Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/5kwtfhbrL-zaL3LM2w5LtEGcyq0.roa
File: 5kwtfhbrL-zaL3LM2w5LtEGcyq0.roa (raw, json)
Hash identifier: LQSQdwp32J3ksX9MvqQr/lLb+xPwo94Gzdy/EaFyUd4=
Subject key identifier: E6:4C:2D:7E:16:EB:2F:EC:DA:2F:72:CC:DB:0E:4B:B4:41:9C:CA:AD
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F26BB61D3D406DC26A727E6DEFC2
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/5kwtfhbrL-zaL3LM2w5LtEGcyq0.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8248
IP address blocks: 2001:648:3400::/40 maxlen: 40
2001:648:2300::/47 maxlen: 47
2001:648:2302::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f2:6b:b6:1d:3d:40:6d:c2:6a:72:7e:6d:ef:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e64c2d7e16eb2fecda2f72ccdb0e4bb4419ccaad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:41:c0:4f:6a:f6:ea:23:a0:fe:61:74:bc:20:
cf:7c:fd:0a:fb:20:1c:c2:93:55:23:a7:7b:a7:fe:
6f:36:8f:6f:10:ba:ca:31:75:fa:92:42:71:67:a2:
6b:55:35:01:ea:fe:20:7f:4e:b3:85:eb:db:fc:c5:
fa:ba:9e:f9:9e:1e:39:61:1b:a3:05:75:ef:94:7e:
a7:2f:96:e9:fd:01:0f:28:9e:09:61:69:16:d6:6e:
51:b6:ec:13:c0:ec:51:c3:cf:54:9d:37:94:06:46:
14:b5:10:7a:ed:93:3d:f0:89:57:c5:ce:7d:f3:6d:
1b:1f:f6:76:f7:b8:85:5e:75:2a:20:af:c3:84:f0:
dc:cb:ea:42:61:6d:43:9a:67:12:f5:30:84:68:60:
26:f2:aa:13:2a:cd:13:54:71:d8:d7:b1:9b:7e:48:
f9:4c:ca:bb:7e:ad:e5:02:26:c0:26:e0:72:b3:aa:
44:3f:50:45:1e:bd:09:ca:15:f5:bf:1e:8c:f1:27:
40:2e:1e:d1:28:e5:17:28:41:6c:aa:8a:a0:e5:e5:
34:68:b9:48:2a:95:e8:56:0c:64:06:8f:82:37:b9:
1e:7d:b1:3f:c0:78:53:56:f2:99:66:cf:2f:92:0c:
26:9a:ab:84:6d:64:96:f2:88:83:88:69:a9:4b:c0:
e4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4C:2D:7E:16:EB:2F:EC:DA:2F:72:CC:DB:0E:4B:B4:41:9C:CA:AD
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/5kwtfhbrL-zaL3LM2w5LtEGcyq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:648:2300::-2001:648:2302:ffff:ffff:ffff:ffff:ffff
2001:648:3400::/40
Signature Algorithm: sha256WithRSAEncryption
64:19:0c:90:38:ed:8f:d2:59:e8:03:99:3a:09:58:d4:91:b0:
6f:a5:34:19:90:2c:e2:49:db:e1:50:fd:3e:25:d0:22:c5:38:
df:90:eb:92:b9:c5:bd:b1:71:a4:35:34:40:ef:c0:c7:e3:e9:
65:b8:18:d9:4a:35:9b:f4:1d:a7:9a:24:72:f8:12:50:8b:d6:
5d:66:e8:4b:28:3f:0b:2d:1c:f9:52:f6:9f:be:e2:9a:4c:91:
12:67:1f:b7:38:ae:78:ad:69:bf:8e:09:ca:f7:1f:76:c2:23:
99:30:0d:4f:ca:ab:c7:fb:a5:bb:42:9f:79:f7:56:79:85:72:
c8:9a:02:de:6f:46:1f:57:4f:9f:a1:e4:a3:66:f7:04:4a:34:
05:b5:a9:a5:bb:a9:a5:fb:53:f0:ee:fe:d7:f1:60:f1:ae:a1:
b2:d3:c8:37:10:eb:2a:05:a3:85:f0:d9:41:34:ee:d3:e0:90:
6a:87:23:c8:97:fd:4b:45:cb:8d:a8:29:99:48:04:9d:80:05:
63:d7:7f:75:89:a8:3f:13:7a:6c:a4:27:01:85:92:ee:dd:37:
e3:69:bf:f4:2a:b1:49:b9:49:e6:b0:cb:21:9a:ee:5f:b1:15:
df:3a:01:20:fd:2d:2a:87:10:76:76:43:b9:4c:74:78:f4:b5:
18:dc:8d:59
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSPJrth09QG3CanJ+be/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjRjMmQ3ZTE2ZWIyZmVjZGEyZjcyY2NkYjBlNGJiNDQxOWNjYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10HAT2r26iOg/mF0vCDPfP0K+yAc
wpNVI6d7p/5vNo9vELrKMXX6kkJxZ6JrVTUB6v4gf06zhevb/MX6up75nh45YRuj
BXXvlH6nL5bp/QEPKJ4JYWkW1m5RtuwTwOxRw89UnTeUBkYUtRB67ZM98IlXxc59
820bH/Z297iFXnUqIK/DhPDcy+pCYW1DmmcS9TCEaGAm8qoTKs0TVHHY17Gbfkj5
TMq7fq3lAibAJuBys6pEP1BFHr0JyhX1vx6M8SdALh7RKOUXKEFsqoqg5eU0aLlI
KpXoVgxkBo+CN7kefbE/wHhTVvKZZs8vkgwmmquEbWSW8oiDiGmpS8DkAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOZMLX4W6y/s2i9yzNsOS7RBnMqtMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvNWt3dGZoYnJMLXphTDNMTTJ3NUx0RUdjeXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBEDBgAgAQZI
IwMHACABBkgjAgMGACABBkg0MA0GCSqGSIb3DQEBCwUAA4IBAQBkGQyQOO2P0lno
A5k6CVjUkbBvpTQZkCziSdvhUP0+JdAixTjfkOuSucW9sXGkNTRA78DH4+lluBjZ
SjWb9B2nmiRy+BJQi9ZdZuhLKD8LLRz5UvafvuKaTJESZx+3OK54rWm/jgnK9x92
wiOZMA1PyqvH+6W7Qp9591Z5hXLImgLeb0YfV0+foeSjZvcESjQFtamlu6ml+1Pw
7v7X8WDxrqGy08g3EOsqBaOF8NlBNO7T4JBqhyPIl/1LRcuNqCmZSASdgAVj1391
iag/E3pspCcBhZLu3Tfjab/0KrFJuUnmsMshmu5fsRXfOgEg/S0qhxB2dkO5THR4
9LUY3I1Z
-----END CERTIFICATE-----
Generated at Mon Jul 1 11:33:26 2024 by rpki-client on console-fra.rpki-client.org