Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/yKNnI2wh21_2WXRzYxSusKVuDeI.roa
File: yKNnI2wh21_2WXRzYxSusKVuDeI.roa (raw, json)
Hash identifier: 38PO/dAjmUbW764JY3o0FVzcLBw9j91vevII/uXQu6k=
Subject key identifier: C8:A3:67:23:6C:21:DB:5F:F6:59:74:73:63:14:AE:B0:A5:6E:0D:E2
Certificate issuer: /CN=f97a546b66e2449ce628432dd80ad6d4d00cd03e
Certificate serial: 0190EB24A138C21060058252FCF95275E770
Authority key identifier: F9:7A:54:6B:66:E2:44:9C:E6:28:43:2D:D8:0A:D6:D4:D0:0C:D0:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XpUa2biRJzmKEMt2ArW1NAM0D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/yKNnI2wh21_2WXRzYxSusKVuDeI.roa
Signing time: Thu 25 Jul 2024 18:26:04 +0000
ROA not before: Thu 25 Jul 2024 18:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a0e:f00::/29 maxlen: 29
2a0e:13c0::/29 maxlen: 29
2a0e:4340::/29 maxlen: 29
2a0e:67c0::/29 maxlen: 29
2a0e:8540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/1-XpUa2biRJzmKEMt2ArW1NAM0D4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/1-XpUa2biRJzmKEMt2ArW1NAM0D4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XpUa2biRJzmKEMt2ArW1NAM0D4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:eb:24:a1:38:c2:10:60:05:82:52:fc:f9:52:75:e7:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97a546b66e2449ce628432dd80ad6d4d00cd03e
Validity
Not Before: Jul 25 18:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8a367236c21db5ff65974736314aeb0a56e0de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:30:6a:2a:c9:8f:cd:65:8d:6d:c6:b5:fe:
47:09:0f:1b:3a:e2:ba:c4:fa:36:c1:f7:c0:44:7a:
11:0d:c9:af:bf:ff:20:50:bb:f6:dd:ec:ca:63:1b:
b5:ba:c7:61:ff:8c:0c:32:92:dc:61:ee:2d:5c:06:
3b:18:c8:6d:58:dd:1d:ba:5c:6e:ea:5a:be:63:c1:
84:c4:9e:83:6d:99:df:11:97:41:2a:44:a0:22:10:
39:6a:7e:6d:14:45:8f:51:8b:88:f5:d6:78:d2:1f:
07:89:9a:10:87:d9:fb:87:9e:53:ab:ed:4b:36:94:
81:5c:a3:63:5d:d5:57:00:4b:1d:0e:4e:49:1b:40:
73:a6:bc:ec:6a:93:80:65:a1:f0:32:43:6f:b9:3c:
85:13:87:62:19:6a:ed:43:60:14:2d:f1:b1:e0:cf:
d9:e7:a5:3d:77:98:e9:40:bf:40:8e:f5:76:cd:78:
b9:26:bd:77:63:b3:b0:97:e2:1b:b2:e3:b3:7b:07:
0d:3f:b8:72:37:6e:0e:00:74:6e:f2:fc:7d:ca:a5:
26:50:f1:0f:d9:a6:a5:53:ea:dd:1f:02:8e:d1:e1:
76:9a:48:55:38:46:b6:e8:f2:92:85:04:83:0a:f8:
ea:8d:62:25:dd:9a:3c:80:56:a5:f6:75:d4:a6:05:
f5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A3:67:23:6C:21:DB:5F:F6:59:74:73:63:14:AE:B0:A5:6E:0D:E2
X509v3 Authority Key Identifier:
keyid:F9:7A:54:6B:66:E2:44:9C:E6:28:43:2D:D8:0A:D6:D4:D0:0C:D0:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XpUa2biRJzmKEMt2ArW1NAM0D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/yKNnI2wh21_2WXRzYxSusKVuDeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/1-XpUa2biRJzmKEMt2ArW1NAM0D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f00::/29
2a0e:13c0::/29
2a0e:4340::/29
2a0e:67c0::/29
2a0e:8540::/29
Signature Algorithm: sha256WithRSAEncryption
3b:d3:03:eb:6f:71:c4:8b:c1:5c:6f:4e:e9:bc:0b:c7:cf:56:
89:89:ca:a1:c4:0f:23:5d:ce:9a:d3:47:e9:31:f3:4e:ed:e4:
7c:0b:dc:19:f2:2f:1b:b7:c1:6f:12:5d:cd:4f:bd:42:47:3c:
ff:95:dd:c1:c6:b7:1c:10:51:b0:9b:f3:1e:9e:7b:a9:36:86:
f8:fc:99:ea:51:f4:de:1c:71:e9:3c:75:a8:2e:62:6a:f9:63:
b6:73:1d:5c:5b:8f:67:d2:10:84:b5:f6:51:40:5e:5f:59:9c:
7e:41:dc:18:72:78:57:23:76:8a:b7:12:ac:88:0c:da:8e:0e:
0f:6a:25:be:79:16:7c:73:1c:e4:7d:bc:d8:d4:65:b0:6e:74:
f3:1e:57:b0:9a:4c:61:12:d4:8f:41:28:e4:0d:72:62:2e:66:
a9:5d:a0:a4:f3:e0:75:48:af:50:1c:83:dc:4c:3c:4b:4f:66:
d6:f6:fd:00:9b:b6:94:02:ca:64:6f:14:c9:74:dd:d4:82:ed:
c7:c4:55:8c:3d:a8:e1:58:15:2d:e3:a4:fd:ab:c5:09:11:d3:
64:95:3d:1d:3d:f3:b6:c2:38:25:93:3b:2b:e0:05:06:39:10:
20:c2:fe:c5:46:58:0b:fb:ab:5a:29:bd:46:c0:09:25:6e:e1:
73:79:d4:8c
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZDrJKE4whBgBYJS/PlSdedwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5N2E1NDZiNjZlMjQ0OWNlNjI4NDMyZGQ4MGFkNmQ0ZDAw
Y2QwM2UwHhcNMjQwNzI1MTgyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGEzNjcyMzZjMjFkYjVmZjY1OTc0NzM2MzE0YWViMGE1NmUwZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cQwairJj81ljW3Gtf5HCQ8bOuK6
xPo2wffARHoRDcmvv/8gULv23ezKYxu1usdh/4wMMpLcYe4tXAY7GMhtWN0dulxu
6lq+Y8GExJ6DbZnfEZdBKkSgIhA5an5tFEWPUYuI9dZ40h8HiZoQh9n7h55Tq+1L
NpSBXKNjXdVXAEsdDk5JG0BzprzsapOAZaHwMkNvuTyFE4diGWrtQ2AULfGx4M/Z
56U9d5jpQL9AjvV2zXi5Jr13Y7Owl+IbsuOzewcNP7hyN24OAHRu8vx9yqUmUPEP
2aalU+rdHwKO0eF2mkhVOEa26PKShQSDCvjqjWIl3Zo8gFal9nXUpgX15wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFMijZyNsIdtf9ll0c2MUrrClbg3iMB8GA1UdIwQY
MBaAFPl6VGtm4kSc5ihDLdgK1tTQDNA+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YcFVhMmJpUkp6bUtFTXQyQXJXMU5BTTBENC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvMjI2OTk2LTRiM2YtNGY1Zi04YTdl
LTBiMWI2NjQxYjhhMi8xL3lLTm5JMndoMjFfMldYUnpZeFN1c0tWdURlSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWQvMjI2OTk2LTRiM2YtNGY1Zi04YTdlLTBiMWI2NjQxYjhh
Mi8xLzEtWHBVYTJiaVJKem1LRU10MkFyVzFOQU0wRDQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPAYIKwYBBQUHAQcBAf8ELTArMCkEAgACMCMDBQMqDg8A
AwUDKg4TwAMFAyoOQ0ADBQMqDmfAAwUDKg6FQDANBgkqhkiG9w0BAQsFAAOCAQEA
O9MD629xxIvBXG9O6bwLx89WiYnKocQPI13OmtNH6THzTu3kfAvcGfIvG7fBbxJd
zU+9Qkc8/5Xdwca3HBBRsJvzHp57qTaG+PyZ6lH03hxx6Tx1qC5iavljtnMdXFuP
Z9IQhLX2UUBeX1mcfkHcGHJ4VyN2ircSrIgM2o4OD2olvnkWfHMc5H282NRlsG50
8x5XsJpMYRLUj0Eo5A1yYi5mqV2gpPPgdUivUByD3Ew8S09m1vb9AJu2lALKZG8U
yXTd1ILtx8RVjD2o4VgVLeOk/avFCRHTZJU9HT3ztsI4JZM7K+AFBjkQIML+xUZY
C/urWim9RsAJJW7hc3nUjA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:10 2024 by rpki-client on console-fra.rpki-client.org