Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UcWtGSSmNBS5aGWEFCenimrehR8.roa
File: UcWtGSSmNBS5aGWEFCenimrehR8.roa (raw, json)
Hash identifier: QjIeKnST/VG5MyKKowdRpm6FITrB4LnU4NFbcBnZK3I=
Subject key identifier: 51:C5:AD:19:24:A6:34:14:B9:68:65:84:14:27:A7:8A:6A:DE:85:1F
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B62CBD86D65CD19F6A756F66CBA9E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UcWtGSSmNBS5aGWEFCenimrehR8.roa
Signing time: Tue 02 Jan 2024 12:34:50 +0000
ROA not before: Tue 02 Jan 2024 12:34:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206499
IP address blocks: 2a0c:da04:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:62:cb:d8:6d:65:cd:19:f6:a7:56:f6:6c:ba:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51c5ad1924a63414b96865841427a78a6ade851f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6a:c7:ef:2f:13:e4:47:e5:da:2e:05:1b:c6:
48:8f:c9:eb:af:3e:d1:0b:4c:87:35:f6:3a:54:12:
0d:f5:28:9b:6b:0d:b1:11:60:fd:6d:4d:e1:87:79:
78:a5:74:30:e5:20:88:0c:1f:09:c2:8b:90:0a:da:
d6:ae:27:22:77:9f:99:1a:c9:aa:c5:05:4f:c6:e5:
74:01:8f:de:94:44:fe:d3:db:c5:c2:64:fb:ca:a1:
b0:d2:31:60:b1:b0:44:fc:3e:ae:3b:7c:d4:d8:5b:
2d:7d:e9:99:25:30:0b:7a:dc:8a:ab:71:d2:bb:a8:
56:16:12:4f:db:8e:07:76:22:53:27:c6:fc:11:ee:
78:27:2a:d1:e2:83:fb:2f:54:33:d4:ad:14:1c:c0:
b0:5d:d8:e8:c5:cf:e8:15:5f:ec:ac:ad:ab:2a:c5:
8c:a9:fd:d9:63:b0:50:6f:ff:77:66:e4:69:1b:34:
e6:81:3b:65:3a:c8:4f:f3:d9:70:80:48:f0:83:2f:
83:d5:ad:54:50:1f:e0:49:64:f9:53:b3:20:14:86:
7e:fc:c2:62:ee:67:65:d6:af:2b:46:68:bf:4e:c6:
3a:0d:e6:87:5e:c3:1c:62:bf:fa:93:4d:1c:ac:db:
1c:29:e7:af:a9:04:1e:08:65:dd:16:30:ae:5c:ef:
53:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C5:AD:19:24:A6:34:14:B9:68:65:84:14:27:A7:8A:6A:DE:85:1F
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/UcWtGSSmNBS5aGWEFCenimrehR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:da04:c::/48
Signature Algorithm: sha256WithRSAEncryption
39:6f:8c:00:99:c8:12:c6:c5:de:c3:1a:42:7a:5c:6a:8e:e4:
2b:2a:61:1a:31:c1:70:ee:73:5e:a7:51:72:78:c1:08:9d:33:
e0:4c:ca:77:a9:a3:b2:00:51:fd:3d:5a:60:f9:81:bf:f6:24:
33:eb:84:9c:57:bd:39:b7:c4:74:7e:2c:87:49:c2:b5:e1:2c:
b2:cc:33:c0:a9:68:d9:70:83:4c:d8:8c:e9:28:1d:47:27:4b:
18:2c:e4:e3:53:23:1a:a8:04:14:ea:7b:6b:de:2f:8c:be:bb:
c3:ff:e6:2f:fd:77:c4:c4:8f:a5:2c:01:0e:0d:6e:40:f4:25:
72:a2:33:6f:11:8c:4c:20:31:46:0f:78:e3:51:49:8e:d4:15:
1c:4d:c4:34:a9:64:43:d7:0e:73:8f:ff:aa:f5:fe:19:67:4f:
b2:84:75:b5:e6:8e:e9:fb:a4:3f:84:80:ae:18:0c:b8:e7:e8:
c6:90:98:a9:18:d4:60:dc:39:97:b1:f3:56:dc:78:2b:a8:ea:
d7:55:e8:90:aa:13:bd:67:4b:f8:37:48:88:8d:43:71:25:32:
56:64:be:7f:39:82:93:aa:81:ee:22:7a:ea:98:13:34:34:a7:
77:b6:41:8c:4c:8e:79:b8:af:b9:bd:98:f0:72:28:61:38:b8:
42:14:b5:79
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKK2LL2G1lzRn2p1b2bLqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWM1YWQxOTI0YTYzNDE0Yjk2ODY1ODQxNDI3YTc4YTZhZGU4NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmrH7y8T5Efl2i4FG8ZIj8nrrz7R
C0yHNfY6VBIN9Sibaw2xEWD9bU3hh3l4pXQw5SCIDB8JwouQCtrWricid5+ZGsmq
xQVPxuV0AY/elET+09vFwmT7yqGw0jFgsbBE/D6uO3zU2FstfemZJTALetyKq3HS
u6hWFhJP244HdiJTJ8b8Ee54JyrR4oP7L1Qz1K0UHMCwXdjoxc/oFV/srK2rKsWM
qf3ZY7BQb/93ZuRpGzTmgTtlOshP89lwgEjwgy+D1a1UUB/gSWT5U7MgFIZ+/MJi
7mdl1q8rRmi/TsY6DeaHXsMcYr/6k00crNscKeevqQQeCGXdFjCuXO9TqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFHFrRkkpjQUuWhlhBQnp4pq3oUfMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvVWNXdEdTU21OQlM1YUdXRUZDZW5pbXJlaFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgzaBAAM
MA0GCSqGSIb3DQEBCwUAA4IBAQA5b4wAmcgSxsXewxpCelxqjuQrKmEaMcFw7nNe
p1FyeMEInTPgTMp3qaOyAFH9PVpg+YG/9iQz64ScV705t8R0fiyHScK14SyyzDPA
qWjZcINM2IzpKB1HJ0sYLOTjUyMaqAQU6ntr3i+MvrvD/+Yv/XfExI+lLAEODW5A
9CVyojNvEYxMIDFGD3jjUUmO1BUcTcQ0qWRD1w5zj/+q9f4ZZ0+yhHW15o7p+6Q/
hICuGAy45+jGkJipGNRg3DmXsfNW3HgrqOrXVeiQqhO9Z0v4N0iIjUNxJTJWZL5/
OYKTqoHuInrqmBM0NKd3tkGMTI55uK+5vZjwcihhOLhCFLV5
-----END CERTIFICATE-----
Generated at Sat May 4 18:43:59 2024 by rpki-client on console-ams.rpki-client.org