Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/670LHTaLRHc6gsL39yG_MEe5nTo.roa
File: 670LHTaLRHc6gsL39yG_MEe5nTo.roa (raw, json)
Hash identifier: uYnPDCklJbTgby3MqnDNy/LJDgRS1VJculIO83850mo=
Subject key identifier: EB:BD:0B:1D:36:8B:44:77:3A:82:C2:F7:F7:21:BF:30:47:B9:9D:3A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB652F8ECFE62992E247CAE820B145
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/670LHTaLRHc6gsL39yG_MEe5nTo.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 2a13:3884::/30 maxlen: 30
2a11:5780::/30 maxlen: 30
2a11:5784::/30 maxlen: 30
2a13:3880::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:65:2f:8e:cf:e6:29:92:e2:47:ca:e8:20:b1:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebbd0b1d368b44773a82c2f7f721bf3047b99d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ad:84:e6:a4:23:9d:ca:66:fe:ce:4c:a1:07:
28:8e:fb:0b:57:b2:39:26:a4:9d:f4:6f:f1:b3:74:
c9:aa:41:4b:d9:9d:89:59:bc:d1:76:f3:73:63:2a:
cf:7e:d1:af:1b:59:0d:ef:fb:ef:ef:f0:9d:f2:74:
9c:ff:bd:a6:45:a4:e6:7f:8d:2b:98:81:d6:1a:64:
fa:83:88:9b:13:9d:96:82:ee:0a:d7:e2:f0:94:59:
07:be:13:45:a6:92:11:aa:f9:a2:dd:a4:ab:4f:15:
d7:58:5e:5b:7d:12:ab:a2:83:76:bb:6c:9c:20:88:
13:3f:4e:21:fa:8b:5e:0d:a6:7c:17:9b:64:3c:4b:
87:86:1d:17:f4:aa:6c:86:0f:38:dc:b6:d0:8f:d9:
8d:fb:82:81:65:f0:55:be:35:c9:d7:a0:43:da:1c:
79:a5:9e:d9:99:44:b1:ba:90:eb:ec:b8:b0:ac:6c:
85:05:43:25:16:7f:4a:45:87:12:55:ed:a6:03:63:
05:cd:59:aa:8a:e3:9c:66:4b:d2:20:3d:ee:5b:a3:
f0:47:32:f2:a6:16:4e:b0:d4:4d:60:56:6e:19:02:
ab:76:6d:7c:7b:99:12:e1:1a:21:4b:ad:c7:52:6f:
25:49:51:ab:fc:f6:f7:93:d6:a3:1c:d7:2c:00:61:
06:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BD:0B:1D:36:8B:44:77:3A:82:C2:F7:F7:21:BF:30:47:B9:9D:3A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/670LHTaLRHc6gsL39yG_MEe5nTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5780::/29
2a13:3880::/29
Signature Algorithm: sha256WithRSAEncryption
46:2f:8b:65:c9:41:1a:7a:32:28:d2:b7:36:8b:e9:63:e7:db:
a9:ec:21:ea:c9:91:f0:0d:dd:5b:b7:6b:22:9f:cb:3a:b4:11:
f2:7a:c3:a0:66:f3:58:c0:57:4f:9b:4a:01:68:33:5f:2b:12:
dc:f0:93:8a:4f:58:bd:8f:f3:ab:59:b4:c9:87:04:e8:fe:68:
0c:40:08:70:cf:d9:15:86:3c:a8:b9:c4:cb:44:74:4d:d7:5b:
b0:ea:52:36:68:cd:7f:34:62:71:93:22:6a:cc:b4:38:8c:b6:
cb:82:dd:a5:3c:39:61:46:d4:93:32:3d:05:1e:bc:fe:6e:58:
6a:39:fb:13:9e:c0:bc:b9:b7:f3:4d:18:53:0c:57:7a:90:9a:
14:2f:6a:d0:77:9a:da:66:fc:69:ce:42:19:af:3f:39:36:47:
a1:08:f5:a7:a3:c1:78:e3:61:00:66:b8:ae:8a:93:65:3b:ab:
e2:5a:d0:b6:b2:7b:5e:b7:22:e6:35:bd:48:a1:ba:1d:7c:48:
0b:fc:35:9a:60:4a:24:8b:53:c6:d7:a1:d3:21:04:a8:2a:54:
91:8b:e1:8c:ae:e6:d0:15:1c:78:22:ba:92:8c:c9:72:57:fb:
a4:e4:f5:74:08:08:75:ae:32:bb:20:be:d6:e5:cf:87:c2:69:
32:9a:7a:7e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzC22Uvjs/mKZLiR8roILFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJkMGIxZDM2OGI0NDc3M2E4MmMyZjdmNzIxYmYzMDQ3Yjk5ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjK2E5qQjncpm/s5MoQcojvsLV7I5
JqSd9G/xs3TJqkFL2Z2JWbzRdvNzYyrPftGvG1kN7/vv7/Cd8nSc/72mRaTmf40r
mIHWGmT6g4ibE52Wgu4K1+LwlFkHvhNFppIRqvmi3aSrTxXXWF5bfRKrooN2u2yc
IIgTP04h+oteDaZ8F5tkPEuHhh0X9Kpshg843LbQj9mN+4KBZfBVvjXJ16BD2hx5
pZ7ZmUSxupDr7LiwrGyFBUMlFn9KRYcSVe2mA2MFzVmqiuOcZkvSID3uW6PwRzLy
phZOsNRNYFZuGQKrdm18e5kS4RohS63HUm8lSVGr/Pb3k9ajHNcsAGEGNQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOu9Cx02i0R3OoLC9/chvzBHuZ06MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNjcwTEhUYUxSSGM2Z3NMMzl5R19NRWU1blRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhFXgAMF
AyoTOIAwDQYJKoZIhvcNAQELBQADggEBAEYvi2XJQRp6MijStzaL6WPn26nsIerJ
kfAN3Vu3ayKfyzq0EfJ6w6Bm81jAV0+bSgFoM18rEtzwk4pPWL2P86tZtMmHBOj+
aAxACHDP2RWGPKi5xMtEdE3XW7DqUjZozX80YnGTImrMtDiMtsuC3aU8OWFG1JMy
PQUevP5uWGo5+xOewLy5t/NNGFMMV3qQmhQvatB3mtpm/GnOQhmvPzk2R6EI9aej
wXjjYQBmuK6Kk2U7q+Ja0Laye163IuY1vUihuh18SAv8NZpgSiSLU8bXodMhBKgq
VJGL4Yyu5tAVHHgiupKMyXJX+6Tk9XQICHWuMrsgvtblz4fCaTKaen4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:12:04 2024 by rpki-client on console-ams.rpki-client.org