Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5526d4-afc1-401f-a09f-0b697a3b762a/1/5kctDk8Wf4BYwwyOTvhVEgLbNCc.roa
File: 5kctDk8Wf4BYwwyOTvhVEgLbNCc.roa (raw, json)
Hash identifier: Nr3IK7da9sCnFBQmx3qWayM9ggxh14MDv8UovVq5g2w=
Subject key identifier: E6:47:2D:0E:4F:16:7F:80:58:C3:0C:8E:4E:F8:55:12:02:DB:34:27
Certificate issuer: /CN=4a341558dba0b6db94c55ce06e306ff6519d6ef1
Certificate serial: 018CC3492E718BA0D4E71DEECF3694597D0A
Authority key identifier: 4A:34:15:58:DB:A0:B6:DB:94:C5:5C:E0:6E:30:6F:F6:51:9D:6E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SjQVWNugttuUxVzgbjBv9lGdbvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5526d4-afc1-401f-a09f-0b697a3b762a/1/5kctDk8Wf4BYwwyOTvhVEgLbNCc.roa
Signing time: Mon 01 Jan 2024 04:30:02 +0000
ROA not before: Mon 01 Jan 2024 04:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49792
IP address blocks: 2001:67c:1194::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/5526d4-afc1-401f-a09f-0b697a3b762a/1/SjQVWNugttuUxVzgbjBv9lGdbvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/5526d4-afc1-401f-a09f-0b697a3b762a/1/SjQVWNugttuUxVzgbjBv9lGdbvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/SjQVWNugttuUxVzgbjBv9lGdbvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2e:71:8b:a0:d4:e7:1d:ee:cf:36:94:59:7d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a341558dba0b6db94c55ce06e306ff6519d6ef1
Validity
Not Before: Jan 1 04:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6472d0e4f167f8058c30c8e4ef8551202db3427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c0:28:c7:ed:b2:4c:9b:64:1b:22:63:a4:c9:
30:f1:fb:ed:24:d3:81:b4:8c:44:fc:b2:43:27:39:
9e:bd:45:bb:a7:08:c9:19:3a:89:8d:32:36:cd:87:
bb:de:74:f2:e0:9e:3b:6f:34:6d:05:48:d3:fe:ce:
d9:a3:fa:87:7f:08:ca:95:2a:e6:93:80:c2:bd:24:
3e:8d:24:3e:b4:c2:4d:1f:58:1b:35:93:1e:39:f3:
7e:ca:d4:7a:73:55:98:4e:64:27:e9:d6:cd:f4:b0:
39:ac:0e:7f:9f:2b:f2:83:88:13:e6:96:f9:a0:c9:
4f:91:bb:1e:63:ad:65:e0:5c:12:cb:c4:7e:16:c0:
8e:ac:52:d5:8b:d1:32:6c:af:65:6c:c4:ab:be:61:
03:74:4b:54:00:b1:e4:7f:61:13:ba:f7:30:a1:cb:
fa:cc:67:a7:91:7f:89:5c:d0:d4:8f:5b:35:3e:17:
f7:28:40:25:43:8b:43:84:5b:3d:cb:9f:07:a4:42:
46:a6:8d:74:e5:da:ca:f3:e8:b6:d7:24:39:72:e7:
4e:15:50:4e:09:ff:b8:f8:07:00:98:03:33:05:1f:
6f:25:9f:ab:24:0e:b4:77:eb:66:81:8a:4b:95:ba:
8b:a2:a7:69:c1:02:75:17:d7:94:43:33:8e:00:76:
04:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:47:2D:0E:4F:16:7F:80:58:C3:0C:8E:4E:F8:55:12:02:DB:34:27
X509v3 Authority Key Identifier:
keyid:4A:34:15:58:DB:A0:B6:DB:94:C5:5C:E0:6E:30:6F:F6:51:9D:6E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SjQVWNugttuUxVzgbjBv9lGdbvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5526d4-afc1-401f-a09f-0b697a3b762a/1/5kctDk8Wf4BYwwyOTvhVEgLbNCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5526d4-afc1-401f-a09f-0b697a3b762a/1/SjQVWNugttuUxVzgbjBv9lGdbvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1194::/48
Signature Algorithm: sha256WithRSAEncryption
7d:9d:2a:2f:b0:4a:4e:e3:bb:5d:9d:f4:3e:0c:04:f2:bc:34:
65:af:9c:7c:b7:e7:64:14:f7:26:6a:d7:e9:83:eb:a9:72:2d:
2a:9f:84:46:a5:7e:6a:40:de:de:d9:c0:6e:de:0d:cd:93:57:
a9:9e:0d:2c:09:a1:92:2b:96:f1:d2:ff:09:a0:6d:77:fd:a9:
0c:41:82:e4:54:9c:7b:c7:11:5e:3a:5f:19:98:f9:8f:97:b6:
16:70:8a:bf:88:29:e1:8c:d4:0a:ac:7a:07:e8:05:1b:81:04:
6c:31:34:5f:9c:5b:66:73:8e:3f:b7:23:f6:df:0c:3d:69:ec:
c2:ff:e9:3b:47:25:5e:48:92:9d:42:a2:9f:e8:27:db:13:3c:
04:12:33:b3:88:5a:90:df:39:24:2c:09:dd:1d:df:b3:22:16:
42:ae:0c:a5:c0:18:77:12:b9:5e:f4:53:ca:f0:b3:b8:f3:1e:
fa:8e:4c:0f:ce:06:e7:75:9c:ab:68:06:8c:4b:d5:49:11:a4:
d9:87:25:03:e9:f6:4a:41:19:41:28:42:cd:2c:68:df:b2:32:
48:1a:3a:4e:33:6e:3f:f1:49:e1:77:8a:25:87:cb:b9:f0:b6:
f3:85:c9:fc:a9:ce:77:ff:1b:f3:fe:9b:2e:fe:f5:e1:6e:60:
bf:2f:1e:79
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSS5xi6DU5x3uzzaUWX0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMzQxNTU4ZGJhMGI2ZGI5NGM1NWNlMDZlMzA2ZmY2NTE5
ZDZlZjEwHhcNMjQwMTAxMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ3MmQwZTRmMTY3ZjgwNThjMzBjOGU0ZWY4NTUxMjAyZGIzNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcAox+2yTJtkGyJjpMkw8fvtJNOB
tIxE/LJDJzmevUW7pwjJGTqJjTI2zYe73nTy4J47bzRtBUjT/s7Zo/qHfwjKlSrm
k4DCvSQ+jSQ+tMJNH1gbNZMeOfN+ytR6c1WYTmQn6dbN9LA5rA5/nyvyg4gT5pb5
oMlPkbseY61l4FwSy8R+FsCOrFLVi9EybK9lbMSrvmEDdEtUALHkf2ETuvcwocv6
zGenkX+JXNDUj1s1Phf3KEAlQ4tDhFs9y58HpEJGpo105drK8+i21yQ5cudOFVBO
Cf+4+AcAmAMzBR9vJZ+rJA60d+tmgYpLlbqLoqdpwQJ1F9eUQzOOAHYElQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOZHLQ5PFn+AWMMMjk74VRIC2zQnMB8GA1UdIwQY
MBaAFEo0FVjboLbblMVc4G4wb/ZRnW7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2pRVldOdWd0dHVVeFZ6Z2JqQnY5bEdkYnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81NTI2ZDQtYWZjMS00MDFmLWEwOWYt
MGI2OTdhM2I3NjJhLzEvNWtjdERrOFdmNEJZd3d5T1R2aFZFZ0xiTkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81NTI2ZDQtYWZjMS00MDFmLWEwOWYtMGI2OTdhM2I3NjJh
LzEvU2pRVldOdWd0dHVVeFZ6Z2JqQnY5bEdkYnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBGU
MA0GCSqGSIb3DQEBCwUAA4IBAQB9nSovsEpO47tdnfQ+DATyvDRlr5x8t+dkFPcm
atfpg+upci0qn4RGpX5qQN7e2cBu3g3Nk1epng0sCaGSK5bx0v8JoG13/akMQYLk
VJx7xxFeOl8ZmPmPl7YWcIq/iCnhjNQKrHoH6AUbgQRsMTRfnFtmc44/tyP23ww9
aezC/+k7RyVeSJKdQqKf6CfbEzwEEjOziFqQ3zkkLAndHd+zIhZCrgylwBh3Erle
9FPK8LO48x76jkwPzgbndZyraAaMS9VJEaTZhyUD6fZKQRlBKELNLGjfsjJIGjpO
M24/8Unhd4olh8u58Lbzhcn8qc53/xvz/psu/vXhbmC/Lx55
-----END CERTIFICATE-----
Generated at Tue Nov 26 20:12:40 2024 by rpki-client on console-ams.rpki-client.org