Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/__uQD2blZ4KinvbOIiyn0WQJGf8.roa
File: __uQD2blZ4KinvbOIiyn0WQJGf8.roa (raw, json)
Hash identifier: cpMbyf3cH7jKk69LmYGZt/AMELMqSx/x94rju9WeS5Y=
Subject key identifier: FF:FB:90:0F:66:E5:67:82:A2:9E:F6:CE:22:2C:A7:D1:64:09:19:FF
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018CC64B5FCF661B43C9C24CA2982E838E75
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/__uQD2blZ4KinvbOIiyn0WQJGf8.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212786
IP address blocks: 2a10:14c0::/29 maxlen: 29
2a0e:5780::/29 maxlen: 29
2a0e:2b00::/29 maxlen: 29
2a09:e980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5f:cf:66:1b:43:c9:c2:4c:a2:98:2e:83:8e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fffb900f66e56782a29ef6ce222ca7d1640919ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4c:d0:52:0e:0f:9e:0c:33:44:9c:ed:3a:dd:
12:39:61:01:35:fd:37:1e:26:7b:9a:90:23:6e:25:
fc:26:9e:46:15:49:b7:aa:20:6b:7e:93:76:97:31:
cd:d1:22:d9:5d:42:8b:56:8b:b9:fd:8a:b6:a2:fd:
d7:bb:01:45:35:86:8f:89:7d:f5:dc:80:f9:f5:31:
dd:eb:9f:6d:21:0c:a1:9c:38:d4:12:fe:cf:94:ae:
45:19:b4:0e:db:48:76:a8:af:8a:d6:61:88:9e:15:
62:18:4f:97:a6:80:21:df:aa:4f:ee:46:ac:97:5d:
3a:40:bf:63:b7:38:42:9c:0c:5b:60:9f:85:c8:cd:
d1:f7:82:f5:e7:be:ce:60:8f:a3:c1:cb:15:3e:a1:
ca:61:a2:b7:f0:30:cb:5a:2f:4c:8e:32:60:c1:86:
42:0f:af:52:8c:5b:32:27:32:3a:46:83:af:01:b0:
b5:6a:22:49:4c:27:cd:22:88:ce:33:29:47:36:49:
c7:68:82:be:79:90:72:82:85:10:d9:21:6c:40:7f:
33:97:ba:90:7f:eb:c4:2f:8d:8e:d3:22:57:6d:63:
a8:39:12:9b:6e:a3:a5:af:6c:f6:84:0d:fc:41:3a:
63:2d:dc:c6:01:32:ae:9e:80:4a:03:8b:1e:54:33:
52:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:FB:90:0F:66:E5:67:82:A2:9E:F6:CE:22:2C:A7:D1:64:09:19:FF
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/__uQD2blZ4KinvbOIiyn0WQJGf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e980::/29
2a0e:2b00::/29
2a0e:5780::/29
2a10:14c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:17:fc:b0:18:2b:8b:09:82:58:a1:0a:ff:3f:00:93:85:8d:
33:01:35:2c:85:fa:2d:80:cf:64:e8:d6:79:05:2a:61:04:de:
8f:d5:ff:d0:b4:fd:10:ba:65:6e:85:3e:55:07:f5:0b:4d:44:
c4:6e:a3:0a:2c:ee:a8:86:ad:88:74:4e:7d:75:bd:3b:90:2f:
32:dd:33:f5:c9:1a:a1:44:bd:a7:e5:4a:e1:47:1f:40:99:fd:
58:5a:43:3c:6d:a7:13:35:a0:a0:99:bb:76:d1:b8:e4:ff:33:
7a:0e:3d:3a:22:cd:71:f8:d0:48:dd:7f:f5:7d:4d:4a:20:bb:
8a:0e:9f:64:2e:86:9c:73:43:37:ec:a2:34:69:7d:df:9f:f9:
f3:8d:78:ff:6c:82:c5:bd:13:0c:f3:93:3b:70:8d:0c:63:f9:
9f:4b:b6:9a:98:29:cb:f4:ff:76:c2:fe:75:20:34:08:bd:e8:
ed:83:6c:86:71:02:51:91:fe:d9:4c:00:28:51:10:25:ce:13:
f4:ce:ec:ac:3b:6d:f8:22:b1:69:11:5e:b0:e2:05:22:4f:75:
e5:46:0b:fe:ad:52:6f:9c:dd:88:bc:a3:fa:6c:c9:37:19:89:
f2:ec:86:1c:98:4e:b5:15:ae:7d:b0:92:db:e0:09:a4:66:81:
31:4c:db:8d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGS1/PZhtDycJMopgug451MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmZiOTAwZjY2ZTU2NzgyYTI5ZWY2Y2UyMjJjYTdkMTY0MDkxOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUzQUg4PngwzRJztOt0SOWEBNf03
HiZ7mpAjbiX8Jp5GFUm3qiBrfpN2lzHN0SLZXUKLVou5/Yq2ov3XuwFFNYaPiX31
3ID59THd659tIQyhnDjUEv7PlK5FGbQO20h2qK+K1mGInhViGE+XpoAh36pP7kas
l106QL9jtzhCnAxbYJ+FyM3R94L1577OYI+jwcsVPqHKYaK38DDLWi9MjjJgwYZC
D69SjFsyJzI6RoOvAbC1aiJJTCfNIojOMylHNknHaIK+eZBygoUQ2SFsQH8zl7qQ
f+vEL42O0yJXbWOoORKbbqOlr2z2hA38QTpjLdzGATKunoBKA4seVDNSlQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP/7kA9m5WeCop72ziIsp9FkCRn/MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvX191UUQyYmxaNEtpbnZiT0lpeW4wV1FKR2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgnpgAMF
AyoOKwADBQMqDleAAwUDKhAUwDANBgkqhkiG9w0BAQsFAAOCAQEAORf8sBgriwmC
WKEK/z8Ak4WNMwE1LIX6LYDPZOjWeQUqYQTej9X/0LT9ELplboU+VQf1C01ExG6j
CizuqIatiHROfXW9O5AvMt0z9ckaoUS9p+VK4UcfQJn9WFpDPG2nEzWgoJm7dtG4
5P8zeg49OiLNcfjQSN1/9X1NSiC7ig6fZC6GnHNDN+yiNGl935/58414/2yCxb0T
DPOTO3CNDGP5n0u2mpgpy/T/dsL+dSA0CL3o7YNshnECUZH+2UwAKFEQJc4T9M7s
rDtt+CKxaRFesOIFIk915UYL/q1Sb5zdiLyj+mzJNxmJ8uyGHJhOtRWufbCS2+AJ
pGaBMUzbjQ==
-----END CERTIFICATE-----
Generated at Sun May 5 06:46:52 2024 by rpki-client on console-fra.rpki-client.org