Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/EANxLypB3-WqhE8yyATfcTxmodE.roa
File: EANxLypB3-WqhE8yyATfcTxmodE.roa (raw, json)
Hash identifier: egd0tcx3oO2rSXr2R7ovrG14P/qgftOzlaSWT1r8HYM=
Subject key identifier: 10:03:71:2F:2A:41:DF:E5:AA:84:4F:32:C8:04:DF:71:3C:66:A1:D1
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018FC5E5CCFB37B4229F0E9AC8DAE65C19F3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/EANxLypB3-WqhE8yyATfcTxmodE.roa
Signing time: Wed 29 May 2024 19:48:42 +0000
ROA not before: Wed 29 May 2024 19:48:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209022
IP address blocks: 2a0c:9a40:8c40::/48 maxlen: 48
2a0c:9a40:c000::/36 maxlen: 48
2a0c:9a40:c000::/48 maxlen: 48
2a0c:9a40:c001::/48 maxlen: 48
2a0c:9a40:c002::/48 maxlen: 48
2a0c:9a40:c003::/48 maxlen: 48
2a0c:9a40:c004::/48 maxlen: 48
2a0c:9a44:beef::/48 maxlen: 48
2a10:a500:b00b::/48 maxlen: 48
2a10:a501:b00b::/48 maxlen: 48
2a10:a502:b00b::/48 maxlen: 48
2a10:a503:b00b::/48 maxlen: 48
2a10:a504:b00b::/48 maxlen: 48
2a10:a505:b00b::/48 maxlen: 48
2a10:a506:b00b::/48 maxlen: 48
2a10:a507:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c5:e5:cc:fb:37:b4:22:9f:0e:9a:c8:da:e6:5c:19:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: May 29 19:48:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1003712f2a41dfe5aa844f32c804df713c66a1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b7:3d:99:31:4e:e5:95:00:2b:83:3a:1f:7e:
d9:1c:e4:29:ae:94:43:27:74:99:44:c2:08:e5:26:
0a:b8:cb:40:24:9b:c5:9e:d0:be:af:da:44:c8:8f:
42:ad:c5:07:38:5b:c3:c1:97:a5:7b:05:ca:f6:12:
a5:bc:66:25:31:6d:a8:bf:ec:83:d0:ce:81:12:ab:
fd:58:bd:95:f7:0b:79:fb:a8:80:86:30:a1:fb:8f:
0d:06:13:ec:03:bb:0c:08:f2:17:c4:4d:12:42:c3:
a9:c8:ac:6e:81:ac:0f:97:f2:b5:80:ae:8b:8e:a5:
1a:b3:25:2b:4f:aa:5b:2f:d3:78:dd:6c:a2:54:da:
83:da:99:3c:8f:8f:42:d3:07:92:2e:2d:94:75:66:
0a:b7:ad:d0:ef:3d:d7:53:a1:07:5b:61:ce:ee:38:
5f:2e:e1:23:9d:4f:e8:09:72:e0:6c:ce:de:ae:ef:
83:81:75:4c:6f:d7:f5:85:b9:5f:4b:fd:ac:e3:96:
13:7f:5b:2c:c2:a5:36:51:b2:56:c9:50:1f:1a:7f:
d2:da:74:c5:16:12:5b:83:6d:5a:22:a7:7e:58:77:
b4:e5:25:42:b2:f6:1e:1d:39:82:68:1a:ff:ac:e1:
71:ac:9b:4c:ec:88:ed:63:14:de:6a:24:70:70:c5:
0e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:03:71:2F:2A:41:DF:E5:AA:84:4F:32:C8:04:DF:71:3C:66:A1:D1
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/EANxLypB3-WqhE8yyATfcTxmodE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8c40::/48
2a0c:9a40:c000::/36
2a0c:9a44:beef::/48
2a10:a500:b00b::/48
2a10:a501:b00b::/48
2a10:a502:b00b::/48
2a10:a503:b00b::/48
2a10:a504:b00b::/48
2a10:a505:b00b::/48
2a10:a506:b00b::/48
2a10:a507:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
7d:c3:7a:21:60:d7:22:ae:62:f5:22:1a:be:67:3b:c0:da:0c:
79:59:f0:8a:4d:d1:5b:0e:b2:11:d3:ee:a0:88:45:0f:be:5e:
a3:da:ab:bb:8b:3b:cf:3f:b8:62:30:52:28:ed:ce:7e:8a:cc:
82:5f:67:5c:0f:71:c0:ce:17:a1:dd:d7:ce:a8:c4:c3:6a:15:
ec:21:fd:d0:31:17:99:99:c3:48:e2:49:51:5a:82:20:b9:a2:
5a:00:75:43:4a:52:ea:83:c4:fe:81:41:31:a8:bb:e0:fa:6c:
80:a4:2f:6b:a1:d1:55:b8:9e:e3:b1:2a:52:6a:49:a6:e9:bc:
8e:0b:4e:61:18:22:12:81:b7:e5:1c:72:e8:1b:5d:0b:89:ac:
71:f7:30:85:99:c1:a9:f1:ce:32:af:9b:09:5d:71:12:33:a8:
40:70:2d:39:37:0b:92:be:49:4c:5b:ab:11:4d:29:21:9e:8d:
23:41:44:ea:8d:90:ad:7f:4e:33:51:4b:86:e5:df:ce:36:1d:
c7:e7:a3:5d:ac:82:b2:cb:76:90:c6:73:c1:01:b8:f2:7d:24:
b5:36:d9:c9:cf:ce:f5:09:b0:eb:83:7f:18:dd:17:0a:e5:e2:
5d:4d:d4:47:97:21:c6:67:45:33:57:1a:63:b8:6d:88:fd:7b:
d4:0c:e2:2c
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY/F5cz7N7Qinw6ayNrmXBnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwNTI5MTk0ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDAzNzEyZjJhNDFkZmU1YWE4NDRmMzJjODA0ZGY3MTNjNjZhMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Lc9mTFO5ZUAK4M6H37ZHOQprpRD
J3SZRMII5SYKuMtAJJvFntC+r9pEyI9CrcUHOFvDwZelewXK9hKlvGYlMW2ov+yD
0M6BEqv9WL2V9wt5+6iAhjCh+48NBhPsA7sMCPIXxE0SQsOpyKxugawPl/K1gK6L
jqUasyUrT6pbL9N43WyiVNqD2pk8j49C0weSLi2UdWYKt63Q7z3XU6EHW2HO7jhf
LuEjnU/oCXLgbM7eru+DgXVMb9f1hblfS/2s45YTf1sswqU2UbJWyVAfGn/S2nTF
FhJbg21aIqd+WHe05SVCsvYeHTmCaBr/rOFxrJtM7IjtYxTeaiRwcMUOQwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFBADcS8qQd/lqoRPMsgE33E8ZqHRMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvRUFOeEx5cEIzLVdxaEU4eXlBVGZjVHhtb2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiAwcAKgyaQIxA
AwYEKgyaQMADBwAqDJpEvu8DBwAqEKUAsAsDBwAqEKUBsAsDBwAqEKUCsAsDBwAq
EKUDsAsDBwAqEKUEsAsDBwAqEKUFsAsDBwAqEKUGsAsDBwAqEKUHsAswDQYJKoZI
hvcNAQELBQADggEBAH3DeiFg1yKuYvUiGr5nO8DaDHlZ8IpN0VsOshHT7qCIRQ++
XqPaq7uLO88/uGIwUijtzn6KzIJfZ1wPccDOF6Hd186oxMNqFewh/dAxF5mZw0ji
SVFagiC5oloAdUNKUuqDxP6BQTGou+D6bICkL2uh0VW4nuOxKlJqSabpvI4LTmEY
IhKBt+UccugbXQuJrHH3MIWZwanxzjKvmwldcRIzqEBwLTk3C5K+SUxbqxFNKSGe
jSNBROqNkK1/TjNRS4bl3842Hcfno12sgrLLdpDGc8EBuPJ9JLU22cnPzvUJsOuD
fxjdFwrl4l1N1EeXIcZnRTNXGmO4bYj9e9QM4iw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:21 2024 by rpki-client on console-ams.rpki-client.org