Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/A6MPHW-ry3IMd8vrIoLbU-EA5CU.roa
File: A6MPHW-ry3IMd8vrIoLbU-EA5CU.roa (raw, json)
Hash identifier: jjmjrEztQ8EexAKYkMRDSFsqiMlwhssDjvTnC0ha+gE=
Subject key identifier: 03:A3:0F:1D:6F:AB:CB:72:0C:77:CB:EB:22:82:DB:53:E1:00:E4:25
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018CC424658A3AFC77FB8A388DFA8363CF1E
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/A6MPHW-ry3IMd8vrIoLbU-EA5CU.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201335
IP address blocks: 2a0f:7803:ffa0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:65:8a:3a:fc:77:fb:8a:38:8d:fa:83:63:cf:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03a30f1d6fabcb720c77cbeb2282db53e100e425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:39:d9:ed:3d:af:cd:fc:c7:98:44:55:2d:fc:
94:66:37:2a:4b:2b:75:17:e5:08:23:38:f5:c3:8b:
ec:da:c1:c5:9f:9d:88:66:f4:49:04:5b:93:4d:68:
21:dd:d2:3c:18:a3:2a:b7:94:47:87:48:bb:a6:92:
f9:c6:20:6d:85:0c:4e:b9:72:15:26:1a:45:78:42:
d5:80:f8:ea:0a:5b:84:b4:5e:cd:14:6d:d4:77:18:
f1:38:c8:96:65:d2:27:e6:a4:eb:4f:cf:8f:16:f4:
3a:4c:59:bc:7e:43:ee:42:55:e1:6b:f5:7d:91:ad:
f4:31:1d:3e:2b:6f:e2:b6:92:84:b6:4e:5f:99:5b:
9a:06:0c:32:fb:03:3e:5b:f2:d2:95:44:b4:b9:88:
80:fc:47:40:17:08:ff:56:b5:ea:ec:b2:57:48:c3:
b4:b9:b8:eb:f4:c6:fd:39:06:7f:20:ed:5a:8f:09:
f6:e0:39:ed:0d:b7:09:56:07:82:06:5d:94:fd:6b:
73:00:b8:fe:fa:62:0e:b0:f8:35:90:9d:73:fd:f0:
07:07:c3:ff:0c:7b:4e:0d:47:a8:61:27:d9:33:7e:
4d:bc:44:24:36:be:97:3d:e2:fb:f7:c5:77:d7:01:
94:be:77:65:fd:48:d6:94:27:86:1d:15:fd:bf:7f:
ac:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A3:0F:1D:6F:AB:CB:72:0C:77:CB:EB:22:82:DB:53:E1:00:E4:25
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/A6MPHW-ry3IMd8vrIoLbU-EA5CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:ffa0::/48
Signature Algorithm: sha256WithRSAEncryption
a0:27:50:8e:2f:32:04:b8:c9:dc:0f:2a:54:b2:84:eb:18:70:
45:31:a4:4a:27:8b:62:0d:f6:d8:ec:a1:60:53:27:d9:93:b0:
25:af:2f:13:d3:90:52:63:7f:f7:13:d8:d7:e4:3a:dc:ba:62:
cf:f3:c8:20:56:e9:f2:c9:36:0d:cd:c5:2d:3f:28:9f:55:78:
75:01:1f:82:a4:a8:e2:4f:e2:e3:49:22:84:3a:3f:55:2c:ed:
77:0c:b2:20:10:03:db:5c:74:4b:cb:74:50:21:d6:ed:85:fb:
1b:eb:b2:16:77:02:ae:83:d4:6b:b6:68:3f:1a:e8:31:4f:26:
de:12:3f:04:0c:e8:5a:b1:ef:c5:10:90:4a:40:c2:c8:1b:15:
af:cd:67:82:03:47:59:e2:d2:88:ce:d9:8b:b6:60:e5:95:ce:
b7:f2:e2:15:90:ae:42:6b:69:fd:64:1d:5d:24:70:96:4a:8e:
1e:60:08:50:82:8a:4e:fb:be:48:47:04:28:1a:25:cb:a5:1f:
38:01:cf:e5:95:c3:ce:e5:19:16:5a:11:c3:6c:4a:ed:cd:28:
35:81:a9:71:87:17:d1:64:db:7c:88:ca:dd:4c:3b:d9:1a:6c:
ca:39:14:d4:65:36:78:f2:c9:ca:6f:ce:37:a4:c8:d0:2f:61:
9a:f3:0f:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJGWKOvx3+4o4jfqDY88eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2EzMGYxZDZmYWJjYjcyMGM3N2NiZWIyMjgyZGI1M2UxMDBlNDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDnZ7T2vzfzHmERVLfyUZjcqSyt1
F+UIIzj1w4vs2sHFn52IZvRJBFuTTWgh3dI8GKMqt5RHh0i7ppL5xiBthQxOuXIV
JhpFeELVgPjqCluEtF7NFG3UdxjxOMiWZdIn5qTrT8+PFvQ6TFm8fkPuQlXha/V9
ka30MR0+K2/itpKEtk5fmVuaBgwy+wM+W/LSlUS0uYiA/EdAFwj/VrXq7LJXSMO0
ubjr9Mb9OQZ/IO1ajwn24DntDbcJVgeCBl2U/WtzALj++mIOsPg1kJ1z/fAHB8P/
DHtODUeoYSfZM35NvEQkNr6XPeL798V31wGUvndl/UjWlCeGHRX9v3+sswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAOjDx1vq8tyDHfL6yKC21PhAOQlMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvQTZNUEhXLXJ5M0lNZDh2cklvTGJVLUVBNUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg94A/+g
MA0GCSqGSIb3DQEBCwUAA4IBAQCgJ1COLzIEuMncDypUsoTrGHBFMaRKJ4tiDfbY
7KFgUyfZk7Alry8T05BSY3/3E9jX5DrcumLP88ggVunyyTYNzcUtPyifVXh1AR+C
pKjiT+LjSSKEOj9VLO13DLIgEAPbXHRLy3RQIdbthfsb67IWdwKug9Rrtmg/Gugx
TybeEj8EDOhase/FEJBKQMLIGxWvzWeCA0dZ4tKIztmLtmDllc638uIVkK5Ca2n9
ZB1dJHCWSo4eYAhQgopO+75IRwQoGiXLpR84Ac/llcPO5RkWWhHDbErtzSg1galx
hxfRZNt8iMrdTDvZGmzKORTUZTZ48snKb843pMjQL2Ga8w+M
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:08:12 2024 by rpki-client on console-ams.rpki-client.org