1thpMIB3v50AmQsV0O7k+RPMCg63SDNU+AFxpb
BwoMCYb61ME0St058YrlxLD4274oNSnuixfa7kdapKpyMgXXCJnVen8i5Qa8tzh2
ay0BZotbMV9GYlov/hsQsjJxiZGFeca150uHPKb5H5GxAA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:03 2024 by rpki-client on console-ams.rpki-client.org