Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xcYi0j0GMK6lw5JaESVEz13NfEM.roa
File: xcYi0j0GMK6lw5JaESVEz13NfEM.roa (raw, json)
Hash identifier: 2E6oH96Pyt5DPYvWAVdJWM0GsEShjlo2Spe19a4/NC8=
Subject key identifier: C5:C6:22:D2:3D:06:30:AE:A5:C3:92:5A:11:25:44:CF:5D:CD:7C:43
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0193591D90BB1425360ECF8F2321DDB44B6B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xcYi0j0GMK6lw5JaESVEz13NfEM.roa
Signing time: Sat 23 Nov 2024 13:02:10 +0000
ROA not before: Sat 23 Nov 2024 13:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 2a12:1e80::/30 maxlen: 30
2a12:1e84::/30 maxlen: 30
2a12:a341::/32 maxlen: 32
2a12:a347::/32 maxlen: 32
2a13:2980::/30 maxlen: 30
2a13:2984::/30 maxlen: 30
2a13:ac80::/30 maxlen: 30
2a13:ac84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:59:1d:90:bb:14:25:36:0e:cf:8f:23:21:dd:b4:4b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 23 13:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5c622d23d0630aea5c3925a112544cf5dcd7c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9f:9a:67:68:ff:7d:69:01:c3:7a:ce:0b:c7:
7d:21:07:28:b1:f7:e4:29:de:65:f3:e6:1b:74:b5:
70:e9:0a:de:24:c8:c7:41:6a:75:f8:23:f6:48:8b:
3f:1b:d5:24:08:08:08:3b:cb:9f:fb:51:95:cc:ea:
d7:9d:11:a9:a8:66:09:4b:0e:6c:fa:e7:f5:a6:b0:
56:6b:49:f1:f9:80:8e:59:7a:74:c4:1a:bc:69:73:
48:6c:0c:af:70:59:2f:06:4d:bc:c9:f3:3a:ec:03:
d6:7d:0a:c3:88:3d:37:4e:73:12:f5:07:2d:ca:81:
5e:9c:8a:61:72:40:d6:56:e4:f3:28:8e:6c:5b:b3:
1d:03:ae:1a:bb:df:26:b3:f0:99:2d:d4:bf:db:cc:
17:e7:2b:2c:82:28:74:a1:71:c5:ef:dd:65:90:90:
a3:87:a5:d9:c1:95:c2:34:32:85:79:66:ac:1e:7b:
0a:18:00:f0:d9:e9:31:b0:92:ff:e6:61:97:f4:84:
f8:58:a0:c7:93:87:4b:bf:37:22:42:fd:bc:00:3e:
74:01:0d:bd:49:d5:3b:28:22:01:da:1e:a9:1d:0f:
aa:00:80:e4:57:d7:e8:a4:fa:a6:34:bc:b1:eb:11:
24:f9:ef:3b:1c:78:4d:97:5d:47:77:0c:f7:ad:75:
82:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C6:22:D2:3D:06:30:AE:A5:C3:92:5A:11:25:44:CF:5D:CD:7C:43
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xcYi0j0GMK6lw5JaESVEz13NfEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1e80::/29
2a12:a341::/32
2a12:a347::/32
2a13:2980::/29
2a13:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:21:32:97:96:c8:4d:df:fd:4e:d8:bf:63:e5:08:c1:44:6e:
5a:cf:a3:29:b7:99:92:0a:b5:10:35:e6:72:ab:95:0c:3b:80:
08:80:00:11:84:18:29:02:7e:97:d3:63:b0:59:bd:29:09:84:
8a:eb:b5:f2:1c:a9:55:f8:e6:f4:e6:64:4d:df:8d:45:64:84:
04:26:6a:da:9a:b1:6a:39:1d:cb:72:6a:02:c5:f5:80:cb:76:
06:7f:9f:4e:af:93:2e:f2:2b:8d:c2:37:6c:39:d9:e1:79:dd:
33:ad:25:93:49:17:18:c6:b9:24:91:86:b1:dc:0a:93:13:bf:
e4:c4:67:ef:45:62:cf:2f:09:4c:a1:6f:27:c9:42:5f:1c:b0:
e9:be:58:ab:28:da:4f:0c:b8:27:32:94:e4:4b:47:94:b4:c9:
f7:a5:a4:2b:6c:9d:00:79:8a:88:c9:5c:19:c9:6d:89:85:18:
63:7c:6f:6b:7a:26:0b:49:f2:e9:d1:d8:e4:a3:bf:8f:8f:01:
58:23:e9:bd:ed:06:4d:c6:ff:d8:4e:bf:86:4b:c9:26:5f:23:
e2:17:e0:25:49:3c:bf:28:6a:10:69:fb:64:06:71:f2:1a:cb:
0d:bc:6a:1a:0d:74:25:b6:22:78:d9:9e:5c:99:2f:5f:6d:fa:
4c:41:ce:9a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZNZHZC7FCU2Ds+PIyHdtEtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTIzMTMwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM2MjJkMjNkMDYzMGFlYTVjMzkyNWExMTI1NDRjZjVkY2Q3YzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5+aZ2j/fWkBw3rOC8d9IQcosffk
Kd5l8+YbdLVw6QreJMjHQWp1+CP2SIs/G9UkCAgIO8uf+1GVzOrXnRGpqGYJSw5s
+uf1prBWa0nx+YCOWXp0xBq8aXNIbAyvcFkvBk28yfM67APWfQrDiD03TnMS9Qct
yoFenIphckDWVuTzKI5sW7MdA64au98ms/CZLdS/28wX5yssgih0oXHF791lkJCj
h6XZwZXCNDKFeWasHnsKGADw2ekxsJL/5mGX9IT4WKDHk4dLvzciQv28AD50AQ29
SdU7KCIB2h6pHQ+qAIDkV9fopPqmNLyx6xEk+e87HHhNl11Hdwz3rXWCnwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMXGItI9BjCupcOSWhElRM9dzXxDMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEveGNZaTBqMEdNSzZsdzVKYUVTVkV6MTNOZkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhIegAMF
ACoSo0EDBQAqEqNHAwUDKhMpgAMFAyoTrIAwDQYJKoZIhvcNAQELBQADggEBAGoh
MpeWyE3f/U7Yv2PlCMFEblrPoym3mZIKtRA15nKrlQw7gAiAABGEGCkCfpfTY7BZ
vSkJhIrrtfIcqVX45vTmZE3fjUVkhAQmatqasWo5HctyagLF9YDLdgZ/n06vky7y
K43CN2w52eF53TOtJZNJFxjGuSSRhrHcCpMTv+TEZ+9FYs8vCUyhbyfJQl8csOm+
WKso2k8MuCcylORLR5S0yfelpCtsnQB5iojJXBnJbYmFGGN8b2t6JgtJ8unR2OSj
v4+PAVgj6b3tBk3G/9hOv4ZLySZfI+IX4CVJPL8oahBp+2QGcfIayw28ahoNdCW2
InjZnlyZL19t+kxBzpo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 00:20:57 2024 by rpki-client on console-ams.rpki-client.org