Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/Go3gf3YoaYKVeVD_ayP5j-J3ja0.roa
File: Go3gf3YoaYKVeVD_ayP5j-J3ja0.roa (raw, json)
Hash identifier: qydbYNYlRAhamOGnsAJZueb30tUVjVEg8iTpm8uxKMk=
Subject key identifier: 1A:8D:E0:7F:76:28:69:82:95:79:50:FF:6B:23:F9:8F:E2:77:8D:AD
Certificate issuer: /CN=e1584910124af776e30e5acf055d6bae1761a536
Certificate serial: 018CC5DD43B0A9A84664E06B540D82D59C5C
Authority key identifier: E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/Go3gf3YoaYKVeVD_ayP5j-J3ja0.roa
Signing time: Mon 01 Jan 2024 16:31:01 +0000
ROA not before: Mon 01 Jan 2024 16:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:3c0:3::/48 maxlen: 48
2a13:3c0:6::/48 maxlen: 48
2a13:3c0:1::/48 maxlen: 48
2a13:3c0:9::/48 maxlen: 48
2a13:3c0:11::/48 maxlen: 48
2a13:3c0:4::/48 maxlen: 48
2a13:3c0:7::/48 maxlen: 48
2a13:3c0:2::/48 maxlen: 48
2a13:3c0:5::/48 maxlen: 48
2a13:3c0:8::/48 maxlen: 48
2a13:3c0:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:43:b0:a9:a8:46:64:e0:6b:54:0d:82:d5:9c:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1584910124af776e30e5acf055d6bae1761a536
Validity
Not Before: Jan 1 16:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a8de07f76286982957950ff6b23f98fe2778dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f3:5a:75:18:6d:f4:81:90:bd:2b:98:1e:c1:
55:84:f3:2e:85:5b:a0:f9:41:44:4b:d5:aa:25:e1:
04:71:70:94:e4:b3:bc:48:c9:ed:21:9e:ae:ee:3c:
79:b2:56:bd:ec:5f:c8:59:f9:b4:63:0a:79:27:1a:
c9:70:ff:e0:8a:d8:c9:4c:1a:b8:75:7f:b0:70:25:
34:a3:d5:f4:68:70:80:07:3f:ed:14:76:8f:4a:5d:
35:e0:77:99:86:b1:84:2c:f8:0c:74:8e:99:4f:01:
8f:dd:ca:29:77:c2:89:a5:f8:f8:3b:7e:de:27:ae:
d1:43:24:60:c2:a1:eb:57:31:69:c6:29:b3:52:a6:
6b:04:8c:3a:1f:74:91:d8:96:57:a6:90:04:05:b7:
1c:9b:4d:61:59:5c:ed:d3:a5:79:c6:49:af:ed:88:
b3:a7:48:83:e9:e6:c3:8d:bb:ae:ab:b3:bb:1b:5d:
a1:5c:27:ac:b5:40:92:f0:09:51:d0:72:73:7b:9c:
c1:0f:cc:a6:4c:2d:c2:b4:ec:64:3f:28:88:18:18:
8a:97:2e:69:6a:9d:50:49:0d:6c:33:4b:fc:48:ce:
c8:48:1d:3f:b5:ab:1c:72:36:a0:0d:40:ab:57:7f:
35:40:47:a9:17:a5:45:c8:10:82:29:18:da:e5:0e:
bc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8D:E0:7F:76:28:69:82:95:79:50:FF:6B:23:F9:8F:E2:77:8D:AD
X509v3 Authority Key Identifier:
keyid:E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/Go3gf3YoaYKVeVD_ayP5j-J3ja0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3c0:1::-2a13:3c0:9:ffff:ffff:ffff:ffff:ffff
2a13:3c0:10::/47
Signature Algorithm: sha256WithRSAEncryption
86:8c:17:99:86:81:47:c9:d2:88:de:2a:9c:78:f9:4f:c2:8d:
65:14:89:74:ec:c9:ff:5b:4b:e2:4c:20:9e:f0:20:7f:50:aa:
36:fa:7f:31:f3:29:4b:5a:59:c4:1f:b2:f0:07:8a:9e:94:3e:
e5:2a:08:d6:f0:cb:98:15:74:ee:de:8a:b7:da:d9:69:93:fa:
42:f2:c0:8c:86:8f:f0:a4:f0:1c:4f:df:ad:07:96:eb:4c:cb:
05:94:5d:cf:f8:4b:e0:b0:7e:b3:e7:1a:e7:f9:47:bb:e3:37:
64:18:e3:27:7c:49:e3:da:d5:7a:24:27:99:f7:f3:0e:4a:1b:
e1:d2:42:1c:a3:fe:b5:6d:99:b3:db:ec:fa:de:77:7f:2c:c6:
17:eb:36:d5:1d:a6:6b:46:ef:78:d2:0e:54:55:9e:f8:00:87:
22:1d:79:61:3e:4c:7b:48:30:bd:4c:f4:08:c9:e2:3b:d4:d6:
fc:4d:c4:4d:13:73:ff:1e:be:42:e9:b2:4c:99:8c:38:31:d0:
32:77:15:6a:11:ba:28:b9:5c:61:79:b3:53:87:72:27:8f:60:
69:09:02:f3:ca:d5:04:04:e7:9b:da:a8:f5:d1:a2:29:16:20:
63:8c:2d:b5:40:b6:7b:3f:f3:0d:6e:08:de:43:8d:e6:7e:34:
e7:f3:6e:66
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3UOwqahGZOBrVA2C1ZxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTg0OTEwMTI0YWY3NzZlMzBlNWFjZjA1NWQ2YmFlMTc2
MWE1MzYwHhcNMjQwMTAxMTYzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYThkZTA3Zjc2Mjg2OTgyOTU3OTUwZmY2YjIzZjk4ZmUyNzc4ZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfNadRht9IGQvSuYHsFVhPMuhVug
+UFES9WqJeEEcXCU5LO8SMntIZ6u7jx5sla97F/IWfm0Ywp5JxrJcP/gitjJTBq4
dX+wcCU0o9X0aHCABz/tFHaPSl014HeZhrGELPgMdI6ZTwGP3copd8KJpfj4O37e
J67RQyRgwqHrVzFpximzUqZrBIw6H3SR2JZXppAEBbccm01hWVzt06V5xkmv7Yiz
p0iD6ebDjbuuq7O7G12hXCestUCS8AlR0HJze5zBD8ymTC3CtOxkPyiIGBiKly5p
ap1QSQ1sM0v8SM7ISB0/tasccjagDUCrV381QEepF6VFyBCCKRja5Q681QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBqN4H92KGmClXlQ/2sj+Y/id42tMB8GA1UdIwQY
MBaAFOFYSRASSvd24w5azwVda64XYaU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUt
MzFhYjMyZmY3YzY4LzEvR28zZ2YzWW9hWUtWZVZEX2F5UDVqLUozamEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUtMzFhYjMyZmY3YzY4
LzEvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqEwPA
AAEDBwEqEwPAAAgDBwEqEwPAABAwDQYJKoZIhvcNAQELBQADggEBAIaMF5mGgUfJ
0ojeKpx4+U/CjWUUiXTsyf9bS+JMIJ7wIH9Qqjb6fzHzKUtaWcQfsvAHip6UPuUq
CNbwy5gVdO7eirfa2WmT+kLywIyGj/Ck8BxP360HlutMywWUXc/4S+CwfrPnGuf5
R7vjN2QY4yd8SePa1XokJ5n38w5KG+HSQhyj/rVtmbPb7Pred38sxhfrNtUdpmtG
73jSDlRVnvgAhyIdeWE+THtIML1M9AjJ4jvU1vxNxE0Tc/8evkLpskyZjDgx0DJ3
FWoRuii5XGF5s1OHciePYGkJAvPK1QQE55vaqPXRoikWIGOMLbVAtns/8w1uCN5D
jeZ+NOfzbmY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:53:54 2024 by rpki-client on console-fra.rpki-client.org