Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/247ee2-2365-4768-977f-fefa1abaedcf/1/1-teVumgInZ0M7rv22l4PFmqNoeQ.roa
File: 1-teVumgInZ0M7rv22l4PFmqNoeQ.roa (raw, json)
Hash identifier: T3mFaoEu9bZqtSOFt7yM1t9Q46pggMBEGNgFLGy43iY=
Subject key identifier: FA:D7:95:BA:68:08:9D:9D:0C:EE:BB:F6:DA:5E:0F:16:6A:8D:A1:E4
Certificate issuer: /CN=4dbd0b135a7dfd6b6aa1b1849eb163402de8e1b1
Certificate serial: 018D3B0359182F3469580AD553C3B8C05481
Authority key identifier: 4D:BD:0B:13:5A:7D:FD:6B:6A:A1:B1:84:9E:B1:63:40:2D:E8:E1:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tb0LE1p9_WtqobGEnrFjQC3o4bE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/247ee2-2365-4768-977f-fefa1abaedcf/1/1-teVumgInZ0M7rv22l4PFmqNoeQ.roa
Signing time: Wed 24 Jan 2024 10:28:11 +0000
ROA not before: Wed 24 Jan 2024 10:28:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25160
IP address blocks: 2a10:d700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/247ee2-2365-4768-977f-fefa1abaedcf/1/Tb0LE1p9_WtqobGEnrFjQC3o4bE.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/247ee2-2365-4768-977f-fefa1abaedcf/1/Tb0LE1p9_WtqobGEnrFjQC3o4bE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tb0LE1p9_WtqobGEnrFjQC3o4bE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:03:59:18:2f:34:69:58:0a:d5:53:c3:b8:c0:54:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dbd0b135a7dfd6b6aa1b1849eb163402de8e1b1
Validity
Not Before: Jan 24 10:28:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad795ba68089d9d0ceebbf6da5e0f166a8da1e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2c:6c:9d:2e:d8:09:55:be:65:58:26:03:bf:
9f:b3:69:3e:03:d2:be:7d:e7:5d:0a:9d:6c:08:88:
9a:a4:0b:ad:09:72:e2:76:7f:41:0e:b8:95:e8:77:
b3:af:ad:e8:b2:00:9a:48:59:b2:87:ce:f4:c2:0b:
37:b0:f4:94:1b:7f:c2:12:41:eb:8d:d4:e7:03:27:
81:d9:bd:8b:f3:a3:ce:c6:74:f1:a9:89:d9:88:d0:
45:c8:9d:a3:2b:15:8a:2b:01:2c:76:df:18:72:21:
6f:3a:ac:d4:c7:8f:d1:01:49:cd:fa:38:b4:c4:68:
d6:2e:2e:af:74:c6:26:bb:62:7e:b5:fc:f3:d3:66:
d8:18:ac:ec:32:8a:be:89:15:81:a7:19:13:08:b9:
09:d3:6a:7d:3e:63:3d:8f:89:3d:1c:af:ab:82:4b:
48:79:aa:98:d9:6d:bc:8e:da:e7:82:76:ea:aa:83:
f4:f4:8c:38:a2:c9:5b:1b:f9:06:f2:c8:6f:8e:20:
e7:37:61:c4:8d:37:8b:39:5a:c4:cf:77:db:20:69:
69:ba:70:8c:68:31:d1:be:42:11:c0:8f:f6:09:5b:
85:a5:3b:40:1f:e1:37:90:ea:59:32:e6:f3:ea:9c:
06:a1:71:63:3b:7a:b2:ac:3f:7e:b7:ad:45:c3:45:
7a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D7:95:BA:68:08:9D:9D:0C:EE:BB:F6:DA:5E:0F:16:6A:8D:A1:E4
X509v3 Authority Key Identifier:
keyid:4D:BD:0B:13:5A:7D:FD:6B:6A:A1:B1:84:9E:B1:63:40:2D:E8:E1:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tb0LE1p9_WtqobGEnrFjQC3o4bE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/247ee2-2365-4768-977f-fefa1abaedcf/1/1-teVumgInZ0M7rv22l4PFmqNoeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/247ee2-2365-4768-977f-fefa1abaedcf/1/Tb0LE1p9_WtqobGEnrFjQC3o4bE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:d700::/29
Signature Algorithm: sha256WithRSAEncryption
4e:36:43:85:c1:92:fa:e2:65:35:39:ff:83:60:77:c0:90:7b:
d4:d9:fd:0d:fc:27:c4:94:e2:c3:5f:22:27:15:a0:7a:b8:80:
82:ab:a0:f0:06:d1:59:e6:18:df:9e:e5:32:55:93:25:d0:ee:
08:17:98:8c:46:5e:62:86:8d:29:20:ff:b5:a6:e2:59:2e:a0:
68:70:25:bd:49:62:8f:d6:aa:26:82:d3:8d:47:ce:7e:5c:f1:
a9:27:0d:69:c8:cf:e8:77:40:43:a4:0f:e7:78:3c:70:cc:4e:
36:a4:51:fa:95:be:8f:f6:ab:66:9e:d7:54:1c:5d:2d:a6:89:
03:9a:37:a2:74:1f:f7:a3:a5:30:f4:a3:38:fa:03:08:4f:54:
e0:b5:b3:93:14:27:a3:04:03:c0:0c:ee:0a:13:cd:a1:62:2b:
89:08:d9:08:0e:95:88:64:de:02:d7:7e:ff:42:a1:e5:ce:cc:
76:6c:a6:cc:0e:1c:1e:04:8d:f6:bc:17:b1:2a:50:1d:0a:8a:
bb:99:eb:52:dd:df:42:d4:31:33:0e:4b:98:74:d1:02:43:f3:
e0:11:e5:aa:79:a1:cf:47:d4:28:58:87:b7:b2:91:54:59:34:
90:41:82:b0:0d:67:aa:1a:a8:01:c5:47:60:b6:7a:ee:c7:28:
68:d5:70:e8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY07A1kYLzRpWArVU8O4wFSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYmQwYjEzNWE3ZGZkNmI2YWExYjE4NDllYjE2MzQwMmRl
OGUxYjEwHhcNMjQwMTI0MTAyODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ3OTViYTY4MDg5ZDlkMGNlZWJiZjZkYTVlMGYxNjZhOGRhMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyxsnS7YCVW+ZVgmA7+fs2k+A9K+
feddCp1sCIiapAutCXLidn9BDriV6Hezr63osgCaSFmyh870wgs3sPSUG3/CEkHr
jdTnAyeB2b2L86POxnTxqYnZiNBFyJ2jKxWKKwEsdt8YciFvOqzUx4/RAUnN+ji0
xGjWLi6vdMYmu2J+tfzz02bYGKzsMoq+iRWBpxkTCLkJ02p9PmM9j4k9HK+rgktI
eaqY2W28jtrngnbqqoP09Iw4oslbG/kG8shvjiDnN2HEjTeLOVrEz3fbIGlpunCM
aDHRvkIRwI/2CVuFpTtAH+E3kOpZMubz6pwGoXFjO3qyrD9+t61Fw0V6mwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPrXlbpoCJ2dDO679tpeDxZqjaHkMB8GA1UdIwQY
MBaAFE29CxNaff1raqGxhJ6xY0At6OGxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGIwTEUxcDlfV3Rxb2JHRW5yRmpRQzNvNGJFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yNDdlZTItMjM2NS00NzY4LTk3N2Yt
ZmVmYTFhYmFlZGNmLzEvMS10ZVZ1bWdJblowTTdydjIybDRQRm1xTm9lUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvMjQ3ZWUyLTIzNjUtNDc2OC05NzdmLWZlZmExYWJhZWRj
Zi8xL1RiMExFMXA5X1d0cW9iR0VuckZqUUMzbzRiRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoQ1wAw
DQYJKoZIhvcNAQELBQADggEBAE42Q4XBkvriZTU5/4Ngd8CQe9TZ/Q38J8SU4sNf
IicVoHq4gIKroPAG0VnmGN+e5TJVkyXQ7ggXmIxGXmKGjSkg/7Wm4lkuoGhwJb1J
Yo/WqiaC041Hzn5c8aknDWnIz+h3QEOkD+d4PHDMTjakUfqVvo/2q2ae11QcXS2m
iQOaN6J0H/ejpTD0ozj6AwhPVOC1s5MUJ6MEA8AM7goTzaFiK4kI2QgOlYhk3gLX
fv9CoeXOzHZspswOHB4Ejfa8F7EqUB0KiruZ61Ld30LUMTMOS5h00QJD8+AR5ap5
oc9H1ChYh7eykVRZNJBBgrANZ6oaqAHFR2C2eu7HKGjVcOg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:37:35 2024 by rpki-client on console-fra.rpki-client.org