Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/7qBGM2FlNj5VDWSejXYRgiVFieA.roa
File: 7qBGM2FlNj5VDWSejXYRgiVFieA.roa (raw, json)
Hash identifier: tYgV5ymtrquAYHfFGNZZNUrRfGLbINJoAveyT73nWBE=
Subject key identifier: EE:A0:46:33:61:65:36:3E:55:0D:64:9E:8D:76:11:82:25:45:89:E0
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0190107DBF18944CC908E2924FF7F4869404
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/7qBGM2FlNj5VDWSejXYRgiVFieA.roa
Signing time: Thu 13 Jun 2024 07:26:34 +0000
ROA not before: Thu 13 Jun 2024 07:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a06:da41::/32 maxlen: 32
2a06:da43::/32 maxlen: 32
2a0b:1f01::/32 maxlen: 32
2a0b:1f04::/32 maxlen: 32
2a0e:31c2::/32 maxlen: 32
2a0e:31c5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 02:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:7d:bf:18:94:4c:c9:08:e2:92:4f:f7:f4:86:94:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jun 13 07:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eea046336165363e550d649e8d761182254589e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:81:cf:7b:ea:bd:28:40:85:3f:06:e5:69:da:
a6:86:2e:71:00:6f:05:85:05:ab:34:fa:2b:32:7b:
6f:77:83:a3:68:3e:4c:ab:79:15:ec:4d:24:3c:0b:
d3:ee:8e:55:b4:f9:42:1c:74:7f:2b:4a:c7:de:ca:
f7:af:1a:06:75:fb:33:50:25:0d:0f:ad:e2:73:29:
33:b9:c2:47:21:9a:22:a5:1b:45:4b:1c:6d:26:06:
36:e7:c7:ed:cc:8a:77:b4:a1:34:7a:e1:ce:79:90:
3d:94:9a:43:32:83:ee:fc:c0:e2:38:4d:3b:f2:46:
23:82:c9:b2:be:a8:29:1c:3d:c3:13:a8:4f:c2:91:
78:67:71:37:49:ec:9e:6b:5b:19:4d:29:d7:0f:6e:
54:e9:51:44:84:ea:22:b3:6b:3f:aa:5e:4d:74:c4:
08:96:46:97:1a:a3:e6:20:f6:28:7f:bc:f8:c4:45:
70:30:f7:29:9a:73:5f:07:4e:41:b0:0d:74:bc:bc:
89:c0:9d:e6:68:12:b9:b2:2c:bc:06:54:35:4a:3c:
1e:56:68:15:39:0c:eb:34:1e:c9:85:c8:b1:c5:79:
bd:ac:c9:3a:e3:71:4d:6e:c8:5f:6c:f0:fe:b7:58:
bc:ee:7f:45:87:b3:cb:74:ce:15:2a:93:1d:60:9c:
83:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A0:46:33:61:65:36:3E:55:0D:64:9E:8D:76:11:82:25:45:89:E0
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/7qBGM2FlNj5VDWSejXYRgiVFieA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:da41::/32
2a06:da43::/32
2a0b:1f01::/32
2a0b:1f04::/32
2a0e:31c2::/32
2a0e:31c5::/32
Signature Algorithm: sha256WithRSAEncryption
c3:82:d2:67:7b:5f:a2:fd:08:72:1f:2d:0d:0b:76:47:31:1b:
c8:d6:2a:ca:d1:a6:7d:77:8f:c3:d0:a4:55:66:40:20:a4:a6:
c1:10:ce:db:3e:e7:75:5b:07:88:e5:83:ab:78:31:e6:20:16:
cf:ae:f4:8b:20:81:09:3a:81:2c:38:14:b6:0f:ba:f3:91:b7:
77:01:1b:46:a0:57:fb:d1:7b:11:9d:65:0c:39:50:74:57:f1:
25:1f:0e:77:7a:bb:06:f0:f1:49:36:b8:24:f1:d2:29:06:27:
8a:32:4f:64:55:f2:8f:e8:26:25:8d:dd:d0:4f:b4:e5:ae:bc:
11:cc:fc:fc:6c:54:d8:13:fc:c3:31:77:0b:34:64:16:a5:a2:
ef:0d:5a:6f:36:04:f1:96:a5:42:1e:d6:a0:a0:66:0f:40:21:
ac:dc:4b:a1:11:9d:50:4d:37:2e:f4:ee:7e:fb:ad:b3:4f:00:
c3:c2:82:c5:06:34:13:67:15:22:c3:de:5f:55:ac:f8:84:24:
5d:ed:34:10:cc:3a:e0:7a:d4:ae:9e:6f:33:2f:0b:df:36:e1:
32:36:62:56:5a:22:f5:3a:16:b0:a2:c2:3e:1c:53:4e:c9:48:
24:c8:85:cd:50:02:1d:d2:3b:47:2d:fc:54:88:62:44:5e:28:
67:26:43:cb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZAQfb8YlEzJCOKST/f0hpQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNjEzMDcyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWEwNDYzMzYxNjUzNjNlNTUwZDY0OWU4ZDc2MTE4MjI1NDU4OWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIHPe+q9KECFPwbladqmhi5xAG8F
hQWrNPorMntvd4OjaD5Mq3kV7E0kPAvT7o5VtPlCHHR/K0rH3sr3rxoGdfszUCUN
D63icykzucJHIZoipRtFSxxtJgY258ftzIp3tKE0euHOeZA9lJpDMoPu/MDiOE07
8kYjgsmyvqgpHD3DE6hPwpF4Z3E3Seyea1sZTSnXD25U6VFEhOois2s/ql5NdMQI
lkaXGqPmIPYof7z4xEVwMPcpmnNfB05BsA10vLyJwJ3maBK5siy8BlQ1SjweVmgV
OQzrNB7JhcixxXm9rMk643FNbshfbPD+t1i87n9Fh7PLdM4VKpMdYJyDiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO6gRjNhZTY+VQ1kno12EYIlRYngMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvN3FCR00yRmxOajVWRFdTZWpYWVJnaVZGaWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgbaQQMF
ACoG2kMDBQAqCx8BAwUAKgsfBAMFACoOMcIDBQAqDjHFMA0GCSqGSIb3DQEBCwUA
A4IBAQDDgtJne1+i/QhyHy0NC3ZHMRvI1irK0aZ9d4/D0KRVZkAgpKbBEM7bPud1
WweI5YOreDHmIBbPrvSLIIEJOoEsOBS2D7rzkbd3ARtGoFf70XsRnWUMOVB0V/El
Hw53ersG8PFJNrgk8dIpBieKMk9kVfKP6CYljd3QT7TlrrwRzPz8bFTYE/zDMXcL
NGQWpaLvDVpvNgTxlqVCHtagoGYPQCGs3EuhEZ1QTTcu9O5++62zTwDDwoLFBjQT
ZxUiw95fVaz4hCRd7TQQzDrgetSunm8zLwvfNuEyNmJWWiL1OhawosI+HFNOyUgk
yIXNUAId0jtHLfxUiGJEXihnJkPL
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:57:14 2024 by rpki-client on console-fra.rpki-client.org