Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/6_Icq3jnD-Ksf8im4nkFzCmgX94.roa
File: 6_Icq3jnD-Ksf8im4nkFzCmgX94.roa (raw, json)
Hash identifier: gt4Vwe48pGfXsJE4GLb0Gl/Q7Y3QCSLtijot8wZgmjI=
Subject key identifier: EB:F2:1C:AB:78:E7:0F:E2:AC:7F:C8:A6:E2:79:05:CC:29:A0:5F:DE
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01904B9A7FDDAA85F9135DAB4160917017C2
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/6_Icq3jnD-Ksf8im4nkFzCmgX94.roa
Signing time: Mon 24 Jun 2024 18:55:34 +0000
ROA not before: Mon 24 Jun 2024 18:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a11:c540::/29 maxlen: 29
2a11:c700::/29 maxlen: 29
2a12:15c0::/29 maxlen: 29
2a12:25c0::/29 maxlen: 29
2a12:34c0::/29 maxlen: 29
2a12:4500::/29 maxlen: 29
2a12:5580::/29 maxlen: 29
2a12:6600::/29 maxlen: 29
2a12:8800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4b:9a:7f:dd:aa:85:f9:13:5d:ab:41:60:91:70:17:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jun 24 18:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebf21cab78e70fe2ac7fc8a6e27905cc29a05fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d7:85:de:3a:59:ce:20:cc:2f:a6:c4:2e:a1:
db:02:d3:35:e8:9f:76:b5:36:48:e1:2f:5b:b3:e7:
be:12:86:82:1f:4b:12:44:b3:82:86:f4:4c:de:4d:
f5:2f:88:4f:4c:10:2a:7d:4e:16:f4:dc:06:e8:33:
99:ca:81:17:48:86:9b:21:c5:8f:a9:dd:fb:ec:18:
9a:b0:c8:63:ca:fa:ff:3c:f1:14:49:e4:f3:96:fa:
08:a6:25:3b:98:44:89:3f:ac:a7:fa:a7:46:c9:1c:
88:d7:75:75:63:3a:ef:a2:00:c5:bb:28:a3:db:fa:
56:9c:44:cc:e4:0b:f1:45:ff:fa:3b:74:67:4e:35:
c1:37:b0:fb:c0:ee:1e:44:d3:5d:a7:25:d0:26:06:
fa:28:47:51:1c:41:fa:8c:4d:c8:2c:50:0c:7b:55:
d4:0f:00:56:14:27:a8:68:ac:38:fa:7d:bb:f1:2e:
c1:a1:a5:32:46:cc:eb:ac:41:19:d3:4f:46:51:52:
a4:ee:70:e3:c2:7b:54:58:4a:72:7c:49:0a:24:d7:
f0:94:68:82:00:aa:de:14:bd:d1:8d:ea:39:17:3a:
8a:e2:53:ca:8c:09:9a:c8:bf:d9:90:95:7d:8e:c1:
c3:e0:ef:a7:2e:00:1f:94:8f:2d:66:d8:0e:8d:e8:
a1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F2:1C:AB:78:E7:0F:E2:AC:7F:C8:A6:E2:79:05:CC:29:A0:5F:DE
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/6_Icq3jnD-Ksf8im4nkFzCmgX94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c540::/29
2a11:c700::/29
2a12:15c0::/29
2a12:25c0::/29
2a12:34c0::/29
2a12:4500::/29
2a12:5580::/29
2a12:6600::/29
2a12:8800::/29
Signature Algorithm: sha256WithRSAEncryption
00:e5:26:57:a3:1e:68:22:b6:c5:6f:ad:de:b8:d0:5b:f3:5d:
72:74:02:de:8d:b0:da:3b:3d:1d:b0:53:b8:4a:23:30:f1:74:
dc:aa:f0:8c:dd:6c:33:1b:30:a3:87:7c:76:84:87:b3:fe:12:
59:a2:0d:b4:bd:12:e0:b7:f8:25:44:84:03:0a:df:ec:40:1c:
f2:9b:62:90:b3:e9:6d:01:20:a3:1c:c2:d4:00:38:9b:a3:84:
ad:fe:c7:d4:76:29:a7:36:72:c3:fe:d7:6e:ee:25:4b:28:81:
1d:e3:d5:00:cf:ae:c1:ed:4f:8b:1c:85:ea:82:14:12:43:95:
18:3d:c6:41:1e:82:4c:a7:ea:b0:95:eb:40:f7:99:bb:4b:34:
d2:ff:15:fc:c9:cb:81:6b:d8:9f:31:c6:96:85:eb:86:5e:a3:
d1:0d:4b:ef:57:16:a2:40:1a:81:8f:1a:71:77:9f:a4:fa:42:
b7:a6:ab:5e:e5:6f:85:02:b8:30:52:24:18:ae:2a:6d:e2:86:
40:81:db:d3:b9:44:20:af:78:93:b1:d9:5c:b7:fc:81:d7:7b:
52:02:51:a7:86:ba:67:8d:37:4a:a7:d2:88:7a:5c:fc:47:54:
cc:17:c8:50:d4:26:17:fa:4d:f9:f8:0e:5b:31:23:88:21:23:
94:16:61:01
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZBLmn/dqoX5E12rQWCRcBfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjQwNjI0MTg1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmYyMWNhYjc4ZTcwZmUyYWM3ZmM4YTZlMjc5MDVjYzI5YTA1ZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NeF3jpZziDML6bELqHbAtM16J92
tTZI4S9bs+e+EoaCH0sSRLOChvRM3k31L4hPTBAqfU4W9NwG6DOZyoEXSIabIcWP
qd377BiasMhjyvr/PPEUSeTzlvoIpiU7mESJP6yn+qdGyRyI13V1YzrvogDFuyij
2/pWnETM5AvxRf/6O3RnTjXBN7D7wO4eRNNdpyXQJgb6KEdRHEH6jE3ILFAMe1XU
DwBWFCeoaKw4+n278S7BoaUyRszrrEEZ009GUVKk7nDjwntUWEpyfEkKJNfwlGiC
AKreFL3Rjeo5FzqK4lPKjAmayL/ZkJV9jsHD4O+nLgAflI8tZtgOjeihrwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOvyHKt45w/irH/IpuJ5BcwpoF/eMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvNl9JY3Ezam5ELUtzZjhpbTRua0Z6Q21nWDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKhHFQAMF
AyoRxwADBQMqEhXAAwUDKhIlwAMFAyoSNMADBQMqEkUAAwUDKhJVgAMFAyoSZgAD
BQMqEogAMA0GCSqGSIb3DQEBCwUAA4IBAQAA5SZXox5oIrbFb63euNBb811ydALe
jbDaOz0dsFO4SiMw8XTcqvCM3WwzGzCjh3x2hIez/hJZog20vRLgt/glRIQDCt/s
QBzym2KQs+ltASCjHMLUADibo4St/sfUdimnNnLD/tdu7iVLKIEd49UAz67B7U+L
HIXqghQSQ5UYPcZBHoJMp+qwletA95m7SzTS/xX8ycuBa9ifMcaWheuGXqPRDUvv
VxaiQBqBjxpxd5+k+kK3pqte5W+FArgwUiQYript4oZAgdvTuUQgr3iTsdlct/yB
13tSAlGnhrpnjTdKp9KIelz8R1TMF8hQ1CYX+k35+A5bMSOIISOUFmEB
-----END CERTIFICATE-----
Generated at Tue Jul 2 18:46:36 2024 by rpki-client on console-ams.rpki-client.org