Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xtQCLwvph03Y6ll6CoiYsZZVA6w.roa
File: xtQCLwvph03Y6ll6CoiYsZZVA6w.roa (raw, json)
Hash identifier: eU6g+ISX0RREuSUfnwxmqbeUtnL3CAU7cSWA5RtUgDw=
Subject key identifier: C6:D4:02:2F:0B:E9:87:4D:D8:EA:59:7A:0A:88:98:B1:96:55:03:AC
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AE6B8B30FF1AD4378ED7B224B3588
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xtQCLwvph03Y6ll6CoiYsZZVA6w.roa
Signing time: Mon 01 Jan 2024 18:30:46 +0000
ROA not before: Mon 01 Jan 2024 18:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203189
IP address blocks: 2a01:367:dead::/48 maxlen: 48
2a01:367:babe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e6:b8:b3:0f:f1:ad:43:78:ed:7b:22:4b:35:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6d4022f0be9874dd8ea597a0a8898b1965503ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:df:64:f2:0c:68:c0:a1:6c:84:6a:f5:4a:
f1:d7:91:c4:53:f5:ef:be:05:5f:3f:dc:07:a8:94:
b8:0a:60:08:a1:fe:46:98:9d:73:7e:ce:7a:82:28:
34:56:9d:9f:5d:a4:45:4f:6d:e0:c6:28:cc:03:68:
7e:9a:d7:3c:ee:99:33:0e:ca:3f:6c:e0:e5:60:aa:
8f:85:58:f9:ca:01:a3:ff:68:5f:36:e0:b6:51:3c:
82:3a:6b:ec:40:a9:f5:71:88:12:46:65:30:4a:96:
cf:8a:b6:fe:f1:f2:3a:43:33:cc:54:43:7f:82:8a:
ff:b9:e5:b7:71:e0:cf:5e:e3:ab:d5:b3:f9:1a:94:
0d:5f:e4:ed:aa:58:09:5c:11:70:95:32:21:8d:22:
20:c7:e6:ef:6b:db:42:84:50:a8:e3:5a:5c:18:d0:
c1:72:5a:59:6f:28:42:f3:b2:7c:91:e3:0b:ee:9c:
1f:3c:27:3d:1f:e0:40:b1:29:fa:84:32:e4:b3:7d:
76:65:59:04:ba:47:03:2c:f0:3c:63:b4:be:36:ac:
8f:69:6b:fa:cd:b7:89:5e:fc:21:40:32:79:a8:15:
f2:a8:23:ea:68:0b:95:50:5d:42:ea:29:ba:e7:36:
5f:e7:30:38:19:57:9e:37:b7:63:ce:25:f7:af:bc:
47:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D4:02:2F:0B:E9:87:4D:D8:EA:59:7A:0A:88:98:B1:96:55:03:AC
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xtQCLwvph03Y6ll6CoiYsZZVA6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:367:babe::/48
2a01:367:dead::/48
Signature Algorithm: sha256WithRSAEncryption
27:84:c1:1f:79:96:58:5d:db:96:9b:6e:75:d5:7e:92:ff:b9:
29:1b:b6:af:ba:18:de:f5:e8:74:96:3b:ca:c5:84:fa:b7:6a:
59:e0:b3:c5:5d:e8:f8:e0:16:13:db:a5:94:70:ed:eb:81:e1:
0b:5a:50:9a:d2:19:63:5a:1c:71:86:12:ca:c2:37:15:e3:be:
c3:2d:fb:73:53:be:71:e4:bc:32:be:91:e1:93:9c:f2:b3:09:
a9:6b:ef:52:d1:83:93:b0:30:e5:49:47:5c:36:ab:e6:33:23:
82:00:2e:10:d3:62:a8:19:24:7e:8e:77:e5:16:d7:c7:16:34:
48:a5:4b:04:5d:92:7f:21:bd:03:5b:30:5d:90:22:7d:c5:9a:
87:bc:f3:7d:6f:73:62:51:67:05:bb:b9:c2:bc:b2:0e:d6:17:
13:14:b2:73:43:31:b2:d8:da:1b:42:db:f3:fe:ca:28:a1:6b:
f5:9e:86:4d:77:e7:87:2f:39:31:31:7e:3b:06:91:15:7c:13:
59:ae:5c:c6:1b:e8:68:73:ae:6c:af:af:18:ec:a9:60:1c:0c:
bd:76:4a:34:ab:59:b8:77:17:e7:3e:b7:99:54:12:70:bb:7f:
d0:c5:c7:c8:3a:13:c7:43:98:ff:e4:4b:ff:35:b8:79:56:c8:
4f:9e:0b:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSua4sw/xrUN47XsiSzWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQ0MDIyZjBiZTk4NzRkZDhlYTU5N2EwYTg4OThiMTk2NTUwM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLHfZPIMaMChbIRq9Urx15HEU/Xv
vgVfP9wHqJS4CmAIof5GmJ1zfs56gig0Vp2fXaRFT23gxijMA2h+mtc87pkzDso/
bODlYKqPhVj5ygGj/2hfNuC2UTyCOmvsQKn1cYgSRmUwSpbPirb+8fI6QzPMVEN/
gor/ueW3ceDPXuOr1bP5GpQNX+TtqlgJXBFwlTIhjSIgx+bva9tChFCo41pcGNDB
clpZbyhC87J8keML7pwfPCc9H+BAsSn6hDLks312ZVkEukcDLPA8Y7S+NqyPaWv6
zbeJXvwhQDJ5qBXyqCPqaAuVUF1C6im65zZf5zA4GVeeN7djziX3r7xHtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMbUAi8L6YdN2OpZegqImLGWVQOsMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEveHRRQ0x3dnBoMDNZNmxsNkNvaVlzWlpWQTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgEDZ7q+
AwcAKgEDZ96tMA0GCSqGSIb3DQEBCwUAA4IBAQAnhMEfeZZYXduWm2511X6S/7kp
G7avuhje9eh0ljvKxYT6t2pZ4LPFXej44BYT26WUcO3rgeELWlCa0hljWhxxhhLK
wjcV477DLftzU75x5LwyvpHhk5zyswmpa+9S0YOTsDDlSUdcNqvmMyOCAC4Q02Ko
GSR+jnflFtfHFjRIpUsEXZJ/Ib0DWzBdkCJ9xZqHvPN9b3NiUWcFu7nCvLIO1hcT
FLJzQzGy2NobQtvz/soooWv1noZNd+eHLzkxMX47BpEVfBNZrlzGG+hoc65sr68Y
7KlgHAy9dko0q1m4dxfnPreZVBJwu3/QxcfIOhPHQ5j/5Ev/Nbh5VshPngue
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:03:35 2024 by rpki-client on console-fra.rpki-client.org