Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/2ogseXknAwjAiXm-tvWs_fRLSrY.roa
File: 2ogseXknAwjAiXm-tvWs_fRLSrY.roa (raw, json)
Hash identifier: BA3hEa1r/OzslOxMARl3oyK3UODm4sP73OoZ/lw3Rlk=
Subject key identifier: DA:88:2C:79:79:27:03:08:C0:89:79:BE:B6:F5:AC:FD:F4:4B:4A:B6
Certificate issuer: /CN=7f760952c733f6f2ee9254edcd14e0daa78b388c
Certificate serial: 0190DF24A4D5DAE1838AD32ADCB8BD7DEDEF
Authority key identifier: 7F:76:09:52:C7:33:F6:F2:EE:92:54:ED:CD:14:E0:DA:A7:8B:38:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3YJUscz9vLuklTtzRTg2qeLOIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/2ogseXknAwjAiXm-tvWs_fRLSrY.roa
Signing time: Tue 23 Jul 2024 10:30:38 +0000
ROA not before: Tue 23 Jul 2024 10:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216084
IP address blocks: 2a05:6c00::/32 maxlen: 32
2a05:6c01::/32 maxlen: 32
2a05:6c02::/32 maxlen: 32
2a05:6c03::/32 maxlen: 32
2a05:6c04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/f3YJUscz9vLuklTtzRTg2qeLOIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:24:a4:d5:da:e1:83:8a:d3:2a:dc:b8:bd:7d:ed:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f760952c733f6f2ee9254edcd14e0daa78b388c
Validity
Not Before: Jul 23 10:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da882c7979270308c08979beb6f5acfdf44b4ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:28:46:d0:92:93:b2:40:1a:a3:23:56:a0:08:
2c:4c:8a:75:97:5c:89:99:53:7e:c3:22:13:c7:9c:
5e:1d:f8:ca:03:c9:9b:cb:34:60:81:69:b2:50:4d:
94:19:f7:3e:5e:9d:47:56:9a:74:03:c2:77:fd:4a:
d6:65:91:51:db:46:8b:6f:0b:94:14:8a:73:58:d9:
a3:49:ac:9f:99:86:72:4c:d8:01:fd:3b:3b:46:3c:
78:63:6e:f7:75:e3:03:a2:36:cf:8f:b1:ed:55:f1:
1f:0f:e4:1b:fb:0d:33:12:c4:b5:18:22:8a:55:7c:
49:33:25:a8:09:59:aa:5d:35:29:4c:9b:4a:0a:d1:
fa:69:18:de:d9:f6:e0:4c:6b:15:02:44:dd:20:f1:
2b:a4:67:80:0d:11:97:fc:79:dc:f6:5e:d0:0e:9c:
df:60:3b:01:a8:d6:8b:50:37:00:7a:29:a2:6b:33:
62:09:35:a6:6d:8c:53:6d:1c:90:40:3d:59:1d:e8:
3b:6e:c1:11:2b:84:63:17:d3:c8:55:97:8e:15:30:
42:4e:9d:a9:3b:b9:bd:a4:1e:8c:04:ae:54:77:40:
be:9d:51:a2:8b:ca:e1:b0:a2:8e:99:7f:f3:f1:de:
b2:4c:71:58:3b:66:02:e5:3b:75:1e:30:1a:41:fa:
2b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:88:2C:79:79:27:03:08:C0:89:79:BE:B6:F5:AC:FD:F4:4B:4A:B6
X509v3 Authority Key Identifier:
keyid:7F:76:09:52:C7:33:F6:F2:EE:92:54:ED:CD:14:E0:DA:A7:8B:38:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3YJUscz9vLuklTtzRTg2qeLOIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/2ogseXknAwjAiXm-tvWs_fRLSrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/b64a59-9fed-41da-b835-9ae8809c8515/1/f3YJUscz9vLuklTtzRTg2qeLOIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:6c00::-2a05:6c04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
d0:6a:b1:a5:ca:1c:26:99:28:b9:4a:16:c0:dc:0e:91:f8:9e:
e0:c8:92:2e:b4:59:2f:5b:a0:01:b6:95:dd:04:20:1c:69:67:
11:4e:e9:62:c8:94:59:1e:ac:d2:27:16:f5:db:07:a7:cd:06:
69:8e:48:3a:47:19:4c:34:c1:01:a0:d9:f1:34:b5:ab:7f:05:
8f:5e:2e:38:93:cb:58:51:eb:02:48:90:43:b4:e8:3f:5d:eb:
a7:fb:3e:96:07:cf:6e:e0:e5:de:ed:b9:fb:93:25:2a:0c:66:
6f:65:f9:c9:77:75:41:db:eb:3b:0a:4f:9a:4f:a6:19:6d:00:
7a:66:7b:47:c7:5c:c8:c0:97:57:e6:74:b9:3c:02:4c:37:00:
99:aa:fc:80:35:16:65:e0:d4:02:06:d5:05:0e:c8:69:c5:3f:
d4:b6:c5:f5:b6:67:77:43:bd:20:5a:2f:5d:2c:4b:f3:8c:4b:
c3:13:0a:60:35:2c:0d:5f:7f:53:fb:8c:55:29:65:1a:a2:3f:
b7:19:d8:17:b8:8a:10:4e:f3:f0:a9:79:1a:82:2c:ef:c6:f3:
53:97:7e:46:51:76:4e:a9:53:b6:a7:33:3f:3a:2b:88:fb:cb:
de:e3:20:5f:3c:ee:b8:c5:68:10:69:66:23:3a:3d:98:c7:a2:
eb:da:65:84
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZDfJKTV2uGDitMq3Li9fe3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzYwOTUyYzczM2Y2ZjJlZTkyNTRlZGNkMTRlMGRhYTc4
YjM4OGMwHhcNMjQwNzIzMTAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg4MmM3OTc5MjcwMzA4YzA4OTc5YmViNmY1YWNmZGY0NGI0YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtChG0JKTskAaoyNWoAgsTIp1l1yJ
mVN+wyITx5xeHfjKA8mbyzRggWmyUE2UGfc+Xp1HVpp0A8J3/UrWZZFR20aLbwuU
FIpzWNmjSayfmYZyTNgB/Ts7Rjx4Y273deMDojbPj7HtVfEfD+Qb+w0zEsS1GCKK
VXxJMyWoCVmqXTUpTJtKCtH6aRje2fbgTGsVAkTdIPErpGeADRGX/Hnc9l7QDpzf
YDsBqNaLUDcAeimiazNiCTWmbYxTbRyQQD1ZHeg7bsERK4RjF9PIVZeOFTBCTp2p
O7m9pB6MBK5Ud0C+nVGii8rhsKKOmX/z8d6yTHFYO2YC5Tt1HjAaQforLQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFNqILHl5JwMIwIl5vrb1rP30S0q2MB8GA1UdIwQY
MBaAFH92CVLHM/by7pJU7c0U4NqniziMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNZSlVzY3o5dkx1a2xUdHpSVGcycWVMT0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9iNjRhNTktOWZlZC00MWRhLWI4MzUt
OWFlODgwOWM4NTE1LzEvMm9nc2VYa25Bd2pBaVhtLXR2V3NfZlJMU3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9iNjRhNTktOWZlZC00MWRhLWI4MzUtOWFlODgwOWM4NTE1
LzEvZjNZSlVzY3o5dkx1a2xUdHpSVGcycWVMT0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPMA0DBAIqBWwD
BQAqBWwEMA0GCSqGSIb3DQEBCwUAA4IBAQDQarGlyhwmmSi5ShbA3A6R+J7gyJIu
tFkvW6ABtpXdBCAcaWcRTuliyJRZHqzSJxb12wenzQZpjkg6RxlMNMEBoNnxNLWr
fwWPXi44k8tYUesCSJBDtOg/Xeun+z6WB89u4OXe7bn7kyUqDGZvZfnJd3VB2+s7
Ck+aT6YZbQB6ZntHx1zIwJdX5nS5PAJMNwCZqvyANRZl4NQCBtUFDshpxT/UtsX1
tmd3Q70gWi9dLEvzjEvDEwpgNSwNX39T+4xVKWUaoj+3GdgXuIoQTvPwqXkagizv
xvNTl35GUXZOqVO2pzM/OiuI+8ve4yBfPO64xWgQaWYjOj2Yx6Lr2mWE
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:31 2024 by rpki-client on console-fra.rpki-client.org