Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/04QJVYQybZBKcea6vs11Gwysez0.roa
File: 04QJVYQybZBKcea6vs11Gwysez0.roa (raw, json)
Hash identifier: ik+mBulelE83pKo+bzKB7tS6vqYdrYNOHTxFpCPUu4U=
Subject key identifier: D3:84:09:55:84:32:6D:90:4A:71:E6:BA:BE:CD:75:1B:0C:AC:7B:3D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0191991DFB0F05D2C0A8C87247960FC1E6A0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/04QJVYQybZBKcea6vs11Gwysez0.roa
Signing time: Wed 28 Aug 2024 13:12:44 +0000
ROA not before: Wed 28 Aug 2024 13:12:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214301
IP address blocks: 2a0c:9a40:8a90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:1d:fb:0f:05:d2:c0:a8:c8:72:47:96:0f:c1:e6:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Aug 28 13:12:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d384095584326d904a71e6babecd751b0cac7b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a7:ee:57:cf:ee:d3:6e:2d:48:7b:7d:a7:6f:
fb:c6:4e:b7:94:a7:3b:34:de:42:e1:e7:22:17:ab:
84:5e:77:53:e9:99:56:22:a7:6e:dd:c6:d2:0f:87:
ed:1c:b9:39:69:2d:f0:fa:a0:80:62:3d:2a:62:68:
dc:91:da:33:56:15:5d:72:36:00:30:c0:2e:5f:6d:
a3:f7:ef:2b:aa:7a:74:c7:37:18:e8:0c:90:71:65:
1d:a2:ec:bc:af:aa:27:a0:f9:71:7f:91:36:86:9d:
38:e8:a6:12:a4:0e:d2:cc:bc:b0:42:9f:b8:1a:d0:
01:38:35:d8:c8:8c:39:14:7e:6b:08:b6:2e:e9:2e:
d7:12:82:ea:51:1c:4e:66:af:58:c8:a5:3a:c1:d9:
06:ac:97:53:27:cb:64:cd:1d:c1:c9:9d:63:f3:4f:
50:f9:36:83:9b:bf:e4:34:15:0b:07:7b:1c:4f:06:
bd:30:d6:52:96:52:c3:c6:71:7d:ac:ab:5d:8d:bb:
2c:36:1a:c7:67:2e:fa:da:f5:20:6e:e7:59:9e:23:
e5:a7:bd:f2:15:4f:56:3f:1c:ea:ef:9b:16:6a:f5:
b4:a1:d8:a1:89:cb:6c:a1:00:d1:c1:79:1b:1c:39:
9f:87:e3:f2:a2:6f:11:7a:87:ab:b1:44:cf:7f:8c:
7f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:84:09:55:84:32:6D:90:4A:71:E6:BA:BE:CD:75:1B:0C:AC:7B:3D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/04QJVYQybZBKcea6vs11Gwysez0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8a90::/48
Signature Algorithm: sha256WithRSAEncryption
14:0f:67:4a:53:be:cf:93:03:c1:57:be:4f:0c:d1:7e:3a:4a:
07:43:33:d0:1f:c1:bf:6b:c3:20:46:b1:23:bd:37:9c:e9:0f:
cf:31:38:87:07:cf:f4:c9:59:a5:65:a0:ca:29:be:ff:88:a6:
03:f4:d8:c4:dc:d8:23:42:ef:84:4a:dc:97:16:13:08:05:69:
3a:fe:d0:71:26:ee:9c:b6:3b:e3:4c:7d:f5:2c:a2:06:22:43:
ee:92:3a:52:1f:53:89:9b:a5:1b:da:e8:97:20:c6:95:71:b6:
e9:34:e9:c6:35:42:a1:ef:10:e5:3e:31:07:69:73:25:a9:e1:
42:99:37:4e:a5:5e:5b:56:2d:9c:a3:8f:51:21:03:1c:1d:9d:
27:a6:8e:1c:cb:02:f9:49:52:6a:69:bb:9c:94:14:46:5e:3d:
f8:b7:d3:9c:d0:57:6f:8e:4f:d8:68:3f:37:af:8d:cd:c5:01:
d1:e1:72:cd:d4:17:fe:ed:f8:3e:7f:dd:b7:89:5b:e4:ce:61:
45:4f:cf:22:68:77:f0:fa:ab:47:27:21:b1:a8:58:7e:c2:f4:
e2:f4:dd:f9:c1:54:d7:a9:1b:71:a4:e1:f0:05:fe:57:87:80:
c2:80:74:8c:f2:f7:2f:9c:2a:00:4c:01:6d:9e:93:04:0f:22:
54:db:fb:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZGZHfsPBdLAqMhyR5YPweagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwODI4MTMxMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzg0MDk1NTg0MzI2ZDkwNGE3MWU2YmFiZWNkNzUxYjBjYWM3YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqfuV8/u024tSHt9p2/7xk63lKc7
NN5C4eciF6uEXndT6ZlWIqdu3cbSD4ftHLk5aS3w+qCAYj0qYmjckdozVhVdcjYA
MMAuX22j9+8rqnp0xzcY6AyQcWUdouy8r6onoPlxf5E2hp046KYSpA7SzLywQp+4
GtABODXYyIw5FH5rCLYu6S7XEoLqURxOZq9YyKU6wdkGrJdTJ8tkzR3ByZ1j809Q
+TaDm7/kNBULB3scTwa9MNZSllLDxnF9rKtdjbssNhrHZy762vUgbudZniPlp73y
FU9WPxzq75sWavW0odihictsoQDRwXkbHDmfh+Pyom8ReoersUTPf4x/jwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNOECVWEMm2QSnHmur7NdRsMrHs9MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvMDRRSlZZUXliWkJLY2VhNnZzMTFHd3lzZXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAUD2dKU77PkwPBV75PDNF+OkoHQzPQH8G/a8Mg
RrEjvTec6Q/PMTiHB8/0yVmlZaDKKb7/iKYD9NjE3NgjQu+EStyXFhMIBWk6/tBx
Ju6ctjvjTH31LKIGIkPukjpSH1OJm6Ub2uiXIMaVcbbpNOnGNUKh7xDlPjEHaXMl
qeFCmTdOpV5bVi2co49RIQMcHZ0npo4cywL5SVJqabuclBRGXj34t9Oc0Fdvjk/Y
aD83r43NxQHR4XLN1Bf+7fg+f923iVvkzmFFT88iaHfw+qtHJyGxqFh+wvTi9N35
wVTXqRtxpOHwBf5Xh4DCgHSM8vcvnCoATAFtnpMEDyJU2/u6
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:41:16 2024 by rpki-client on console-fra.rpki-client.org