Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/ST4RriXbQ4wEhwPzoJuivHfWVj4.roa
File: ST4RriXbQ4wEhwPzoJuivHfWVj4.roa (raw, json)
Hash identifier: 8sEiUgJkj9iESDBILd5x0A8CDGRWa+gc9/NW3t11zuw=
Subject key identifier: 49:3E:11:AE:25:DB:43:8C:04:87:03:F3:A0:9B:A2:BC:77:D6:56:3E
Certificate issuer: /CN=e7fe22f551e95b0f15033c503552e49bca617c6a
Certificate serial: 0193A6C8910208085E5D0BB8BB1698F0B039
Authority key identifier: E7:FE:22:F5:51:E9:5B:0F:15:03:3C:50:35:52:E4:9B:CA:61:7C:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_4i9VHpWw8VAzxQNVLkm8phfGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/ST4RriXbQ4wEhwPzoJuivHfWVj4.roa
Signing time: Sun 08 Dec 2024 14:59:42 +0000
ROA not before: Sun 08 Dec 2024 14:59:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12570
IP address blocks: 2a0b:bb41::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/5_4i9VHpWw8VAzxQNVLkm8phfGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/5_4i9VHpWw8VAzxQNVLkm8phfGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_4i9VHpWw8VAzxQNVLkm8phfGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a6:c8:91:02:08:08:5e:5d:0b:b8:bb:16:98:f0:b0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fe22f551e95b0f15033c503552e49bca617c6a
Validity
Not Before: Dec 8 14:59:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=493e11ae25db438c048703f3a09ba2bc77d6563e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:03:51:38:8e:e3:84:ec:39:b0:85:5e:0b:3e:
31:13:88:1b:13:1b:1c:6b:ec:4d:cc:79:3c:c5:f8:
05:8f:69:48:d6:dd:3d:d8:39:e2:3b:ec:50:1c:d9:
80:14:1a:c3:df:68:4d:10:73:80:d8:b9:b7:0c:b7:
20:db:ef:5d:0c:66:2b:fa:6e:02:aa:1d:cd:6b:f5:
4c:7b:07:d1:9c:81:10:d3:7a:50:3f:94:82:5e:8b:
a6:27:14:c5:6b:d9:f1:e5:03:6f:a7:bc:0a:2e:4d:
f2:b1:6a:e6:08:82:cc:46:f0:79:cd:10:10:75:4a:
85:28:18:8f:a9:ad:2b:d8:6b:e9:2c:54:68:ac:ac:
eb:c0:27:9d:96:4d:97:fe:d7:81:30:09:4c:7a:29:
4c:05:6c:0b:91:a2:1c:31:46:fa:a2:b0:d4:96:98:
c0:2d:ed:37:86:3d:c2:2b:e3:37:e4:c0:18:82:95:
b4:f6:f7:0e:71:9a:9a:be:a0:c9:e2:de:46:13:86:
9b:94:40:02:b6:36:ca:33:18:dc:20:2d:5a:db:5e:
74:38:b9:ad:7e:c8:d5:11:cd:ba:3e:54:1b:42:80:
d3:8c:8a:c1:b0:54:1e:8a:9a:e7:c8:04:9b:0e:ae:
ac:e1:32:f0:cd:41:9a:e1:62:c8:7b:30:46:d4:7e:
12:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3E:11:AE:25:DB:43:8C:04:87:03:F3:A0:9B:A2:BC:77:D6:56:3E
X509v3 Authority Key Identifier:
keyid:E7:FE:22:F5:51:E9:5B:0F:15:03:3C:50:35:52:E4:9B:CA:61:7C:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_4i9VHpWw8VAzxQNVLkm8phfGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/ST4RriXbQ4wEhwPzoJuivHfWVj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d612e3-94eb-4866-b43c-e40b301401a9/1/5_4i9VHpWw8VAzxQNVLkm8phfGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:bb41::/32
Signature Algorithm: sha256WithRSAEncryption
31:39:c5:62:70:13:a5:bd:56:48:48:8d:43:87:87:e0:7e:88:
3e:15:c9:93:d8:76:9b:94:c6:a8:17:45:bd:ea:d3:22:64:eb:
b2:a1:03:72:2a:e8:aa:15:64:40:fe:4f:b6:c5:44:9c:cb:de:
a8:3d:df:14:01:5d:bb:78:8b:75:31:f8:4c:1f:be:55:36:32:
6f:ff:8e:4e:db:5c:a0:04:1f:ae:c8:79:8f:fe:4e:ea:9d:3d:
96:da:76:cd:02:64:2d:33:4c:b2:fc:40:54:da:40:5b:cf:45:
18:aa:5c:c7:e1:86:ec:17:e5:c7:9f:75:88:0b:72:13:8d:a4:
db:c1:48:37:ef:49:c7:77:13:d6:6d:2b:70:b3:93:ce:31:96:
7b:b4:8a:32:8e:95:70:c4:9b:69:9a:4f:9f:ea:0f:16:85:5a:
39:d7:89:57:e0:e8:ce:f0:79:2a:7c:60:5b:6a:38:db:84:3e:
99:42:73:0a:ce:be:54:65:4f:65:a4:10:69:41:89:61:bc:7f:
34:d3:73:98:ef:f1:f7:36:65:a2:ef:aa:e7:06:a6:88:ea:b6:
55:01:38:70:82:8c:6e:dd:98:d9:fd:45:7b:c4:51:17:93:a9:
cf:25:43:e6:36:ab:81:8d:9e:7e:3b:36:2c:10:ff:69:98:29:
b9:a6:c0:af
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOmyJECCAheXQu4uxaY8LA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmUyMmY1NTFlOTViMGYxNTAzM2M1MDM1NTJlNDliY2E2
MTdjNmEwHhcNMjQxMjA4MTQ1OTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNlMTFhZTI1ZGI0MzhjMDQ4NzAzZjNhMDliYTJiYzc3ZDY1NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ANROI7jhOw5sIVeCz4xE4gbExsc
a+xNzHk8xfgFj2lI1t092DniO+xQHNmAFBrD32hNEHOA2Lm3DLcg2+9dDGYr+m4C
qh3Na/VMewfRnIEQ03pQP5SCXoumJxTFa9nx5QNvp7wKLk3ysWrmCILMRvB5zRAQ
dUqFKBiPqa0r2GvpLFRorKzrwCedlk2X/teBMAlMeilMBWwLkaIcMUb6orDUlpjA
Le03hj3CK+M35MAYgpW09vcOcZqavqDJ4t5GE4ablEACtjbKMxjcIC1a2150OLmt
fsjVEc26PlQbQoDTjIrBsFQeiprnyASbDq6s4TLwzUGa4WLIezBG1H4S6wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEk+Ea4l20OMBIcD86Cborx31lY+MB8GA1UdIwQY
MBaAFOf+IvVR6VsPFQM8UDVS5JvKYXxqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV80aTlWSHBXdzhWQXp4UU5WTGttOHBoZkdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kNjEyZTMtOTRlYi00ODY2LWI0M2Mt
ZTQwYjMwMTQwMWE5LzEvU1Q0UnJpWGJRNHdFaHdQem9KdWl2SGZXVmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kNjEyZTMtOTRlYi00ODY2LWI0M2MtZTQwYjMwMTQwMWE5
LzEvNV80aTlWSHBXdzhWQXp4UU5WTGttOHBoZkdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgu7QTAN
BgkqhkiG9w0BAQsFAAOCAQEAMTnFYnATpb1WSEiNQ4eH4H6IPhXJk9h2m5TGqBdF
verTImTrsqEDciroqhVkQP5PtsVEnMveqD3fFAFdu3iLdTH4TB++VTYyb/+OTttc
oAQfrsh5j/5O6p09ltp2zQJkLTNMsvxAVNpAW89FGKpcx+GG7Bflx591iAtyE42k
28FIN+9Jx3cT1m0rcLOTzjGWe7SKMo6VcMSbaZpPn+oPFoVaOdeJV+DozvB5Knxg
W2o424Q+mUJzCs6+VGVPZaQQaUGJYbx/NNNzmO/x9zZlou+q5wamiOq2VQE4cIKM
bt2Y2f1Fe8RRF5OpzyVD5jargY2efjs2LBD/aZgpuabArw==
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:06:02 2024 by rpki-client on console-ams.rpki-client.org