Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/9mt1G5ATpatnr-Glc-XBqmf1FXM.roa
File: 9mt1G5ATpatnr-Glc-XBqmf1FXM.roa (raw, json)
Hash identifier: cqnlq5knAcpHiMY1aAKSmLyBJSBPTm+LDfNFNo1U/ZU=
Subject key identifier: F6:6B:75:1B:90:13:A5:AB:67:AF:E1:A5:73:E5:C1:AA:67:F5:15:73
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B548734ABCB4150059E5FC682E045
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/9mt1G5ATpatnr-Glc-XBqmf1FXM.roa
Signing time: Tue 02 Jan 2024 12:34:46 +0000
ROA not before: Tue 02 Jan 2024 12:34:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47987
IP address blocks: 2a06:8ec0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:54:87:34:ab:cb:41:50:05:9e:5f:c6:82:e0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f66b751b9013a5ab67afe1a573e5c1aa67f51573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2e:09:7b:70:53:b1:8f:23:07:c3:85:c8:50:
17:a9:07:94:80:b3:96:06:c7:70:c2:cb:52:54:5b:
1b:d6:cf:b3:bc:f0:d4:02:0a:c3:7b:cd:c7:11:bf:
51:79:60:c2:d3:f8:a5:4b:46:97:a5:2a:cf:b3:10:
c1:20:ad:1b:17:31:0b:47:49:37:fc:8e:7f:b8:af:
1a:bc:31:77:bc:5b:05:24:d5:37:c0:5c:5d:fd:7c:
c8:91:a2:09:00:da:a5:45:29:c1:86:a2:be:d5:68:
7d:01:64:b5:48:f6:83:8e:05:27:6f:92:b1:f0:e7:
0e:27:de:1d:66:70:56:a9:58:8a:2c:a2:22:0e:08:
a3:76:8e:c2:9c:7c:e0:62:d3:a9:72:aa:87:8c:3e:
13:9e:26:8a:d6:9b:14:2c:ef:6f:2b:e0:7f:2f:85:
38:6c:3b:bf:06:c0:6b:7c:73:62:41:d4:fa:b9:52:
8c:e1:4e:5c:7a:c7:a6:7d:ea:97:24:30:9f:9b:25:
7a:a3:c7:a2:84:92:97:0e:d4:69:5c:08:dd:dd:06:
c1:54:52:fb:fa:99:68:b7:85:7e:07:b5:7f:a4:e7:
c9:e4:16:08:57:ff:fe:3c:81:cd:14:c0:27:19:f9:
30:ca:61:81:a8:a9:47:09:68:f4:8e:fd:b9:3c:f8:
c3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6B:75:1B:90:13:A5:AB:67:AF:E1:A5:73:E5:C1:AA:67:F5:15:73
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/9mt1G5ATpatnr-Glc-XBqmf1FXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:8ec0:1::/48
Signature Algorithm: sha256WithRSAEncryption
9a:0a:bc:c1:6d:4c:cb:f3:16:33:03:80:cc:82:8d:04:2a:c0:
38:e6:58:8d:b3:bc:7b:d2:b2:b2:b2:02:66:ce:d0:fd:ec:9b:
92:07:71:a0:46:d1:40:61:82:f5:c9:f3:9e:44:32:a3:51:d6:
c7:5a:98:11:de:ce:65:dd:f6:1d:99:09:27:a3:a8:c1:7c:8c:
76:0a:df:37:98:b1:a0:90:be:52:de:5e:60:45:a5:65:86:59:
fe:f1:b3:f6:50:44:7b:9c:3b:3a:ac:0b:e9:74:3b:df:70:d2:
03:31:c6:ec:9a:1a:d6:6c:f8:be:71:e2:0f:97:27:e1:93:41:
04:35:70:cd:31:9c:49:71:61:c3:4a:0b:0e:8e:0d:1b:2f:73:
98:a1:2e:3a:a2:62:82:a0:06:c8:b9:68:f7:83:81:70:86:ca:
06:ba:af:fa:bd:86:a1:2c:b8:02:28:8b:f3:9b:19:92:b0:d8:
19:24:f7:73:39:f5:38:cd:35:3d:04:1b:55:4a:23:99:e0:3d:
de:c8:b9:d8:9e:83:3f:75:55:c8:cb:49:85:e5:1d:43:2c:78:
a0:d6:74:a6:1a:7a:e2:4a:44:76:84:4b:b9:f5:a9:c7:12:00:
ec:15:5c:2f:61:40:46:77:59:d5:3f:c4:08:dd:1d:4d:5d:0d:
71:66:ac:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKK1SHNKvLQVAFnl/GguBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZiNzUxYjkwMTNhNWFiNjdhZmUxYTU3M2U1YzFhYTY3ZjUxNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC4Je3BTsY8jB8OFyFAXqQeUgLOW
BsdwwstSVFsb1s+zvPDUAgrDe83HEb9ReWDC0/ilS0aXpSrPsxDBIK0bFzELR0k3
/I5/uK8avDF3vFsFJNU3wFxd/XzIkaIJANqlRSnBhqK+1Wh9AWS1SPaDjgUnb5Kx
8OcOJ94dZnBWqViKLKIiDgijdo7CnHzgYtOpcqqHjD4TniaK1psULO9vK+B/L4U4
bDu/BsBrfHNiQdT6uVKM4U5cesemfeqXJDCfmyV6o8eihJKXDtRpXAjd3QbBVFL7
+plot4V+B7V/pOfJ5BYIV//+PIHNFMAnGfkwymGBqKlHCWj0jv25PPjDjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPZrdRuQE6WrZ6/hpXPlwapn9RVzMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvOW10MUc1QVRwYXRuci1HbGMtWEJxbWYxRlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaOwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCaCrzBbUzL8xYzA4DMgo0EKsA45liNs7x70rKy
sgJmztD97JuSB3GgRtFAYYL1yfOeRDKjUdbHWpgR3s5l3fYdmQkno6jBfIx2Ct83
mLGgkL5S3l5gRaVlhln+8bP2UER7nDs6rAvpdDvfcNIDMcbsmhrWbPi+ceIPlyfh
k0EENXDNMZxJcWHDSgsOjg0bL3OYoS46omKCoAbIuWj3g4FwhsoGuq/6vYahLLgC
KIvzmxmSsNgZJPdzOfU4zTU9BBtVSiOZ4D3eyLnYnoM/dVXIy0mF5R1DLHig1nSm
GnriSkR2hEu59anHEgDsFVwvYUBGd1nVP8QI3R1NXQ1xZqyk
-----END CERTIFICATE-----
Generated at Sat May 4 23:05:21 2024 by rpki-client on console-ams.rpki-client.org