Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/YgUdbDUdyM5lUkp9odKZnQYam2A.roa
File: YgUdbDUdyM5lUkp9odKZnQYam2A.roa (raw, json)
Hash identifier: UDUDReT32YKnQvlFjq9g1XwtGaZst5ZU3XfehH/3OGY=
Subject key identifier: 62:05:1D:6C:35:1D:C8:CE:65:52:4A:7D:A1:D2:99:9D:06:1A:9B:60
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 019248B49BA2A2C1A4AE5165B364E34E41B8
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/YgUdbDUdyM5lUkp9odKZnQYam2A.roa
Signing time: Tue 01 Oct 2024 15:30:48 +0000
ROA not before: Tue 01 Oct 2024 15:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49778
IP address blocks: 2a11:e380::/29 maxlen: 29
2a12:70c0::/29 maxlen: 29
2a13:7e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:b4:9b:a2:a2:c1:a4:ae:51:65:b3:64:e3:4e:41:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: Oct 1 15:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62051d6c351dc8ce65524a7da1d2999d061a9b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:50:6b:64:0e:6e:ed:c7:80:29:4f:5c:36:86:
b5:bb:91:41:2f:d3:60:f4:71:d9:9e:11:a7:54:ad:
71:9a:2a:13:41:a9:30:52:85:74:94:ec:90:b6:8f:
a4:ee:64:44:78:18:9a:67:0a:1f:ae:70:f3:dd:51:
56:93:ab:c8:a5:2f:e5:94:ab:35:fe:15:c6:c9:41:
a5:ac:dc:c9:98:2f:84:f0:ad:c6:64:a7:81:52:c0:
59:08:ce:75:73:ab:39:4e:47:28:86:fb:43:9b:8a:
1f:64:99:47:44:dd:66:5d:f6:e4:7c:65:93:e9:31:
65:bc:ab:e4:68:cd:6e:aa:52:90:83:04:3f:af:5d:
48:24:c3:a3:68:cf:d5:69:4e:45:51:69:ad:97:22:
7f:42:34:3f:80:cc:c7:47:56:74:51:fe:10:fd:68:
d1:1f:c9:95:9b:df:c2:fd:10:ba:34:e6:70:c6:c6:
b7:7c:dc:ee:26:20:98:3c:d0:70:de:4a:fc:19:12:
50:74:45:32:f5:52:53:4f:d1:2d:1a:a1:2d:11:d7:
b1:81:92:f3:bc:02:32:69:72:39:8a:c5:b2:8e:49:
d6:ca:ac:e5:55:2e:8f:86:9a:10:34:20:8c:8a:82:
b1:01:50:86:51:93:51:e5:60:5b:fb:1a:d4:a1:3b:
09:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:05:1D:6C:35:1D:C8:CE:65:52:4A:7D:A1:D2:99:9D:06:1A:9B:60
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/YgUdbDUdyM5lUkp9odKZnQYam2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e380::/29
2a12:70c0::/29
2a13:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
03:98:fc:9a:fc:6b:31:32:cc:94:b8:80:50:c3:74:5b:44:1b:
f0:37:c6:e8:3b:4e:b6:38:a2:18:0d:f3:88:98:9a:b9:5a:20:
31:e3:07:3b:11:82:9d:1a:97:0c:dc:fd:c8:94:c6:f3:0b:88:
af:26:bc:a1:84:e3:5e:1d:22:a4:f9:66:be:80:c0:38:6f:db:
38:67:8b:57:95:cb:1f:6f:c2:c6:b1:71:9f:a0:51:28:d0:ca:
9e:8d:05:01:f1:13:b2:16:20:47:82:09:71:07:df:cb:d3:e7:
cc:4e:4e:86:ae:e5:86:4b:d1:98:59:78:c1:70:cd:8f:8e:41:
c0:47:6e:41:4c:95:0b:ee:31:23:f1:49:ab:fb:d3:9a:45:31:
30:ea:bb:c1:40:7b:9a:66:29:cf:e0:04:ae:95:ca:f7:dc:79:
65:de:7b:c5:71:48:0f:ab:e8:c7:96:f8:7b:9a:5f:56:88:57:
8b:5b:d7:48:40:76:cb:eb:17:35:57:47:ca:9a:cb:65:cc:ae:
3a:89:73:3e:fd:d3:05:a2:a1:75:c0:2a:2f:20:d9:c8:dd:7d:
b4:6b:17:5d:7c:22:8f:0c:40:c2:3f:64:1d:e1:5b:f5:40:74:
c6:9d:1f:ee:67:d9:94:aa:01:7c:59:7e:fc:1d:f6:47:bd:b3:
3c:0d:d7:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJItJuiosGkrlFls2TjTkG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjQxMDAxMTUzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA1MWQ2YzM1MWRjOGNlNjU1MjRhN2RhMWQyOTk5ZDA2MWE5YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFBrZA5u7ceAKU9cNoa1u5FBL9Ng
9HHZnhGnVK1xmioTQakwUoV0lOyQto+k7mREeBiaZwofrnDz3VFWk6vIpS/llKs1
/hXGyUGlrNzJmC+E8K3GZKeBUsBZCM51c6s5TkcohvtDm4ofZJlHRN1mXfbkfGWT
6TFlvKvkaM1uqlKQgwQ/r11IJMOjaM/VaU5FUWmtlyJ/QjQ/gMzHR1Z0Uf4Q/WjR
H8mVm9/C/RC6NOZwxsa3fNzuJiCYPNBw3kr8GRJQdEUy9VJTT9EtGqEtEdexgZLz
vAIyaXI5isWyjknWyqzlVS6PhpoQNCCMioKxAVCGUZNR5WBb+xrUoTsJkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGIFHWw1HcjOZVJKfaHSmZ0GGptgMB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvWWdVZGJEVWR5TTVsVWtwOW9kS1puUVlhbTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhHjgAMF
AyoScMADBQMqE34AMA0GCSqGSIb3DQEBCwUAA4IBAQADmPya/GsxMsyUuIBQw3Rb
RBvwN8boO062OKIYDfOImJq5WiAx4wc7EYKdGpcM3P3IlMbzC4ivJryhhONeHSKk
+Wa+gMA4b9s4Z4tXlcsfb8LGsXGfoFEo0MqejQUB8ROyFiBHgglxB9/L0+fMTk6G
ruWGS9GYWXjBcM2PjkHAR25BTJUL7jEj8Umr+9OaRTEw6rvBQHuaZinP4ASulcr3
3Hll3nvFcUgPq+jHlvh7ml9WiFeLW9dIQHbL6xc1V0fKmstlzK46iXM+/dMFoqF1
wCovINnI3X20axddfCKPDEDCP2Qd4Vv1QHTGnR/uZ9mUqgF8WX78HfZHvbM8DddW
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:31:21 2024 by rpki-client on console-fra.rpki-client.org