Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/T0Q7M1qurO0EA2WRh4J1aaVmaK8.roa
File: T0Q7M1qurO0EA2WRh4J1aaVmaK8.roa (raw, json)
Hash identifier: XzQZcFdsjPH7zRkDzroBlOpLyGOgl4MNGvR1CKo3hV4=
Subject key identifier: 4F:44:3B:33:5A:AE:AC:ED:04:03:65:91:87:82:75:69:A5:66:68:AF
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018DEA894C1FEA5488D483399E2DD5B0F09F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/T0Q7M1qurO0EA2WRh4J1aaVmaK8.roa
Signing time: Tue 27 Feb 2024 12:28:02 +0000
ROA not before: Tue 27 Feb 2024 12:28:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a00:48a0::/29 maxlen: 48
2a09:7700::/29 maxlen: 48
2a0a:d040::/29 maxlen: 48
2a0a:dd80::/29 maxlen: 48
2a0b:a0c0::/29 maxlen: 48
2a0c:8140::/29 maxlen: 48
2a0c:fa80::/29 maxlen: 48
2a0d:5e40::/29 maxlen: 48
2a0d:e000::/29 maxlen: 48
2a0e:83c0::/29 maxlen: 48
2a10:51c0::/29 maxlen: 48
2a10:7880::/29 maxlen: 48
2a11:d800::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:89:4c:1f:ea:54:88:d4:83:39:9e:2d:d5:b0:f0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 27 12:28:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f443b335aaeaced0403659187827569a56668af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:67:40:97:42:8e:62:dd:c2:68:78:38:aa:f1:
1a:57:64:06:cc:5f:cf:a2:a2:32:af:53:10:cc:84:
58:6a:d7:a1:ba:3e:21:c2:64:31:a8:5b:ea:8f:3b:
ad:15:1c:33:3a:5f:3d:ab:a1:de:03:19:69:92:9c:
37:7d:d7:11:40:2f:0f:df:6e:f1:25:c1:90:e7:e0:
44:47:83:7d:8b:2e:30:32:90:cd:98:67:03:b1:de:
3b:4a:af:6f:ca:34:19:09:a1:56:55:38:f8:07:32:
17:10:7a:ee:29:3d:4a:0a:a4:00:90:f2:93:58:ce:
2c:00:13:5b:f1:46:26:24:df:d8:ba:51:22:b6:1e:
6b:0b:34:da:12:16:18:e2:aa:15:16:79:91:2d:d3:
a1:f2:25:73:ce:d7:71:8f:1f:61:51:76:18:d4:97:
8f:0c:8b:b2:41:5b:d5:59:b9:42:29:dc:c3:75:c2:
d2:d9:63:2d:a8:91:af:7b:4a:ce:5d:ca:80:7b:37:
03:61:e5:cb:08:5c:13:a1:bf:c4:b7:70:d7:dc:2c:
1d:e7:86:5a:4a:af:88:93:96:a0:a7:14:4a:ff:d9:
07:d0:e1:54:c6:54:24:5a:23:59:d6:e5:9f:07:9b:
5a:a4:cd:88:4f:1b:7c:2c:d3:c1:a7:f7:dd:ed:eb:
14:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:44:3B:33:5A:AE:AC:ED:04:03:65:91:87:82:75:69:A5:66:68:AF
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/T0Q7M1qurO0EA2WRh4J1aaVmaK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:48a0::/29
2a09:7700::/29
2a0a:d040::/29
2a0a:dd80::/29
2a0b:a0c0::/29
2a0c:8140::/29
2a0c:fa80::/29
2a0d:5e40::/29
2a0d:e000::/29
2a0e:83c0::/29
2a10:51c0::/29
2a10:7880::/29
2a11:d800::/29
Signature Algorithm: sha256WithRSAEncryption
9d:2d:9c:56:b7:0c:ef:e9:b9:38:2b:bd:00:5a:39:e7:4d:c7:
96:26:8d:a9:0b:cc:e0:cc:ba:d4:d0:7a:22:6b:00:86:71:2b:
13:9e:46:e9:ab:96:12:e8:f0:9a:26:c2:4d:ca:07:96:b0:2a:
75:c8:70:5f:c2:a1:b5:58:d7:f3:2d:0b:9d:86:4a:53:c9:f0:
0d:e0:20:e1:d7:ba:77:8b:0e:34:29:94:90:3b:81:55:ed:07:
76:14:4e:a6:b7:ba:7f:ad:f8:f8:b7:72:d3:0c:a2:2b:48:db:
d6:72:9b:2f:84:fe:b8:25:5c:eb:a3:3d:9b:b6:a1:0c:61:26:
99:7b:b9:46:4e:27:d6:00:6e:aa:c1:4f:3c:46:8b:bd:ab:5d:
af:62:db:56:79:b0:df:eb:54:79:5b:e4:c7:5a:32:33:7b:ec:
6c:2a:58:71:3a:ad:5a:ad:19:eb:74:94:f3:a4:a9:51:b0:db:
8d:ec:e5:4e:0e:fe:29:39:f0:0d:07:51:64:5c:95:13:f5:cc:
94:48:3f:19:5e:eb:3d:31:55:77:5e:05:67:11:d8:33:5e:82:
07:4e:93:08:a2:fe:51:77:77:ea:85:cc:c7:9f:35:3f:2c:2c:
36:2a:e4:54:80:d5:9a:5d:dc:5f:16:5b:10:fe:b6:84:f6:38:
c9:46:69:6c
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAY3qiUwf6lSI1IM5ni3VsPCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMjI3MTIyODAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQ0M2IzMzVhYWVhY2VkMDQwMzY1OTE4NzgyNzU2OWE1NjY2OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGdAl0KOYt3CaHg4qvEaV2QGzF/P
oqIyr1MQzIRYatehuj4hwmQxqFvqjzutFRwzOl89q6HeAxlpkpw3fdcRQC8P327x
JcGQ5+BER4N9iy4wMpDNmGcDsd47Sq9vyjQZCaFWVTj4BzIXEHruKT1KCqQAkPKT
WM4sABNb8UYmJN/YulEith5rCzTaEhYY4qoVFnmRLdOh8iVzztdxjx9hUXYY1JeP
DIuyQVvVWblCKdzDdcLS2WMtqJGve0rOXcqAezcDYeXLCFwTob/Et3DX3Cwd54Za
Sq+Ik5agpxRK/9kH0OFUxlQkWiNZ1uWfB5tapM2ITxt8LNPBp/fd7esUDwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFE9EOzNarqztBANlkYeCdWmlZmivMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvVDBRN00xcXVyTzBFQTJXUmg0SjFhYVZtYUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAAjBbAwUDKgBIoAMF
AyoJdwADBQMqCtBAAwUDKgrdgAMFAyoLoMADBQMqDIFAAwUDKgz6gAMFAyoNXkAD
BQMqDeAAAwUDKg6DwAMFAyoQUcADBQMqEHiAAwUDKhHYADANBgkqhkiG9w0BAQsF
AAOCAQEAnS2cVrcM7+m5OCu9AFo5503HliaNqQvM4My61NB6ImsAhnErE55G6auW
EujwmibCTcoHlrAqdchwX8KhtVjX8y0LnYZKU8nwDeAg4de6d4sONCmUkDuBVe0H
dhROpre6f634+Ldy0wyiK0jb1nKbL4T+uCVc66M9m7ahDGEmmXu5Rk4n1gBuqsFP
PEaLvatdr2LbVnmw3+tUeVvkx1oyM3vsbCpYcTqtWq0Z63SU86SpUbDbjezlTg7+
KTnwDQdRZFyVE/XMlEg/GV7rPTFVd14FZxHYM16CB06TCKL+UXd36oXMx581Pyws
NirkVIDVml3cXxZbEP62hPY4yUZpbA==
-----END CERTIFICATE-----
Generated at Sat May 4 12:55:23 2024 by rpki-client on console-fra.rpki-client.org