Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/16d84b-0961-4d1e-85cc-61de21f51434/1/y__nUVcHLbIFOKEDH1O2SMvYy2E.roa
File: y__nUVcHLbIFOKEDH1O2SMvYy2E.roa (raw, json)
Hash identifier: B+5tA5HEK2x9Gqju86J5DnlPE4z1Kj0uZdWbEpdg60Q=
Subject key identifier: CB:FF:E7:51:57:07:2D:B2:05:38:A1:03:1F:53:B6:48:CB:D8:CB:61
Certificate issuer: /CN=2ab91e3ded820c70b8ace89aeafffabee6bfa553
Certificate serial: 018CC6B944A771859E22D8325CB3A4618813
Authority key identifier: 2A:B9:1E:3D:ED:82:0C:70:B8:AC:E8:9A:EA:FF:FA:BE:E6:BF:A5:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrkePe2CDHC4rOia6v_6vua_pVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/16d84b-0961-4d1e-85cc-61de21f51434/1/y__nUVcHLbIFOKEDH1O2SMvYy2E.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199130
IP address blocks: 2a13:de80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/16d84b-0961-4d1e-85cc-61de21f51434/1/KrkePe2CDHC4rOia6v_6vua_pVM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/16d84b-0961-4d1e-85cc-61de21f51434/1/KrkePe2CDHC4rOia6v_6vua_pVM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KrkePe2CDHC4rOia6v_6vua_pVM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:44:a7:71:85:9e:22:d8:32:5c:b3:a4:61:88:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ab91e3ded820c70b8ace89aeafffabee6bfa553
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbffe75157072db20538a1031f53b648cbd8cb61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:95:49:5f:2e:d5:d2:65:cc:14:95:e3:90:f3:
87:55:ba:76:e3:5c:1c:80:94:a3:a0:29:f7:5e:a3:
61:16:11:4b:ef:f9:6e:92:43:8d:6d:2f:56:5f:af:
10:c6:03:be:91:80:4d:a6:c7:2e:b6:26:43:70:19:
48:94:30:9a:cc:8d:7f:d6:d7:6d:f3:91:2a:55:d1:
26:a1:38:98:8c:bb:b4:93:5c:d0:d0:01:6a:15:20:
e3:a8:2f:77:a9:7c:cd:88:ab:3b:b6:c1:e0:0b:95:
05:21:7e:07:4a:bb:de:a3:d7:23:6b:e2:e0:4e:ef:
82:1c:5f:08:d0:05:cc:c7:66:bf:01:bc:3e:4b:8e:
8a:1b:a5:9f:68:7d:a3:4d:37:32:02:24:f6:21:68:
d3:a8:b5:b2:36:f7:6e:12:9e:06:57:63:96:af:74:
8e:c0:2a:8a:08:53:b3:8e:24:5a:d0:8c:a5:3a:07:
82:b0:96:a1:58:d0:f7:a4:9a:9d:1c:80:37:19:ae:
92:54:c5:8c:9f:42:3e:21:e5:f9:6f:57:ea:ac:63:
3b:58:f3:ef:85:71:88:db:02:4f:52:ae:27:df:23:
15:a5:4d:66:52:ee:4b:f4:0d:04:0c:79:b1:b2:6e:
6f:68:5f:da:dc:39:ef:45:4b:ac:69:dc:36:ba:dc:
5a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:FF:E7:51:57:07:2D:B2:05:38:A1:03:1F:53:B6:48:CB:D8:CB:61
X509v3 Authority Key Identifier:
keyid:2A:B9:1E:3D:ED:82:0C:70:B8:AC:E8:9A:EA:FF:FA:BE:E6:BF:A5:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrkePe2CDHC4rOia6v_6vua_pVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/16d84b-0961-4d1e-85cc-61de21f51434/1/y__nUVcHLbIFOKEDH1O2SMvYy2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/16d84b-0961-4d1e-85cc-61de21f51434/1/KrkePe2CDHC4rOia6v_6vua_pVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:de80::/29
Signature Algorithm: sha256WithRSAEncryption
6b:8d:20:d9:29:b0:77:68:32:64:0a:c7:c5:72:b1:60:b0:8f:
45:4a:50:ed:ea:be:15:6f:69:e6:60:32:1b:17:e6:38:7c:77:
da:ce:f7:cb:3b:28:73:60:db:7f:cc:c3:77:e6:98:9a:de:5d:
54:76:c1:00:28:04:4d:1b:cd:ef:5e:b1:95:6d:2f:ae:ab:f3:
95:da:a3:de:6a:39:e3:ee:93:13:e8:19:bd:0d:f5:22:0e:3b:
1d:47:b9:fa:f7:d3:fb:f7:11:0b:3e:35:a8:3d:77:47:28:77:
06:ba:8e:b9:ef:54:6e:fd:6c:8c:ef:00:9e:db:79:a0:41:21:
86:4f:1f:d6:0d:41:06:5c:7e:0f:ed:ce:99:60:e6:20:a5:f5:
24:c9:39:be:50:96:b0:66:2e:ee:65:8e:cf:aa:e9:d0:49:91:
ac:e3:dd:85:f3:03:4f:db:34:69:d2:cc:6b:92:6c:0c:90:08:
64:4a:52:3c:9a:78:a0:01:91:c6:45:4a:47:12:3b:39:6a:28:
cb:1c:9b:5d:01:79:19:18:f1:5a:bd:8e:8d:55:0e:fa:68:94:
93:2e:4b:b7:40:cc:fd:89:d5:bc:2b:ca:48:2e:65:a8:92:e1:
17:22:08:55:4d:41:41:5c:5f:53:d7:67:3b:83:a1:72:04:c2:
fd:c8:69:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGuUSncYWeItgyXLOkYYgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjkxZTNkZWQ4MjBjNzBiOGFjZTg5YWVhZmZmYWJlZTZi
ZmE1NTMwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmZmZTc1MTU3MDcyZGIyMDUzOGExMDMxZjUzYjY0OGNiZDhjYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJVJXy7V0mXMFJXjkPOHVbp241wc
gJSjoCn3XqNhFhFL7/lukkONbS9WX68QxgO+kYBNpscutiZDcBlIlDCazI1/1tdt
85EqVdEmoTiYjLu0k1zQ0AFqFSDjqC93qXzNiKs7tsHgC5UFIX4HSrveo9cja+Lg
Tu+CHF8I0AXMx2a/Abw+S46KG6WfaH2jTTcyAiT2IWjTqLWyNvduEp4GV2OWr3SO
wCqKCFOzjiRa0IylOgeCsJahWND3pJqdHIA3Ga6SVMWMn0I+IeX5b1fqrGM7WPPv
hXGI2wJPUq4n3yMVpU1mUu5L9A0EDHmxsm5vaF/a3DnvRUusadw2utxawQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMv/51FXBy2yBTihAx9TtkjL2MthMB8GA1UdIwQY
MBaAFCq5Hj3tggxwuKzomur/+r7mv6VTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JrZVBlMkNESEM0ck9pYTZ2XzZ2dWFfcFZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNmQ4NGItMDk2MS00ZDFlLTg1Y2Mt
NjFkZTIxZjUxNDM0LzEveV9fblVWY0hMYklGT0tFREgxTzJTTXZZeTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xNmQ4NGItMDk2MS00ZDFlLTg1Y2MtNjFkZTIxZjUxNDM0
LzEvS3JrZVBlMkNESEM0ck9pYTZ2XzZ2dWFfcFZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPegDAN
BgkqhkiG9w0BAQsFAAOCAQEAa40g2Smwd2gyZArHxXKxYLCPRUpQ7eq+FW9p5mAy
GxfmOHx32s73yzsoc2Dbf8zDd+aYmt5dVHbBACgETRvN716xlW0vrqvzldqj3mo5
4+6TE+gZvQ31Ig47HUe5+vfT+/cRCz41qD13Ryh3BrqOue9Ubv1sjO8Antt5oEEh
hk8f1g1BBlx+D+3OmWDmIKX1JMk5vlCWsGYu7mWOz6rp0EmRrOPdhfMDT9s0adLM
a5JsDJAIZEpSPJp4oAGRxkVKRxI7OWooyxybXQF5GRjxWr2OjVUO+miUky5Lt0DM
/YnVvCvKSC5lqJLhFyIIVU1BQVxfU9dnO4OhcgTC/chpHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:54:48 2024 by rpki-client on console-fra.rpki-client.org