Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GOdnkK_njAR9httFMOeMuvurV5s.roa
File: GOdnkK_njAR9httFMOeMuvurV5s.roa (raw, json)
Hash identifier: meGX7jEXCA3QTKvKrTyhbbm4b8O3MtlJiqFNrpfVXnY=
Subject key identifier: 18:E7:67:90:AF:E7:8C:04:7D:86:DB:45:30:E7:8C:BA:FB:AB:57:9B
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5DDFB681CA7272EB8D293E6B2EA0
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GOdnkK_njAR9httFMOeMuvurV5s.roa
Signing time: Tue 02 Jan 2024 12:34:48 +0000
ROA not before: Tue 02 Jan 2024 12:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136620
IP address blocks: 2a06:82c2:2::/48 maxlen: 48
2a06:82c2:d::/48 maxlen: 48
2a06:82c2:f::/48 maxlen: 48
2a06:82c2:e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:5d:df:b6:81:ca:72:72:eb:8d:29:3e:6b:2e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18e76790afe78c047d86db4530e78cbafbab579b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4c:c0:46:dd:be:db:90:b9:28:b0:a8:78:05:
24:ea:b9:fe:f4:c0:7d:af:04:6d:f3:28:4d:9b:b7:
9b:85:52:9f:a6:36:5b:ee:ce:04:71:7d:80:b9:a8:
ba:73:ea:18:6a:ff:b7:09:39:50:b9:b7:74:ad:03:
7f:8a:67:08:f4:f4:92:ef:f9:99:87:9d:83:07:a3:
89:b6:03:28:ca:ed:2a:68:cb:cd:da:b5:ee:bc:73:
76:55:eb:01:94:09:9f:33:3f:75:1a:a4:52:de:b7:
fa:3f:46:c4:90:81:0b:26:01:b9:df:cd:84:f6:fb:
ff:74:85:fa:16:57:48:c9:31:6b:b0:1d:3e:48:70:
d2:42:f3:4b:bc:2e:05:a7:5a:11:4f:05:22:99:a5:
b8:e2:f3:8b:a9:84:43:10:6b:cc:e5:07:61:1b:2c:
21:5f:94:69:64:9b:2c:27:69:12:23:51:4e:2e:d9:
d4:ce:59:c3:5e:e0:40:5d:01:6f:ee:c0:41:d1:0c:
fc:0e:69:23:dc:99:6c:25:28:de:b5:3b:a6:15:37:
93:56:f9:2d:36:e6:6a:08:99:ea:7e:ce:b4:08:3d:
69:e7:aa:70:c5:49:ab:37:b4:a0:5f:e5:01:9e:cd:
45:22:12:19:18:c5:ac:24:95:73:5c:41:d1:b3:f1:
90:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E7:67:90:AF:E7:8C:04:7D:86:DB:45:30:E7:8C:BA:FB:AB:57:9B
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/GOdnkK_njAR9httFMOeMuvurV5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:82c2:2::/48
2a06:82c2:d::-2a06:82c2:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:5c:f8:b8:bf:61:36:3f:22:bc:1f:fb:88:76:b1:30:29:57:
96:34:80:fa:e7:66:95:ad:83:79:8f:0b:89:c6:6a:a3:73:e1:
18:69:09:ab:0a:bf:8b:cd:a6:e2:76:a8:fd:61:24:9a:78:ab:
14:69:66:f2:41:bc:1b:af:ef:d7:52:a0:c0:29:b4:28:c5:c8:
47:51:1c:33:2b:fe:ba:88:bd:9f:89:b5:51:12:b4:3d:7e:44:
90:d9:a1:16:a1:d0:65:8f:93:a0:0a:c5:fd:5f:04:47:08:0b:
b3:32:20:a4:99:a6:f7:29:50:fa:54:e7:95:09:34:b3:ee:aa:
28:18:32:92:9b:d6:a3:f8:ca:06:84:4f:41:7d:8c:cb:ce:e4:
af:32:0d:1d:fe:f8:74:23:2f:5c:db:0b:93:f0:c2:06:d9:41:
42:07:99:ce:6d:e9:ea:d5:1a:eb:c0:37:b3:d8:ac:0f:04:96:
ad:d1:ff:a8:6e:cd:8c:ae:e7:37:c9:a2:f4:02:37:94:aa:65:
78:68:62:d1:4d:61:78:de:6b:dd:c0:61:61:d4:48:88:a2:58:
cf:a0:9d:5c:d7:44:c6:41:91:67:2c:2d:9b:d9:5f:69:81:81:
cd:d2:55:fb:75:bf:86:3c:3b:6c:e7:84:1d:94:8e:cf:cc:8e:
7e:41:16:2b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK13ftoHKcnLrjSk+ay6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGU3Njc5MGFmZTc4YzA0N2Q4NmRiNDUzMGU3OGNiYWZiYWI1NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkzARt2+25C5KLCoeAUk6rn+9MB9
rwRt8yhNm7ebhVKfpjZb7s4EcX2Auai6c+oYav+3CTlQubd0rQN/imcI9PSS7/mZ
h52DB6OJtgMoyu0qaMvN2rXuvHN2VesBlAmfMz91GqRS3rf6P0bEkIELJgG5382E
9vv/dIX6FldIyTFrsB0+SHDSQvNLvC4Fp1oRTwUimaW44vOLqYRDEGvM5QdhGywh
X5RpZJssJ2kSI1FOLtnUzlnDXuBAXQFv7sBB0Qz8Dmkj3JlsJSjetTumFTeTVvkt
NuZqCJnqfs60CD1p56pwxUmrN7SgX+UBns1FIhIZGMWsJJVzXEHRs/GQDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBjnZ5Cv54wEfYbbRTDnjLr7q1ebMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvR09kbmtLX25qQVI5aHR0Rk1PZU11dnVyVjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKgaCwgAC
MBIDBwAqBoLCAA0DBwQqBoLCAAAwDQYJKoZIhvcNAQELBQADggEBAAZc+Li/YTY/
Irwf+4h2sTApV5Y0gPrnZpWtg3mPC4nGaqNz4RhpCasKv4vNpuJ2qP1hJJp4qxRp
ZvJBvBuv79dSoMAptCjFyEdRHDMr/rqIvZ+JtVEStD1+RJDZoRah0GWPk6AKxf1f
BEcIC7MyIKSZpvcpUPpU55UJNLPuqigYMpKb1qP4ygaET0F9jMvO5K8yDR3++HQj
L1zbC5PwwgbZQUIHmc5t6erVGuvAN7PYrA8Elq3R/6huzYyu5zfJovQCN5SqZXho
YtFNYXjea93AYWHUSIiiWM+gnVzXRMZBkWcsLZvZX2mBgc3SVft1v4Y8O2znhB2U
js/Mjn5BFis=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:54 2024 by rpki-client on console-fra.rpki-client.org