Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/aYsqE8P7Xjo0tF1VjWoEUqczQ0Y.roa
File: aYsqE8P7Xjo0tF1VjWoEUqczQ0Y.roa (raw, json)
Hash identifier: vz6HVZxrvX+zOIUYvsa1nQRS9Zf5faMlAxesKKujTgg=
Subject key identifier: 69:8B:2A:13:C3:FB:5E:3A:34:B4:5D:55:8D:6A:04:52:A7:33:43:46
Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Certificate serial: 01905EF6EA70EF2FBAB9D0B0A891BD21DAC0
Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/aYsqE8P7Xjo0tF1VjWoEUqczQ0Y.roa
Signing time: Fri 28 Jun 2024 13:09:18 +0000
ROA not before: Fri 28 Jun 2024 13:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:2880::/29 maxlen: 29
2a13:d3c0::/29 maxlen: 29
2a14:1300::/29 maxlen: 29
2a14:1500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:f6:ea:70:ef:2f:ba:b9:d0:b0:a8:91:bd:21:da:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Validity
Not Before: Jun 28 13:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=698b2a13c3fb5e3a34b45d558d6a0452a7334346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:87:70:17:01:2c:de:58:1e:02:58:62:51:7b:
24:81:9f:a6:6b:b4:da:bb:54:cf:e5:76:c0:62:ce:
6b:16:2b:07:0c:a8:3e:aa:cf:b1:14:74:d4:a0:a7:
cf:c3:93:52:8d:5a:f8:81:b3:a8:13:c2:08:c2:4e:
da:03:8d:de:d6:00:57:76:7a:99:a3:f3:2f:f9:ca:
64:4d:0e:d6:0c:d4:6b:d1:d4:fc:50:ba:d1:56:27:
ab:de:b8:f9:fb:08:cc:9d:c6:9a:00:d7:e0:3e:e6:
15:f4:2b:96:ad:a0:31:dd:f3:e4:02:f7:0d:49:64:
ce:c5:69:f2:2a:d0:bb:ef:b5:9b:fa:48:69:b2:ee:
f8:cd:de:05:ba:65:f4:d0:ff:ad:75:97:a6:4d:d7:
2c:65:4c:d3:85:87:de:85:2b:85:78:1d:ad:4f:b5:
e9:d1:85:24:5e:52:95:1c:ef:59:6e:7b:5f:8b:85:
24:c5:08:2c:ba:b5:08:fd:cb:4e:54:5b:8c:e1:3f:
f9:7e:95:4d:7f:03:19:44:84:bd:5f:97:fd:75:8a:
71:61:11:53:57:73:30:d9:ed:76:f8:cc:09:c5:66:
57:f4:cb:99:4d:79:95:82:5f:7d:33:c2:0a:d1:b4:
2c:18:62:33:d3:80:e3:02:eb:11:c6:ce:0c:44:77:
65:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8B:2A:13:C3:FB:5E:3A:34:B4:5D:55:8D:6A:04:52:A7:33:43:46
X509v3 Authority Key Identifier:
keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/aYsqE8P7Xjo0tF1VjWoEUqczQ0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2880::/29
2a13:d3c0::/29
2a14:1300::/29
2a14:1500::/29
Signature Algorithm: sha256WithRSAEncryption
68:ef:f7:70:61:fa:45:fb:4e:01:8a:c0:94:64:4e:2b:22:fd:
4b:90:4a:ef:27:ef:ce:ac:ca:63:0a:87:43:b3:d0:ef:12:cd:
d9:e4:d6:57:33:d6:47:b5:19:5c:d8:da:b0:c7:97:0f:66:8b:
1f:4d:2d:f3:d0:b5:19:4e:ac:8a:67:08:ae:a9:65:3a:8e:12:
b9:49:c4:65:6d:c3:44:8f:dd:4f:7d:7b:95:6c:5f:bd:b8:79:
4c:7c:99:14:63:1e:16:78:89:13:20:f3:a3:e7:8b:37:fe:e9:
be:7d:bf:05:36:6f:5a:fb:35:50:8a:9b:40:ae:64:fb:5a:ef:
71:7a:ee:08:0d:e0:64:fb:6c:cc:4d:e5:55:66:71:51:e1:7f:
d5:5e:b6:0d:80:6d:82:9a:4b:5c:93:d0:6c:41:12:13:40:c7:
86:c1:5f:6d:92:75:ab:81:29:26:ba:f9:eb:5d:f8:39:f9:99:
bb:6c:29:fd:a6:1c:b7:3d:ac:33:f7:16:90:d2:53:f9:95:5a:
7e:c7:a1:88:34:79:04:f9:1b:2d:56:ff:41:c1:cb:91:d3:3f:
24:fc:63:a4:21:36:a7:0b:06:7b:05:b9:ff:84:78:4d:ac:83:
e4:b5:48:5d:1f:f8:9a:fa:0d:4a:40:86:7f:79:4f:5a:ac:13:
fb:89:fc:7f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZBe9upw7y+6udCwqJG9IdrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm
YmUwOTkwHhcNMjQwNjI4MTMwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThiMmExM2MzZmI1ZTNhMzRiNDVkNTU4ZDZhMDQ1MmE3MzM0MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4dwFwEs3lgeAlhiUXskgZ+ma7Ta
u1TP5XbAYs5rFisHDKg+qs+xFHTUoKfPw5NSjVr4gbOoE8IIwk7aA43e1gBXdnqZ
o/Mv+cpkTQ7WDNRr0dT8ULrRVier3rj5+wjMncaaANfgPuYV9CuWraAx3fPkAvcN
SWTOxWnyKtC777Wb+khpsu74zd4FumX00P+tdZemTdcsZUzThYfehSuFeB2tT7Xp
0YUkXlKVHO9Zbntfi4UkxQgsurUI/ctOVFuM4T/5fpVNfwMZRIS9X5f9dYpxYRFT
V3Mw2e12+MwJxWZX9MuZTXmVgl99M8IK0bQsGGIz04DjAusRxs4MRHdl5QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGmLKhPD+146NLRdVY1qBFKnM0NGMB8GA1UdIwQY
MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt
M2FhMjIyN2JhZGZlLzEvYVlzcUU4UDdYam8wdEYxVmpXb0VVcWN6UTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl
LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhMogAMF
AyoT08ADBQMqFBMAAwUDKhQVADANBgkqhkiG9w0BAQsFAAOCAQEAaO/3cGH6RftO
AYrAlGROKyL9S5BK7yfvzqzKYwqHQ7PQ7xLN2eTWVzPWR7UZXNjasMeXD2aLH00t
89C1GU6simcIrqllOo4SuUnEZW3DRI/dT317lWxfvbh5THyZFGMeFniJEyDzo+eL
N/7pvn2/BTZvWvs1UIqbQK5k+1rvcXruCA3gZPtszE3lVWZxUeF/1V62DYBtgppL
XJPQbEESE0DHhsFfbZJ1q4EpJrr56134OfmZu2wp/aYctz2sM/cWkNJT+ZVafseh
iDR5BPkbLVb/QcHLkdM/JPxjpCE2pwsGewW5/4R4TayD5LVIXR/4mvoNSkCGf3lP
WqwT+4n8fw==
-----END CERTIFICATE-----
Generated at Wed Jul 3 05:56:43 2024 by rpki-client on console-fra.rpki-client.org