Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Ywm7NOBdz15EBQMtBjDlJDbL_vA.roa
File: Ywm7NOBdz15EBQMtBjDlJDbL_vA.roa (raw, json)
Hash identifier: Tir6LHxWbnVFDyczAccPcscGVjEjU0bGz7Z+TNJR93I=
Subject key identifier: 63:09:BB:34:E0:5D:CF:5E:44:05:03:2D:06:30:E5:24:36:CB:FE:F0
Certificate issuer: /CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Certificate serial: 018CC7270A23A4978B6978CF59568143C5BB
Authority key identifier: 2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Ywm7NOBdz15EBQMtBjDlJDbL_vA.roa
Signing time: Mon 01 Jan 2024 22:31:13 +0000
ROA not before: Mon 01 Jan 2024 22:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42209
IP address blocks: 2a0f:ca00:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:0a:23:a4:97:8b:69:78:cf:59:56:81:43:c5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Validity
Not Before: Jan 1 22:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6309bb34e05dcf5e4405032d0630e52436cbfef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:99:e7:ae:55:46:0b:df:ee:a5:c3:e7:94:76:
47:b0:54:82:79:c1:3e:4b:21:53:91:ac:e6:d2:d5:
1f:28:c2:21:b8:a4:c8:23:22:9c:d9:42:30:ca:25:
15:fd:9a:f8:0c:19:ce:58:1f:f0:6d:03:3e:da:95:
19:fb:87:f8:95:85:5b:60:ee:8e:4c:ab:5b:ee:c8:
66:dc:76:67:bb:05:b9:21:52:3c:70:3a:e8:b1:5d:
d4:15:18:0b:db:52:80:ed:98:c8:c9:bd:d1:39:5b:
e2:9d:11:b8:3d:a7:bf:42:ce:3b:07:51:a6:37:8f:
67:b9:e7:81:f1:81:a4:21:23:fb:62:c2:27:97:97:
68:ab:ac:0d:c4:e0:86:9b:1e:05:79:8b:a6:9a:2c:
2d:9b:5b:0f:2c:b9:ac:f8:9e:3f:7c:0b:98:ba:46:
d6:66:0a:41:6b:06:f7:e1:35:ca:a0:a6:65:dd:e0:
cd:c3:9b:70:ec:21:92:63:5f:5c:46:91:c9:a0:cd:
f6:03:21:de:c7:45:c0:b9:a4:fe:3a:32:f0:44:3d:
7f:44:9c:df:4b:78:66:e7:c1:d6:da:3f:a3:08:26:
c7:e2:f8:45:5e:24:5d:b9:43:79:3f:7b:d5:40:27:
dd:45:ff:61:ef:fc:28:8f:a8:b2:16:ae:04:d1:32:
c2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:09:BB:34:E0:5D:CF:5E:44:05:03:2D:06:30:E5:24:36:CB:FE:F0
X509v3 Authority Key Identifier:
keyid:2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Ywm7NOBdz15EBQMtBjDlJDbL_vA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca00:8000::/48
Signature Algorithm: sha256WithRSAEncryption
72:cc:96:e3:89:88:4f:c3:09:e2:48:37:25:f7:bf:a6:27:31:
1b:34:5a:f2:66:42:91:fe:64:0a:2c:0c:75:0a:87:99:56:a2:
a4:58:4c:5d:ee:5f:f7:90:67:39:53:9f:19:cf:77:ed:f0:08:
87:ff:b6:74:8b:fe:c0:d8:b8:ad:fc:a7:57:85:46:13:cd:e0:
cf:e9:a3:0c:93:45:15:e1:40:5c:0d:f5:32:33:ea:55:f7:70:
6a:45:55:10:11:0b:8b:8b:09:26:7e:55:17:17:6f:a9:11:da:
2a:2a:7e:80:14:01:78:28:1b:4c:01:e2:11:1a:5b:58:8d:15:
59:ab:23:8c:bb:3d:04:de:22:a8:bf:4c:7e:77:66:77:89:fe:
33:78:21:1d:34:9c:6a:a6:88:f9:f7:35:c1:8e:31:f7:04:1d:
62:f9:a8:5e:60:32:fb:0e:ed:bc:5f:ce:2d:b5:0a:71:2f:41:
01:1f:cb:ed:2b:26:26:0b:3b:74:a2:43:3c:75:b5:c6:e5:a8:
91:10:18:9f:a3:55:59:e8:81:ea:16:a8:8a:fd:c8:74:c2:6f:
47:14:fb:de:77:32:1a:56:da:e4:49:ab:a4:16:b7:07:e9:18:
ba:bb:5e:ec:df:e9:d0:79:1d:a3:a4:96:e1:37:71:76:0a:f4:
8c:c3:dc:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJwojpJeLaXjPWVaBQ8W7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZGQ0MzhhN2NlM2NiMzc5ZjI4Y2ZhMDUxY2Y2M2Q1YWQ4
ZmUzY2EwHhcNMjQwMTAxMjIzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA5YmIzNGUwNWRjZjVlNDQwNTAzMmQwNjMwZTUyNDM2Y2JmZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZnnrlVGC9/upcPnlHZHsFSCecE+
SyFTkazm0tUfKMIhuKTIIyKc2UIwyiUV/Zr4DBnOWB/wbQM+2pUZ+4f4lYVbYO6O
TKtb7shm3HZnuwW5IVI8cDrosV3UFRgL21KA7ZjIyb3ROVvinRG4Pae/Qs47B1Gm
N49nueeB8YGkISP7YsInl5doq6wNxOCGmx4FeYummiwtm1sPLLms+J4/fAuYukbW
ZgpBawb34TXKoKZl3eDNw5tw7CGSY19cRpHJoM32AyHex0XAuaT+OjLwRD1/RJzf
S3hm58HW2j+jCCbH4vhFXiRduUN5P3vVQCfdRf9h7/woj6iyFq4E0TLCFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGMJuzTgXc9eRAUDLQYw5SQ2y/7wMB8GA1UdIwQY
MBaAFCrdQ4p848s3nyjPoFHPY9Wtj+PKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUt
MjBhMGQxMzBjNDU2LzEvWXdtN05PQmR6MTVFQlFNdEJqRGxKRGJMX3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2
LzEvS3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/KAIAA
MA0GCSqGSIb3DQEBCwUAA4IBAQByzJbjiYhPwwniSDcl97+mJzEbNFryZkKR/mQK
LAx1CoeZVqKkWExd7l/3kGc5U58Zz3ft8AiH/7Z0i/7A2Lit/KdXhUYTzeDP6aMM
k0UV4UBcDfUyM+pV93BqRVUQEQuLiwkmflUXF2+pEdoqKn6AFAF4KBtMAeIRGltY
jRVZqyOMuz0E3iKov0x+d2Z3if4zeCEdNJxqpoj59zXBjjH3BB1i+aheYDL7Du28
X84ttQpxL0EBH8vtKyYmCzt0okM8dbXG5aiREBifo1VZ6IHqFqiK/ch0wm9HFPve
dzIaVtrkSaukFrcH6Ri6u17s3+nQeR2jpJbhN3F2CvSMw9z2
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:55 2024 by rpki-client on console-fra.rpki-client.org