Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/yBdarYbEC8sISQ7hp7cQEMk5MQ4.roa
File: yBdarYbEC8sISQ7hp7cQEMk5MQ4.roa (raw, json)
Hash identifier: 5sEehx0pYWgzJLZmvwQhe+lI5cpRUvqUC5C0UR4d15A=
Subject key identifier: C8:17:5A:AD:86:C4:0B:CB:08:49:0E:E1:A7:B7:10:10:C9:39:31:0E
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018E7A9677DF74897C1194378D23C56FB156
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/yBdarYbEC8sISQ7hp7cQEMk5MQ4.roa
Signing time: Tue 26 Mar 2024 11:47:45 +0000
ROA not before: Tue 26 Mar 2024 11:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 2a12:1e80::/30 maxlen: 30
2a12:1e84::/30 maxlen: 30
2a12:a341::/32 maxlen: 32
2a12:a347::/32 maxlen: 32
2a13:2980::/30 maxlen: 30
2a13:2984::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:96:77:df:74:89:7c:11:94:37:8d:23:c5:6f:b1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 26 11:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8175aad86c40bcb08490ee1a7b71010c939310e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:44:7b:52:6c:08:19:e4:38:1c:4d:ac:49:6e:
b3:bc:63:6d:16:85:a4:f6:4c:ed:4e:92:25:1d:fc:
42:67:c8:dc:6d:c1:3c:40:25:70:27:c2:54:e0:38:
8e:f2:e6:2d:f1:8a:02:04:46:0d:c3:b1:7c:48:9b:
01:b3:26:95:5e:9e:97:c5:06:35:f1:29:3e:4f:3d:
13:97:9f:98:fe:71:23:48:b3:c6:01:e4:db:c5:24:
00:71:db:83:2d:42:d2:01:61:e0:66:77:a6:f9:69:
f7:9d:8d:08:c6:20:8a:e3:b7:1c:fa:7a:9c:c6:d9:
cc:47:11:59:01:cc:88:f1:72:2c:18:7c:25:00:f6:
ff:d2:bd:f7:1e:59:2c:ca:10:fd:d2:85:66:00:f2:
c6:a0:2a:89:db:a5:98:4a:7c:6b:00:25:06:ac:d7:
f9:c4:4b:67:6c:0e:de:af:9b:52:53:d3:21:d9:08:
6b:5c:81:a4:0f:12:58:61:c7:2a:57:1b:73:c3:9d:
bf:ed:56:9a:30:4c:39:08:b9:02:5d:91:c3:91:ba:
1c:95:3b:16:25:2c:e1:d3:74:de:fd:97:c4:90:79:
c1:0a:6b:2b:dd:8e:66:f0:21:11:0b:61:21:b9:e4:
f0:6d:88:a8:a1:ef:80:3a:bb:8b:07:e0:32:b0:9e:
05:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:17:5A:AD:86:C4:0B:CB:08:49:0E:E1:A7:B7:10:10:C9:39:31:0E
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/yBdarYbEC8sISQ7hp7cQEMk5MQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1e80::/29
2a12:a341::/32
2a12:a347::/32
2a13:2980::/29
Signature Algorithm: sha256WithRSAEncryption
41:d4:62:0d:d1:63:e0:d1:4b:f0:45:f5:29:51:2b:2c:f4:02:
40:13:1e:0d:af:22:71:81:be:60:21:40:a6:69:e3:98:d8:5f:
e6:9f:0b:7f:4a:2e:ca:82:6e:df:04:6d:b2:ea:0d:0a:93:a6:
02:75:b2:f1:0c:cf:0b:f0:bb:43:35:85:8c:e2:76:be:64:f6:
f0:39:b2:5c:96:6f:76:3c:7b:50:8d:89:75:85:33:23:6a:84:
3d:16:42:f2:a9:ff:b2:66:1b:b2:41:fa:dc:3b:42:e1:e3:32:
9a:71:49:e8:c8:a2:84:28:4e:5e:4a:df:71:61:53:3c:75:b9:
a0:af:06:f5:a9:c4:f0:f3:4e:10:cf:bb:16:4e:8a:80:06:ec:
86:8f:9a:76:55:0c:a0:87:c8:41:e7:a3:be:8e:14:5b:2e:d8:
0c:a4:55:d8:7c:fc:00:6e:fa:90:ce:36:61:4e:3f:6f:77:f9:
0d:d7:0e:4c:0c:be:bc:e6:1c:5d:39:91:6e:6c:a4:94:44:e1:
cf:d2:45:60:de:16:12:29:3f:83:3a:45:94:10:6c:aa:65:4a:
e0:35:da:63:43:41:b0:78:3e:a9:09:cf:61:25:d6:81:59:48:
f7:d8:8e:a9:fd:de:3c:2d:5e:4a:a2:c7:4b:80:1b:35:20:51:
c6:cd:ba:77
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY56lnffdIl8EZQ3jSPFb7FWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzI2MTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE3NWFhZDg2YzQwYmNiMDg0OTBlZTFhN2I3MTAxMGM5MzkzMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmER7UmwIGeQ4HE2sSW6zvGNtFoWk
9kztTpIlHfxCZ8jcbcE8QCVwJ8JU4DiO8uYt8YoCBEYNw7F8SJsBsyaVXp6XxQY1
8Sk+Tz0Tl5+Y/nEjSLPGAeTbxSQAcduDLULSAWHgZnem+Wn3nY0IxiCK47cc+nqc
xtnMRxFZAcyI8XIsGHwlAPb/0r33HlksyhD90oVmAPLGoCqJ26WYSnxrACUGrNf5
xEtnbA7er5tSU9Mh2QhrXIGkDxJYYccqVxtzw52/7VaaMEw5CLkCXZHDkboclTsW
JSzh03Te/ZfEkHnBCmsr3Y5m8CERC2EhueTwbYiooe+AOruLB+AysJ4FvwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMgXWq2GxAvLCEkO4ae3EBDJOTEOMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEveUJkYXJZYkVDOHNJU1E3aHA3Y1FFTWs1TVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhIegAMF
ACoSo0EDBQAqEqNHAwUDKhMpgDANBgkqhkiG9w0BAQsFAAOCAQEAQdRiDdFj4NFL
8EX1KVErLPQCQBMeDa8icYG+YCFApmnjmNhf5p8Lf0ouyoJu3wRtsuoNCpOmAnWy
8QzPC/C7QzWFjOJ2vmT28DmyXJZvdjx7UI2JdYUzI2qEPRZC8qn/smYbskH63DtC
4eMymnFJ6MiihChOXkrfcWFTPHW5oK8G9anE8PNOEM+7Fk6KgAbsho+adlUMoIfI
Qeejvo4UWy7YDKRV2Hz8AG76kM42YU4/b3f5DdcOTAy+vOYcXTmRbmyklEThz9JF
YN4WEik/gzpFlBBsqmVK4DXaY0NBsHg+qQnPYSXWgVlI99iOqf3ePC1eSqLHS4Ab
NSBRxs26dw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:27 2024 by rpki-client on console-ams.rpki-client.org