Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/hlewWqWyiAUSTEQSh0I6VwNFo8M.roa
File: hlewWqWyiAUSTEQSh0I6VwNFo8M.roa (raw, json)
Hash identifier: 64j6ptfjB/s0f52kSIGVCRUE4HiG/nX5lW13FLzBGHo=
Subject key identifier: 86:57:B0:5A:A5:B2:88:05:12:4C:44:12:87:42:3A:57:03:45:A3:C3
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 018CC8714A53D8B03C45868470598BB57D52
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/hlewWqWyiAUSTEQSh0I6VwNFo8M.roa
Signing time: Tue 02 Jan 2024 04:31:56 +0000
ROA not before: Tue 02 Jan 2024 04:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51582
IP address blocks: 2a06:9686:a00::/39 maxlen: 39
2a06:9686:c00::/39 maxlen: 39
2a06:9686:e00::/39 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4a:53:d8:b0:3c:45:86:84:70:59:8b:b5:7d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 2 04:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8657b05aa5b28805124c441287423a570345a3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bd:c4:aa:06:75:fe:c4:a7:81:9d:51:8e:96:
37:da:19:dd:05:36:90:fa:ce:fb:ca:8e:2a:d0:2e:
33:49:f8:5b:53:97:15:2b:f5:31:a6:6e:c4:ad:71:
e3:e1:e7:bc:07:ae:c5:a5:dc:54:1d:9b:64:37:07:
7b:6a:fd:a2:b7:7e:06:f6:81:f0:2f:60:59:10:c1:
d5:bb:d1:f6:77:40:f3:8e:1d:2e:ed:07:9e:45:43:
72:45:64:c0:48:16:92:ca:3f:84:aa:99:a7:37:b3:
06:80:09:a8:bc:95:16:29:da:9a:bc:4b:d4:3b:ff:
3b:f9:0c:e8:9a:55:5e:7e:2a:20:e9:0a:10:51:4c:
75:75:1d:8d:1a:8b:eb:8c:c5:ab:4f:82:ef:5f:0c:
e4:b7:51:4a:18:e5:9a:58:20:3a:1a:e0:0e:17:69:
b7:c6:15:d4:bc:3d:26:d1:e6:8e:e8:79:de:bd:61:
b8:79:85:4c:25:a2:b8:f6:7d:7a:5a:ce:ed:91:e0:
3a:b2:85:9a:b5:60:8a:79:b7:e1:10:60:ae:e3:6d:
66:d1:1e:93:89:3e:26:80:8e:7c:16:21:ef:1a:71:
96:b3:18:06:b4:2c:88:00:1a:f7:99:4c:26:e5:d0:
03:e3:1b:e9:e0:34:7c:75:d5:47:5e:7f:a6:0c:7a:
b1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:57:B0:5A:A5:B2:88:05:12:4C:44:12:87:42:3A:57:03:45:A3:C3
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/hlewWqWyiAUSTEQSh0I6VwNFo8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9686:a00::-2a06:9686:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5d:0a:67:05:4b:fb:b0:3a:d9:d1:c3:e5:ff:1c:cc:4a:e2:a2:
a0:53:16:04:b5:49:c7:67:16:48:d1:12:75:a5:02:4e:c6:12:
77:f3:1c:49:64:08:44:23:3f:1f:c9:4b:01:4a:dd:4d:7c:f3:
60:3d:d1:bc:a7:49:ed:ab:8c:a5:4c:0d:5c:df:a1:b5:f8:c2:
8c:ed:19:cc:67:24:75:59:db:e2:1b:1b:a8:34:11:a4:1c:49:
fe:2a:9c:04:68:e1:92:14:6a:7e:c8:54:86:d5:0d:d1:03:88:
a1:b3:6d:74:30:ef:99:4c:b7:f8:ad:79:31:2b:fa:d2:b3:e1:
b7:c9:7f:92:26:eb:6d:94:88:b2:f7:70:4b:3b:41:05:9d:4f:
42:bb:e9:bf:39:23:82:c2:1c:d8:d2:d4:22:6c:68:a7:28:dd:
28:bb:23:58:78:d3:f4:55:fd:08:c1:be:7e:e2:be:3a:3a:17:
8e:97:81:36:2d:e7:39:78:85:f1:88:c1:73:ca:a1:91:2f:80:
3e:56:4c:19:b9:30:4f:85:a1:96:fe:cb:be:51:65:f3:76:09:
31:82:14:ad:50:f8:9e:0d:4d:00:c4:97:5f:68:37:ab:18:04:
51:0b:11:d2:eb:02:11:3c:82:be:e3:8c:a2:7a:ee:46:59:26:
93:72:77:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIcUpT2LA8RYaEcFmLtX1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjQwMTAyMDQzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjU3YjA1YWE1YjI4ODA1MTI0YzQ0MTI4NzQyM2E1NzAzNDVhM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArr3EqgZ1/sSngZ1RjpY32hndBTaQ
+s77yo4q0C4zSfhbU5cVK/Uxpm7ErXHj4ee8B67FpdxUHZtkNwd7av2it34G9oHw
L2BZEMHVu9H2d0Dzjh0u7QeeRUNyRWTASBaSyj+EqpmnN7MGgAmovJUWKdqavEvU
O/87+QzomlVefiog6QoQUUx1dR2NGovrjMWrT4LvXwzkt1FKGOWaWCA6GuAOF2m3
xhXUvD0m0eaO6HnevWG4eYVMJaK49n16Ws7tkeA6soWatWCKebfhEGCu421m0R6T
iT4mgI58FiHvGnGWsxgGtCyIABr3mUwm5dAD4xvp4DR8ddVHXn+mDHqxkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIZXsFqlsogFEkxEEodCOlcDRaPDMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvaGxld1dxV3lpQVVTVEVRU2gwSTZWd05GbzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgEqBpaG
CgMGBCoGloYAMA0GCSqGSIb3DQEBCwUAA4IBAQBdCmcFS/uwOtnRw+X/HMxK4qKg
UxYEtUnHZxZI0RJ1pQJOxhJ38xxJZAhEIz8fyUsBSt1NfPNgPdG8p0ntq4ylTA1c
36G1+MKM7RnMZyR1WdviGxuoNBGkHEn+KpwEaOGSFGp+yFSG1Q3RA4ihs210MO+Z
TLf4rXkxK/rSs+G3yX+SJuttlIiy93BLO0EFnU9Cu+m/OSOCwhzY0tQibGinKN0o
uyNYeNP0Vf0Iwb5+4r46OheOl4E2Lec5eIXxiMFzyqGRL4A+VkwZuTBPhaGW/su+
UWXzdgkxghStUPieDU0AxJdfaDerGARRCxHS6wIRPIK+44yieu5GWSaTcnfg
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:07:38 2024 by rpki-client on console-fra.rpki-client.org