Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/RNlxzMJ7s7dv-ii5vzzOv75o0R4.roa
File: RNlxzMJ7s7dv-ii5vzzOv75o0R4.roa (raw, json)
Hash identifier: LmggLA9Jd0tAj6ymTbNNcTOrN88JyMfIN4+2sGJCA+Q=
Subject key identifier: 44:D9:71:CC:C2:7B:B3:B7:6F:FA:28:B9:BF:3C:CE:BF:BE:68:D1:1E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8EB8B10EF5A80B2911889B61C76C4
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/RNlxzMJ7s7dv-ii5vzzOv75o0R4.roa
Signing time: Mon 01 Jan 2024 20:30:56 +0000
ROA not before: Mon 01 Jan 2024 20:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209833
IP address blocks: 2a0e:7d40:20::/44 maxlen: 44
2a0e:7d40::/32 maxlen: 32
2a0e:7d40:30::/44 maxlen: 44
2a0e:7d40:40::/44 maxlen: 44
2a0e:7d40:43::/48 maxlen: 48
2a0e:7d40:41::/48 maxlen: 48
2a0e:7d40:42::/48 maxlen: 48
2a0c:9a40:8130::/44 maxlen: 48
2a0c:9a40:8130::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:eb:8b:10:ef:5a:80:b2:91:18:89:b6:1c:76:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44d971ccc27bb3b76ffa28b9bf3ccebfbe68d11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8b:db:e6:66:5f:95:db:61:7a:dd:2f:3d:49:
b4:13:26:83:18:6e:c0:c1:87:99:e1:ae:22:87:db:
96:42:58:99:4d:c8:cd:db:4d:bb:d4:ad:74:2b:e9:
5a:c7:a4:29:57:56:6a:27:d9:89:d5:b2:ec:a2:67:
fe:b2:21:a7:a3:40:d9:27:b6:55:50:35:6f:96:fc:
a7:d6:1c:8a:f9:68:af:e6:46:ed:71:ae:bb:a1:cb:
65:58:32:d6:72:7d:b1:8f:0b:ba:5b:7d:bb:de:f8:
b6:64:9b:51:66:e6:8f:ce:1f:21:5d:97:7d:38:3f:
35:19:c6:2b:78:97:54:9e:9b:44:c6:8e:2f:b8:3f:
44:20:f2:09:e7:87:0d:4b:14:dd:f1:9d:0c:46:6d:
fd:90:03:08:f9:7e:6c:3f:bc:9b:10:4a:9f:90:1f:
e8:e9:9d:e0:b5:af:45:66:5d:5e:2d:f0:d7:ac:2c:
26:b4:cf:d8:23:26:44:07:7e:a2:e1:a8:fa:78:8c:
5b:9b:83:76:43:dc:55:ee:37:c4:a9:6b:5a:58:94:
06:68:b8:41:fd:4f:61:a5:e6:0b:9b:90:61:58:45:
e8:46:64:8d:ab:03:d7:2a:fb:59:3c:c1:86:65:eb:
48:dd:9b:d3:77:b9:54:a0:65:ae:c7:12:22:f7:e9:
a0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D9:71:CC:C2:7B:B3:B7:6F:FA:28:B9:BF:3C:CE:BF:BE:68:D1:1E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/RNlxzMJ7s7dv-ii5vzzOv75o0R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8130::/44
2a0e:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
23:00:49:9f:05:e8:28:58:eb:52:77:f4:10:17:55:cd:87:e5:
02:fb:28:e2:7b:1c:60:31:10:c7:ce:7f:16:f9:8b:9a:10:04:
7d:90:2e:e3:bf:6a:e2:42:f3:d1:db:0c:ab:78:e5:ce:5f:df:
ad:42:b7:6e:3a:24:0e:44:e8:60:4b:7e:92:83:b8:7d:d3:fb:
0f:9a:d0:c0:47:27:e0:13:88:e9:d6:51:31:44:38:be:ab:29:
e2:01:14:7e:1f:6a:2b:90:89:5e:38:5f:cd:9e:80:36:02:70:
a5:63:d3:8f:33:0e:b2:a6:14:50:2f:eb:6d:85:68:ec:c6:9b:
19:42:3a:a9:01:df:8f:9f:80:3d:79:02:e9:de:e0:56:4c:45:
87:9a:24:5e:c6:d1:8a:af:f3:cf:1c:e1:d8:e2:bc:64:54:45:
05:01:6b:4c:98:00:01:8b:e7:b8:64:e4:25:2a:62:b2:ff:aa:
60:2e:9c:3c:b4:fb:13:41:5b:f7:e4:68:c8:de:04:da:42:67:
23:cc:91:e1:73:04:3f:f4:6f:29:52:9e:a3:75:54:be:eb:60:
00:27:2d:69:e9:f8:5c:64:8c:38:3f:d2:5d:0d:04:de:09:0e:
9a:2c:df:2d:e8:58:03:23:c6:58:b1:28:42:6a:8d:e3:dc:7b:
b8:37:83:59
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzGuOuLEO9agLKRGIm2HHbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ5NzFjY2MyN2JiM2I3NmZmYTI4YjliZjNjY2ViZmJlNjhkMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Yvb5mZfldthet0vPUm0EyaDGG7A
wYeZ4a4ih9uWQliZTcjN20271K10K+lax6QpV1ZqJ9mJ1bLsomf+siGno0DZJ7ZV
UDVvlvyn1hyK+Wiv5kbtca67octlWDLWcn2xjwu6W3273vi2ZJtRZuaPzh8hXZd9
OD81GcYreJdUnptExo4vuD9EIPIJ54cNSxTd8Z0MRm39kAMI+X5sP7ybEEqfkB/o
6Z3gta9FZl1eLfDXrCwmtM/YIyZEB36i4aj6eIxbm4N2Q9xV7jfEqWtaWJQGaLhB
/U9hpeYLm5BhWEXoRmSNqwPXKvtZPMGGZetI3ZvTd7lUoGWuxxIi9+mgtwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFETZcczCe7O3b/ooub88zr++aNEeMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUk5seHpNSjdzN2R2LWlpNXZ6ek92NzVvMFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcEKgyaQIEw
AwUAKg59QDANBgkqhkiG9w0BAQsFAAOCAQEAIwBJnwXoKFjrUnf0EBdVzYflAvso
4nscYDEQx85/FvmLmhAEfZAu479q4kLz0dsMq3jlzl/frUK3bjokDkToYEt+koO4
fdP7D5rQwEcn4BOI6dZRMUQ4vqsp4gEUfh9qK5CJXjhfzZ6ANgJwpWPTjzMOsqYU
UC/rbYVo7MabGUI6qQHfj5+APXkC6d7gVkxFh5okXsbRiq/zzxzh2OK8ZFRFBQFr
TJgAAYvnuGTkJSpisv+qYC6cPLT7E0Fb9+RoyN4E2kJnI8yR4XMEP/RvKVKeo3VU
vutgACctaen4XGSMOD/SXQ0E3gkOmizfLehYAyPGWLEoQmqN49x7uDeDWQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:17:24 2024 by rpki-client on console-fra.rpki-client.org