Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rQkLecAIA6z_Pur14gkqshKEJRY.roa
File: rQkLecAIA6z_Pur14gkqshKEJRY.roa (raw, json)
Hash identifier: cszA/ZFQieoUVoyb9hBmgccpwzR4eLcFlAzxu2oDK+0=
Subject key identifier: AD:09:0B:79:C0:08:03:AC:FF:3E:EA:F5:E2:09:2A:B2:12:84:25:16
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018F28EEFFA213DFA60753984FCE911E9453
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rQkLecAIA6z_Pur14gkqshKEJRY.roa
Signing time: Mon 29 Apr 2024 08:18:22 +0000
ROA not before: Mon 29 Apr 2024 08:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215019
IP address blocks: 2a0e:aa07:e190::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:ee:ff:a2:13:df:a6:07:53:98:4f:ce:91:1e:94:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Apr 29 08:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad090b79c00803acff3eeaf5e2092ab212842516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8e:a0:d4:07:d1:0d:be:0e:ec:63:53:96:9c:
ba:19:c6:5e:d6:30:f5:ac:99:ea:9e:e0:0a:92:3a:
5c:5a:79:78:5f:4a:18:28:b2:c4:de:e4:67:30:5b:
da:19:e2:7a:33:aa:fc:d1:6d:8b:f1:e1:99:2c:c7:
47:87:6b:ab:4f:a0:a3:49:60:6a:56:b7:60:a5:7b:
6d:b7:3b:22:65:5b:10:7c:bf:26:a1:bb:0f:f0:1a:
b5:a5:ed:26:b7:e5:a0:ea:57:5a:c1:01:02:43:a9:
0d:fb:32:c6:2e:e1:99:e5:9d:45:4e:d7:58:f9:40:
78:2d:57:51:0e:5a:cb:11:09:88:a9:04:5a:3b:db:
fc:b2:f9:24:31:6a:1a:d2:be:8f:fb:24:c3:5d:a7:
70:fe:6f:74:ce:0c:3b:81:d7:25:4a:bd:ba:ce:4c:
45:e0:3b:af:d6:60:06:3f:e5:38:52:a3:ca:f5:98:
df:8e:b3:2f:57:ee:fb:35:bc:86:80:90:25:ab:b8:
18:9a:92:cc:da:6a:a7:d6:6d:f3:91:bd:b9:80:34:
13:1a:b4:ea:5a:07:e0:0f:f2:18:27:9c:34:c6:6c:
26:ec:02:25:19:c4:ea:a4:64:6a:41:50:91:10:73:
03:cc:9e:c0:e9:28:f5:63:38:5d:3f:93:c4:6b:a9:
31:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:09:0B:79:C0:08:03:AC:FF:3E:EA:F5:E2:09:2A:B2:12:84:25:16
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/rQkLecAIA6z_Pur14gkqshKEJRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e190::/44
Signature Algorithm: sha256WithRSAEncryption
8e:06:2c:da:69:32:96:ff:23:bc:d2:ff:11:4c:86:56:00:85:
a6:5b:ac:eb:d7:54:33:74:9b:48:87:50:35:65:00:e9:ba:74:
0b:b0:93:3b:80:9a:b9:9a:3e:c8:3d:cd:7e:0f:6e:21:4e:8b:
2a:72:47:e0:d4:28:0e:8e:84:43:c7:c2:c4:34:76:3d:d5:32:
d1:ae:e5:ee:81:32:24:83:62:40:9f:6d:46:ed:e2:91:49:52:
4d:66:88:b0:65:cc:61:b5:9d:a7:9e:9b:57:24:7c:d2:38:ad:
df:47:f3:96:7e:94:f7:c8:15:51:5a:0f:06:ba:79:76:58:65:
3f:72:60:dc:a1:ab:60:cf:2d:e6:7d:49:b0:3f:4b:0f:af:05:
45:e6:e6:87:78:fd:1f:51:73:20:76:3a:56:f3:95:5e:3e:8c:
f1:ce:d6:74:98:49:20:fc:58:67:65:57:68:02:e6:da:38:ba:
ea:17:77:83:11:91:1b:95:e0:24:09:be:ff:84:44:6b:88:5c:
b5:de:77:74:8d:71:dd:ae:ea:09:99:0d:7c:de:23:a2:15:6f:
c0:bd:01:ab:93:46:15:b7:39:cb:54:36:d1:1c:83:0c:7f:cd:
fe:8b:84:ee:49:df:8e:26:8c:d3:18:27:35:85:58:7d:0c:61:
92:2b:9b:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY8o7v+iE9+mB1OYT86RHpRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwNDI5MDgxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA5MGI3OWMwMDgwM2FjZmYzZWVhZjVlMjA5MmFiMjEyODQyNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI6g1AfRDb4O7GNTlpy6GcZe1jD1
rJnqnuAKkjpcWnl4X0oYKLLE3uRnMFvaGeJ6M6r80W2L8eGZLMdHh2urT6CjSWBq
VrdgpXtttzsiZVsQfL8mobsP8Bq1pe0mt+Wg6ldawQECQ6kN+zLGLuGZ5Z1FTtdY
+UB4LVdRDlrLEQmIqQRaO9v8svkkMWoa0r6P+yTDXadw/m90zgw7gdclSr26zkxF
4Duv1mAGP+U4UqPK9ZjfjrMvV+77NbyGgJAlq7gYmpLM2mqn1m3zkb25gDQTGrTq
WgfgD/IYJ5w0xmwm7AIlGcTqpGRqQVCREHMDzJ7A6Sj1YzhdP5PEa6kxQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK0JC3nACAOs/z7q9eIJKrIShCUWMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvclFrTGVjQUlBNnpfUHVyMTRna3FzaEtFSlJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+GQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCOBizaaTKW/yO80v8RTIZWAIWmW6zr11QzdJtI
h1A1ZQDpunQLsJM7gJq5mj7IPc1+D24hTosqckfg1CgOjoRDx8LENHY91TLRruXu
gTIkg2JAn21G7eKRSVJNZoiwZcxhtZ2nnptXJHzSOK3fR/OWfpT3yBVRWg8Gunl2
WGU/cmDcoatgzy3mfUmwP0sPrwVF5uaHeP0fUXMgdjpW85VePozxztZ0mEkg/Fhn
ZVdoAubaOLrqF3eDEZEbleAkCb7/hERriFy13nd0jXHdruoJmQ183iOiFW/AvQGr
k0YVtznLVDbRHIMMf83+i4TuSd+OJozTGCc1hVh9DGGSK5s/
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:53:22 2024 by rpki-client on console-ams.rpki-client.org