Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/yi7U0HWqx5DAOhJoH-IQqAVtPtU.roa
File: yi7U0HWqx5DAOhJoH-IQqAVtPtU.roa (raw, json)
Hash identifier: JcJbcVznvUTOZZZ3KHtMckUEMGiCZL32RUej1/KlT7Y=
Subject key identifier: CA:2E:D4:D0:75:AA:C7:90:C0:3A:12:68:1F:E2:10:A8:05:6D:3E:D5
Certificate issuer: /CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
Certificate serial: 018CCA2BE2EDCD4AA23671C9DAE2E22B2D0C
Authority key identifier: 4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/yi7U0HWqx5DAOhJoH-IQqAVtPtU.roa
Signing time: Tue 02 Jan 2024 12:35:22 +0000
ROA not before: Tue 02 Jan 2024 12:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34081
IP address blocks: 2a0c:8fc1::/32 maxlen: 48
2a0c:8fc2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/TzvVbotU5tonu-ZiLaxny_Aqgeo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/TzvVbotU5tonu-ZiLaxny_Aqgeo.mft
rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:e2:ed:cd:4a:a2:36:71:c9:da:e2:e2:2b:2d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f3bd56e8b54e6da27bbe6622dac67cbf02a81ea
Validity
Not Before: Jan 2 12:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca2ed4d075aac790c03a12681fe210a8056d3ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:c5:c7:cb:02:9e:a0:ad:d6:70:eb:2e:31:
16:69:f9:f9:71:1f:c9:97:64:96:d7:b3:24:08:39:
1d:65:56:2d:2a:02:ef:91:97:03:46:66:5c:e9:9a:
7c:35:12:b7:01:b4:89:0b:26:29:2c:6e:99:df:f5:
88:59:ef:83:eb:da:07:80:2d:66:48:a9:d4:5a:05:
97:eb:a7:24:79:f0:87:f2:88:0d:50:0e:77:5e:1d:
37:e1:9a:34:cf:ed:dd:ab:7a:3c:d7:8c:b2:22:59:
8a:71:5d:ff:ae:31:1e:0d:6f:02:b4:79:b3:58:c5:
c1:c3:cb:e4:51:13:b7:71:24:f4:58:9c:14:f8:f5:
5c:0b:87:fc:68:ba:c1:eb:85:12:ac:cb:95:45:f5:
02:64:78:de:96:27:de:99:e7:6d:dc:15:14:8e:aa:
40:61:83:76:bb:da:63:2f:52:f2:9a:ab:86:c2:e4:
6c:c9:c3:9f:59:31:07:88:1b:b5:f1:66:4f:e7:9f:
3f:32:a4:2a:0a:ae:eb:ee:63:3d:52:34:f3:e2:5c:
f5:ae:e0:c6:85:e1:d1:f7:95:d1:e9:c7:69:61:ba:
84:bc:39:e5:20:3f:49:79:09:ec:5e:3f:de:48:ac:
23:05:02:ad:f2:8e:ed:b3:22:33:87:8d:6a:d2:b7:
d6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:2E:D4:D0:75:AA:C7:90:C0:3A:12:68:1F:E2:10:A8:05:6D:3E:D5
X509v3 Authority Key Identifier:
keyid:4F:3B:D5:6E:8B:54:E6:DA:27:BB:E6:62:2D:AC:67:CB:F0:2A:81:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzvVbotU5tonu-ZiLaxny_Aqgeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/yi7U0HWqx5DAOhJoH-IQqAVtPtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6fe149-8a72-47fd-8735-7dc5bddf91b5/1/TzvVbotU5tonu-ZiLaxny_Aqgeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:8fc1::-2a0c:8fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:c8:c4:3e:6a:dc:ef:51:00:5c:0e:66:d2:86:1e:34:f9:fb:
75:8b:3a:f8:d9:82:92:39:01:17:10:cd:49:6e:7c:31:44:c9:
a4:b9:3f:9a:4a:24:76:43:6c:e2:8f:c5:e4:94:a0:fd:aa:fa:
96:4e:c4:70:09:f3:12:0d:5f:e8:34:ea:05:68:1c:9b:67:62:
fb:c5:26:3a:b7:fd:f5:6b:b6:63:3c:38:47:e2:b5:b5:5c:50:
bc:99:4b:a7:bb:fc:0a:1e:0d:f5:12:e3:d6:c3:05:68:34:fa:
f0:60:4c:0c:84:c3:f2:3d:af:88:e9:73:cd:e8:48:e8:bf:d3:
9b:fb:eb:d1:e1:d7:4f:0d:8f:5e:ec:15:a8:af:78:d8:dd:d5:
11:53:56:fe:fd:4b:56:89:3c:e1:ce:26:ff:94:6e:75:66:d5:
5b:8e:30:c2:fa:de:70:ac:cd:34:49:8d:f7:fc:6d:9e:fb:60:
d5:51:0b:8b:72:21:c8:ff:be:2f:8d:f4:0e:de:7a:01:f7:82:
b2:ca:22:bf:b7:c4:da:f5:95:25:aa:d3:43:f3:ae:26:7b:0d:
f4:06:03:f0:35:36:01:e9:1a:27:5b:91:68:f2:3b:6f:95:e2:
a0:f5:a7:af:1d:43:d6:be:8a:90:81:0d:3e:a3:3b:66:b5:e3:
86:ad:92:7c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzKK+LtzUqiNnHJ2uLiKy0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmM2JkNTZlOGI1NGU2ZGEyN2JiZTY2MjJkYWM2N2NiZjAy
YTgxZWEwHhcNMjQwMTAyMTIzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTJlZDRkMDc1YWFjNzkwYzAzYTEyNjgxZmUyMTBhODA1NmQzZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsPFx8sCnqCt1nDrLjEWafn5cR/J
l2SW17MkCDkdZVYtKgLvkZcDRmZc6Zp8NRK3AbSJCyYpLG6Z3/WIWe+D69oHgC1m
SKnUWgWX66ckefCH8ogNUA53Xh034Zo0z+3dq3o814yyIlmKcV3/rjEeDW8CtHmz
WMXBw8vkURO3cST0WJwU+PVcC4f8aLrB64USrMuVRfUCZHjelifemedt3BUUjqpA
YYN2u9pjL1LymquGwuRsycOfWTEHiBu18WZP558/MqQqCq7r7mM9UjTz4lz1ruDG
heHR95XR6cdpYbqEvDnlID9JeQnsXj/eSKwjBQKt8o7tsyIzh41q0rfWxwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFMou1NB1qseQwDoSaB/iEKgFbT7VMB8GA1UdIwQY
MBaAFE871W6LVObaJ7vmYi2sZ8vwKoHqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHp2VmJvdFU1dG9udS1aaUxheG55X0FxZ2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZmUxNDktOGE3Mi00N2ZkLTg3MzUt
N2RjNWJkZGY5MWI1LzEveWk3VTBIV3F4NURBT2hKb0gtSVFxQVZ0UHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZmUxNDktOGE3Mi00N2ZkLTg3MzUtN2RjNWJkZGY5MWI1
LzEvVHp2VmJvdFU1dG9udS1aaUxheG55X0FxZ2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDI/B
AwUAKgyPwjANBgkqhkiG9w0BAQsFAAOCAQEAecjEPmrc71EAXA5m0oYeNPn7dYs6
+NmCkjkBFxDNSW58MUTJpLk/mkokdkNs4o/F5JSg/ar6lk7EcAnzEg1f6DTqBWgc
m2di+8UmOrf99Wu2Yzw4R+K1tVxQvJlLp7v8Ch4N9RLj1sMFaDT68GBMDITD8j2v
iOlzzehI6L/Tm/vr0eHXTw2PXuwVqK942N3VEVNW/v1LVok84c4m/5RudWbVW44w
wvrecKzNNEmN9/xtnvtg1VELi3IhyP++L430Dt56AfeCssoiv7fE2vWVJarTQ/Ou
JnsN9AYD8DU2AekaJ1uRaPI7b5XioPWnrx1D1r6KkIENPqM7ZrXjhq2SfA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:51 2024 by rpki-client on console-fra.rpki-client.org