Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/aA5RorBrZbCCnqTk3WY_4ixI8pc.roa
File: aA5RorBrZbCCnqTk3WY_4ixI8pc.roa (raw, json)
Hash identifier: SFR+FJt/UpOH1ljI0arbSnnWTy9TlzLu3HggLuNcfWA=
Subject key identifier: 68:0E:51:A2:B0:6B:65:B0:82:9E:A4:E4:DD:66:3F:E2:2C:48:F2:97
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0192FC59BC7DABB7703EADDFED04A647A698
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/aA5RorBrZbCCnqTk3WY_4ixI8pc.roa
Signing time: Tue 05 Nov 2024 12:43:12 +0000
ROA not before: Tue 05 Nov 2024 12:43:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205920
IP address blocks: 2a10:a500::/32 maxlen: 32
2a10:a500::/48 maxlen: 48
2a10:a500:10::/48 maxlen: 48
2a10:a500:1a::/48 maxlen: 48
2a10:a500:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:59:bc:7d:ab:b7:70:3e:ad:df:ed:04:a6:47:a6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Nov 5 12:43:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=680e51a2b06b65b0829ea4e4dd663fe22c48f297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2c:4d:be:7c:f6:62:21:0d:32:28:d3:a3:d3:
15:e0:07:2c:d1:ff:7a:20:d4:e7:8c:0b:4b:98:f3:
d1:fc:08:27:d4:74:d5:a6:94:cd:22:9c:ef:c3:34:
5c:71:08:89:fc:e2:8b:96:f5:ef:09:d8:d9:98:8f:
3b:b2:fe:04:63:ef:ce:c9:d3:5e:18:eb:f8:12:81:
66:11:f5:c8:aa:87:76:9c:18:f6:e1:1a:3c:79:f1:
4d:c3:e1:d6:ff:31:13:27:e8:00:7e:28:2b:8e:32:
47:ac:a5:97:81:3a:fc:1a:32:4e:ed:9a:23:ce:11:
4c:e6:6c:40:76:7c:f1:62:e1:49:fe:a0:27:e1:29:
06:ed:c0:05:2e:c3:be:72:ba:32:0c:af:30:d7:7f:
56:90:22:11:10:df:b2:10:fa:d3:ce:5d:69:fa:2b:
19:44:77:78:1e:e7:85:cb:26:c3:a8:7a:21:f5:96:
de:bd:4e:38:87:54:44:21:82:4b:35:bf:bb:74:3d:
92:14:71:8e:90:5d:b1:75:a9:d1:68:dd:be:45:ef:
88:03:00:b3:7f:f2:72:80:96:b7:07:5d:bd:75:3d:
3e:58:6f:b5:28:64:29:65:99:68:c0:1f:cc:33:f1:
cf:d2:d4:42:bb:b7:8e:7e:9a:ff:60:b7:43:b7:05:
5b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0E:51:A2:B0:6B:65:B0:82:9E:A4:E4:DD:66:3F:E2:2C:48:F2:97
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/aA5RorBrZbCCnqTk3WY_4ixI8pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:a500::/32
Signature Algorithm: sha256WithRSAEncryption
25:56:c0:be:72:12:a9:07:0b:a4:1e:f3:62:00:ac:39:11:c0:
57:d8:e6:d5:8a:70:ad:47:77:b6:8e:ce:a9:5e:64:79:21:33:
79:41:86:b4:56:2c:9b:66:b7:29:f5:86:37:d7:79:58:e9:6b:
05:7d:13:db:2e:df:52:0a:fb:d7:d9:60:f8:0b:34:0c:ef:d6:
c3:9a:08:0c:ed:66:1d:db:bb:68:6e:53:67:bf:9a:80:06:2b:
23:04:13:f0:1b:b4:f4:b2:32:23:6e:97:13:d9:f6:28:8b:b1:
ed:d9:ab:b5:f4:ec:0a:d3:72:e7:80:e8:89:d2:70:35:4c:28:
29:31:49:d1:89:52:9a:57:7c:5d:b7:48:ea:de:df:c1:68:61:
4c:be:5d:b0:3b:06:d1:1d:8d:a2:02:b4:9d:56:be:26:e2:d6:
59:8d:a7:70:97:c4:ec:da:e9:f6:a1:1e:6b:8f:37:fb:8b:20:
9a:29:b5:db:ca:a1:4d:42:28:23:64:6d:8a:01:3e:9f:82:58:
e5:ff:60:0d:46:1a:48:7a:30:f6:03:18:7e:da:f8:d5:9d:c4:
1a:ff:9d:ca:c1:cd:3c:c9:a4:b2:f6:09:5d:b2:af:f8:08:5e:
6f:72:a5:66:79:9f:d7:e4:0f:9d:63:13:ba:b2:64:3c:d4:cf:
71:ab:cc:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZL8Wbx9q7dwPq3f7QSmR6aYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQxMTA1MTI0MzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODBlNTFhMmIwNmI2NWIwODI5ZWE0ZTRkZDY2M2ZlMjJjNDhmMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CxNvnz2YiENMijTo9MV4Acs0f96
INTnjAtLmPPR/Agn1HTVppTNIpzvwzRccQiJ/OKLlvXvCdjZmI87sv4EY+/OydNe
GOv4EoFmEfXIqod2nBj24Ro8efFNw+HW/zETJ+gAfigrjjJHrKWXgTr8GjJO7Zoj
zhFM5mxAdnzxYuFJ/qAn4SkG7cAFLsO+croyDK8w139WkCIREN+yEPrTzl1p+isZ
RHd4HueFyybDqHoh9ZbevU44h1REIYJLNb+7dD2SFHGOkF2xdanRaN2+Re+IAwCz
f/JygJa3B129dT0+WG+1KGQpZZlowB/MM/HP0tRCu7eOfpr/YLdDtwVbmwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGgOUaKwa2Wwgp6k5N1mP+IsSPKXMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvYUE1Um9yQnJaYkNDbnFUazNXWV80aXhJOHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhClADAN
BgkqhkiG9w0BAQsFAAOCAQEAJVbAvnISqQcLpB7zYgCsORHAV9jm1YpwrUd3to7O
qV5keSEzeUGGtFYsm2a3KfWGN9d5WOlrBX0T2y7fUgr719lg+As0DO/Ww5oIDO1m
Hdu7aG5TZ7+agAYrIwQT8Bu09LIyI26XE9n2KIux7dmrtfTsCtNy54DoidJwNUwo
KTFJ0YlSmld8XbdI6t7fwWhhTL5dsDsG0R2NogK0nVa+JuLWWY2ncJfE7Nrp9qEe
a483+4sgmim128qhTUIoI2RtigE+n4JY5f9gDUYaSHow9gMYftr41Z3EGv+dysHN
PMmksvYJXbKv+Aheb3KlZnmf1+QPnWMTurJkPNTPcavMOw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:41:16 2024 by rpki-client on console-fra.rpki-client.org