Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ooPN7IntxwDI1YPXEA-ed8lTPQM.roa
File: ooPN7IntxwDI1YPXEA-ed8lTPQM.roa (raw, json)
Hash identifier: RjCSCrWJkqtkYoEyf82brR7t/ZSwjh8Gc1RzxQc+ftA=
Subject key identifier: A2:83:CD:EC:89:ED:C7:00:C8:D5:83:D7:10:0F:9E:77:C9:53:3D:03
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018CEFE4396FD2877E2E8BF1ACDDF9042D66
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ooPN7IntxwDI1YPXEA-ed8lTPQM.roa
Signing time: Tue 09 Jan 2024 20:22:40 +0000
ROA not before: Tue 09 Jan 2024 20:22:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206005
IP address blocks: 2a14:1100::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:e040::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 14:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:e4:39:6f:d2:87:7e:2e:8b:f1:ac:dd:f9:04:2d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 9 20:22:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a283cdec89edc700c8d583d7100f9e77c9533d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c9:65:d2:2d:ae:fd:87:ef:93:62:be:6d:cb:
ce:36:5f:06:c6:8e:8b:8f:6b:cc:86:be:bf:0c:70:
47:fa:f0:2f:9e:f7:42:c1:6d:b2:98:8b:09:a6:67:
af:27:a9:80:dc:17:e3:9f:32:ae:8d:72:0c:cb:0f:
06:d8:1d:0b:1b:d7:97:1d:0b:2a:d1:15:71:47:b9:
c8:e9:01:1d:d4:2b:34:47:82:a7:3d:46:b5:3e:f5:
29:97:98:a5:ad:e4:09:24:1a:6f:95:fc:32:27:13:
e1:3c:3c:57:03:8d:92:09:48:1d:a6:9a:15:5f:2f:
15:12:9a:6a:b5:da:32:54:44:e4:1c:52:60:45:4c:
25:d7:09:66:b2:33:6b:40:4e:b3:17:bb:33:0e:02:
89:cf:75:2f:39:e5:bb:79:39:f3:10:cf:4f:86:29:
4a:60:cc:91:a6:0e:2d:ab:93:46:55:c6:c9:49:fa:
5c:3a:5c:0c:4e:2a:e1:87:a7:a0:e1:19:5c:8e:b4:
ed:20:0e:07:5a:58:cf:c7:2b:c8:90:92:c4:55:16:
52:03:50:83:ec:3d:86:97:0f:52:fb:0b:b6:75:b9:
43:8b:8d:6b:5b:58:2f:f6:20:8b:bb:a0:fd:0c:39:
57:1a:80:41:e3:39:cf:b7:ac:0d:88:02:11:68:66:
6c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:83:CD:EC:89:ED:C7:00:C8:D5:83:D7:10:0F:9E:77:C9:53:3D:03
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ooPN7IntxwDI1YPXEA-ed8lTPQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:bb40::/29
2a13:c240::/29
2a13:c440::/29
2a13:e040::/29
2a14:1100::/29
Signature Algorithm: sha256WithRSAEncryption
3b:2a:f4:90:20:62:e2:d2:bb:ee:0a:35:15:6e:be:6b:54:8d:
7d:5f:f2:3e:73:24:c5:0a:6c:96:0e:38:92:19:64:4c:ef:46:
6f:69:b8:1d:b6:c8:cc:19:8f:42:8f:14:e7:1b:4c:86:27:ae:
de:45:83:03:95:e0:2e:08:fd:3d:8e:f7:e8:b6:f5:a0:d9:75:
ca:41:df:d9:00:e2:5d:40:8a:29:58:bb:8f:16:a1:cd:35:f6:
a3:81:0e:cd:e3:47:78:88:41:1b:e4:87:65:06:32:28:26:e8:
27:16:f6:bb:f1:16:0f:15:2f:59:20:06:42:9b:fa:00:d1:37:
d6:5e:78:b5:5b:d9:43:b2:72:da:94:b5:6f:71:77:d3:c2:cc:
55:66:e2:07:ae:53:7b:71:a5:35:05:d7:25:ca:ec:89:9c:ed:
bf:f3:04:71:de:af:75:d3:a0:8a:2f:cb:cd:18:21:cc:ac:5e:
5e:a1:8a:e7:0c:86:7a:d6:b8:77:d1:16:8c:ab:5d:82:06:04:
ea:fe:de:fc:89:5b:20:ca:ca:96:05:85:6f:d8:fd:c8:93:9e:
31:6c:20:41:6f:03:99:32:ea:01:02:48:89:77:07:5f:45:62:
51:f5:b5:f8:39:19:e9:5b:d1:85:2c:8b:a7:e6:97:7c:44:79:
a5:6f:3a:7c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzv5Dlv0od+LovxrN35BC1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwMTA5MjAyMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgzY2RlYzg5ZWRjNzAwYzhkNTgzZDcxMDBmOWU3N2M5NTMzZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcll0i2u/Yfvk2K+bcvONl8Gxo6L
j2vMhr6/DHBH+vAvnvdCwW2ymIsJpmevJ6mA3BfjnzKujXIMyw8G2B0LG9eXHQsq
0RVxR7nI6QEd1Cs0R4KnPUa1PvUpl5ilreQJJBpvlfwyJxPhPDxXA42SCUgdppoV
Xy8VEppqtdoyVETkHFJgRUwl1wlmsjNrQE6zF7szDgKJz3UvOeW7eTnzEM9PhilK
YMyRpg4tq5NGVcbJSfpcOlwMTirhh6eg4RlcjrTtIA4HWljPxyvIkJLEVRZSA1CD
7D2Glw9S+wu2dblDi41rW1gv9iCLu6D9DDlXGoBB4znPt6wNiAIRaGZsiwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKKDzeyJ7ccAyNWD1xAPnnfJUz0DMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvb29QTjdJbnR4d0RJMVlQWEVBLWVkOGxUUFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhO7QAMF
AyoTwkADBQMqE8RAAwUDKhPgQAMFAyoUEQAwDQYJKoZIhvcNAQELBQADggEBADsq
9JAgYuLSu+4KNRVuvmtUjX1f8j5zJMUKbJYOOJIZZEzvRm9puB22yMwZj0KPFOcb
TIYnrt5FgwOV4C4I/T2O9+i29aDZdcpB39kA4l1AiilYu48Woc019qOBDs3jR3iI
QRvkh2UGMigm6CcW9rvxFg8VL1kgBkKb+gDRN9ZeeLVb2UOyctqUtW9xd9PCzFVm
4geuU3txpTUF1yXK7Imc7b/zBHHer3XToIovy80YIcysXl6hiucMhnrWuHfRFoyr
XYIGBOr+3vyJWyDKypYFhW/Y/ciTnjFsIEFvA5ky6gECSIl3B19FYlH1tfg5Gelb
0YUsi6fml3xEeaVvOnw=
-----END CERTIFICATE-----
Generated at Tue Jun 4 20:52:03 2024 by rpki-client on console-fra.rpki-client.org