Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/h2nxMge2x4ayqClLITt58BnH3Wc.roa
File: h2nxMge2x4ayqClLITt58BnH3Wc.roa (raw, json)
Hash identifier: IFOS6CiqBMzO1Q7qzgk4j8jqwF/Nx0oLiAn9WQ8n7/E=
Subject key identifier: 87:69:F1:32:07:B6:C7:86:B2:A8:29:4B:21:3B:79:F0:19:C7:DD:67
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01904EC2E7A782C2977B93DEBB143D97BD72
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/h2nxMge2x4ayqClLITt58BnH3Wc.roa
Signing time: Tue 25 Jun 2024 09:38:34 +0000
ROA not before: Tue 25 Jun 2024 09:38:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149476
IP address blocks: 2a0c:9a40:9c00::/40 maxlen: 48
2a10:a507:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:c2:e7:a7:82:c2:97:7b:93:de:bb:14:3d:97:bd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jun 25 09:38:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8769f13207b6c786b2a8294b213b79f019c7dd67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:39:11:4f:45:03:4d:1b:2c:fc:08:cc:70:a3:
48:7e:37:b6:3b:31:65:54:1d:34:37:21:26:65:cc:
ce:4a:79:2a:66:6c:52:c3:35:45:84:04:de:ce:e0:
e5:8d:77:d4:b7:1c:36:ae:5e:fd:39:6b:75:1d:23:
9f:e3:83:a9:de:37:09:7f:f7:b0:2c:91:b4:fa:29:
6a:67:91:a2:7a:7b:0f:8d:81:3d:83:8c:a4:c7:55:
8b:20:fc:32:57:c0:3f:b0:2c:e2:a9:de:cc:a3:ab:
12:8f:6a:1f:a7:e2:e8:fd:ce:70:e7:f7:1b:47:ae:
92:fa:a1:12:c6:6d:b8:c6:04:e8:99:a7:4f:09:36:
ca:75:20:65:d5:28:96:3e:20:0f:1a:1c:7f:3b:8d:
1e:ea:60:0a:29:28:de:34:1c:cf:f8:08:ce:42:d7:
ea:1a:32:9a:ab:88:8c:3b:52:6d:6b:92:35:91:08:
7a:7a:a7:24:24:9e:10:20:c1:70:cf:01:b6:df:94:
5f:d2:f7:43:20:d1:1c:c3:ae:a6:95:3a:d8:9a:07:
93:a9:85:d0:64:f5:aa:e9:c3:0f:fe:16:23:05:06:
94:e9:4f:63:ff:5b:53:cf:2d:69:77:62:b9:50:a0:
71:0f:23:fb:f6:bd:cb:de:80:75:0d:42:cf:97:17:
9d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:69:F1:32:07:B6:C7:86:B2:A8:29:4B:21:3B:79:F0:19:C7:DD:67
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/h2nxMge2x4ayqClLITt58BnH3Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9c00::/40
2a10:a507:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
6f:4e:98:19:95:f8:ed:e0:5a:1f:f0:f6:18:c6:55:6e:24:e0:
d4:36:69:a1:49:c6:9b:3e:f6:29:08:c0:af:09:5d:7d:44:9e:
0f:f2:3b:44:f5:a4:9e:2c:f9:13:52:66:e6:23:50:46:25:0e:
3b:ab:76:21:63:72:5a:ee:78:5f:49:c8:2f:18:c6:0c:38:24:
13:b8:e3:59:d8:1f:2d:42:32:c2:56:b5:c4:3a:53:2d:6c:97:
84:49:cf:a8:60:45:1d:f3:08:3d:fa:28:9c:f8:02:ce:44:ef:
5f:7e:0a:19:64:14:94:b2:b6:cf:3a:59:d6:b4:74:ad:c3:61:
a2:34:75:d1:f2:d9:67:57:d0:e6:3e:5d:68:6d:30:48:d3:ec:
ce:c8:52:96:7a:93:79:ba:ec:38:e5:12:23:72:8b:d0:a1:96:
54:e1:8c:9c:12:68:15:e1:e7:3d:fb:e4:fd:3b:10:f4:d3:e4:
11:59:e0:1c:c8:94:9b:d6:cb:1e:c1:23:52:00:bd:f3:1b:47:
f5:85:cf:6c:ae:f1:76:6c:c5:d5:4a:17:28:31:f0:3f:a1:01:
ae:61:3b:79:5e:f7:6f:18:81:d4:3d:bf:98:35:60:c8:76:91:
39:20:7f:bc:cb:45:98:6c:e0:c0:79:18:30:6d:c8:b2:91:32:
a5:1a:5e:ce
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZBOwuengsKXe5PeuxQ9l71yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwNjI1MDkzODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY5ZjEzMjA3YjZjNzg2YjJhODI5NGIyMTNiNzlmMDE5YzdkZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTkRT0UDTRss/AjMcKNIfje2OzFl
VB00NyEmZczOSnkqZmxSwzVFhATezuDljXfUtxw2rl79OWt1HSOf44Op3jcJf/ew
LJG0+ilqZ5GiensPjYE9g4ykx1WLIPwyV8A/sCziqd7Mo6sSj2ofp+Lo/c5w5/cb
R66S+qESxm24xgTomadPCTbKdSBl1SiWPiAPGhx/O40e6mAKKSjeNBzP+AjOQtfq
GjKaq4iMO1Jta5I1kQh6eqckJJ4QIMFwzwG235Rf0vdDINEcw66mlTrYmgeTqYXQ
ZPWq6cMP/hYjBQaU6U9j/1tTzy1pd2K5UKBxDyP79r3L3oB1DULPlxeduwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFIdp8TIHtseGsqgpSyE7efAZx91nMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvaDJueE1nZTJ4NGF5cUNsTElUdDU4Qm5IM1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKgyaQJwD
BwAqEKUHsAswDQYJKoZIhvcNAQELBQADggEBAG9OmBmV+O3gWh/w9hjGVW4k4NQ2
aaFJxps+9ikIwK8JXX1Eng/yO0T1pJ4s+RNSZuYjUEYlDjurdiFjclrueF9JyC8Y
xgw4JBO441nYHy1CMsJWtcQ6Uy1sl4RJz6hgRR3zCD36KJz4As5E719+ChlkFJSy
ts86Wda0dK3DYaI0ddHy2WdX0OY+XWhtMEjT7M7IUpZ6k3m67DjlEiNyi9ChllTh
jJwSaBXh5z375P07EPTT5BFZ4BzIlJvWyx7BI1IAvfMbR/WFz2yu8XZsxdVKFygx
8D+hAa5hO3le928YgdQ9v5g1YMh2kTkgf7zLRZhs4MB5GDBtyLKRMqUaXs4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:59:22 2024 by rpki-client on console-ams.rpki-client.org