Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/cnwvNBqIXBzEPYTjifJARBhAA1A.roa
File: cnwvNBqIXBzEPYTjifJARBhAA1A.roa (raw, json)
Hash identifier: 0JcOEb/y04enmGbtLTRfBKmjgZx2s1JVBenkbDOtk+o=
Subject key identifier: 72:7C:2F:34:1A:88:5C:1C:C4:3D:84:E3:89:F2:40:44:18:40:03:50
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018D59FD292B41D87C41B31BC23498F92398
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/cnwvNBqIXBzEPYTjifJARBhAA1A.roa
Signing time: Tue 30 Jan 2024 10:49:39 +0000
ROA not before: Tue 30 Jan 2024 10:49:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216024
IP address blocks: 2a10:9681::/32 maxlen: 32
2a10:9682::/32 maxlen: 32
2a10:9683::/32 maxlen: 32
2a10:9687::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:fd:29:2b:41:d8:7c:41:b3:1b:c2:34:98:f9:23:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Jan 30 10:49:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=727c2f341a885c1cc43d84e389f2404418400350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:18:bf:4c:ea:c2:50:ff:d9:de:a5:27:c3:
ed:f5:f1:ff:3d:51:36:4a:4a:dd:ba:77:66:b6:f3:
ad:03:1a:30:58:d3:e3:24:fc:9e:8c:1a:4a:30:b1:
28:dd:37:6b:37:e8:a8:17:09:17:f7:9c:20:4a:b1:
4c:11:b1:f8:2a:2e:ab:47:38:57:57:c9:c5:bf:cb:
66:1f:30:b1:4e:12:18:4e:da:1a:aa:ca:bb:96:92:
40:25:df:fb:1a:9c:73:6d:34:06:95:3b:50:6b:0a:
18:28:f1:37:21:e8:a8:36:b0:0e:6a:36:f5:03:1f:
89:fd:eb:e1:4a:60:51:16:e0:bf:43:d9:fd:bf:32:
9a:48:a6:59:a6:e2:42:f0:48:4a:cb:20:d7:84:16:
b7:83:3a:9e:bb:82:ef:2b:ff:a2:ae:26:81:cb:ae:
a7:af:86:16:31:32:ee:49:53:9d:c4:8d:6e:8a:a3:
f7:f9:ae:3d:57:48:07:02:50:89:cc:62:16:8d:9d:
ae:02:ec:f5:b0:a7:9d:b2:e8:e3:b8:3f:8f:d5:86:
36:8c:8f:63:ae:cc:89:d5:b0:4b:d6:e9:5f:5d:f9:
ce:69:4b:a4:6b:e3:18:22:0f:be:77:9b:2c:da:10:
1d:5a:70:0a:02:ad:bc:1c:60:3a:06:59:08:be:59:
99:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7C:2F:34:1A:88:5C:1C:C4:3D:84:E3:89:F2:40:44:18:40:03:50
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/cnwvNBqIXBzEPYTjifJARBhAA1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9681::-2a10:9683:ffff:ffff:ffff:ffff:ffff:ffff
2a10:9687::/32
Signature Algorithm: sha256WithRSAEncryption
8f:bd:f7:be:94:3b:40:6e:7e:41:23:de:cf:a5:ff:0d:54:32:
6c:f4:11:1d:d3:8a:f4:89:5b:db:57:e8:dd:16:e9:59:07:c1:
68:4d:c3:08:e2:8c:9d:e2:5a:3a:ec:11:e5:97:92:8d:4f:95:
f1:78:63:69:d7:88:62:e8:bb:9b:a8:01:45:19:d8:d6:39:24:
8a:a5:cd:83:c7:61:2d:02:19:9a:a0:1b:93:58:90:de:4b:43:
ed:5c:2b:25:59:1f:07:78:7d:a3:7c:2a:95:2a:5b:63:2b:3f:
31:9b:7f:ad:c4:95:5b:5c:5d:4a:7a:b9:46:66:1a:ad:d4:d4:
f3:38:5e:22:94:d7:de:b7:22:34:e9:8f:79:54:e9:23:97:a6:
85:30:44:1c:75:90:5a:be:14:ba:20:3e:f3:d6:88:c5:7d:84:
db:bf:22:d7:9b:e7:b9:25:f6:d7:1a:82:0d:7b:1c:b2:0d:88:
d7:4c:ed:8d:f9:b6:e1:6c:03:2a:77:f8:0d:67:e6:05:e5:45:
96:24:56:01:e5:98:3d:a1:c2:0c:51:ba:30:91:83:a8:b0:ba:
e4:c7:73:21:5f:6c:0d:c5:50:f7:45:00:4f:b4:23:90:5b:1e:
c3:0d:3a:1e:e6:55:a0:90:c3:1e:e6:c1:db:e8:44:a7:ba:49:
22:11:02:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1Z/SkrQdh8QbMbwjSY+SOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjQwMTMwMTA0OTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdjMmYzNDFhODg1YzFjYzQzZDg0ZTM4OWYyNDA0NDE4NDAwMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL8Yv0zqwlD/2d6lJ8Pt9fH/PVE2
SkrdundmtvOtAxowWNPjJPyejBpKMLEo3TdrN+ioFwkX95wgSrFMEbH4Ki6rRzhX
V8nFv8tmHzCxThIYTtoaqsq7lpJAJd/7GpxzbTQGlTtQawoYKPE3IeioNrAOajb1
Ax+J/evhSmBRFuC/Q9n9vzKaSKZZpuJC8EhKyyDXhBa3gzqeu4LvK/+iriaBy66n
r4YWMTLuSVOdxI1uiqP3+a49V0gHAlCJzGIWjZ2uAuz1sKedsujjuD+P1YY2jI9j
rsyJ1bBL1ulfXfnOaUuka+MYIg++d5ss2hAdWnAKAq28HGA6BlkIvlmZ3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHJ8LzQaiFwcxD2E44nyQEQYQANQMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvY253dk5CcUlYQnpFUFlUamlmSkFSQmhBQTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQAqEJaB
AwUCKhCWgAMFACoQlocwDQYJKoZIhvcNAQELBQADggEBAI+9976UO0BufkEj3s+l
/w1UMmz0ER3TivSJW9tX6N0W6VkHwWhNwwjijJ3iWjrsEeWXko1PlfF4Y2nXiGLo
u5uoAUUZ2NY5JIqlzYPHYS0CGZqgG5NYkN5LQ+1cKyVZHwd4faN8KpUqW2MrPzGb
f63ElVtcXUp6uUZmGq3U1PM4XiKU1963IjTpj3lU6SOXpoUwRBx1kFq+FLogPvPW
iMV9hNu/Iteb57kl9tcagg17HLINiNdM7Y35tuFsAyp3+A1n5gXlRZYkVgHlmD2h
wgxRujCRg6iwuuTHcyFfbA3FUPdFAE+0I5BbHsMNOh7mVaCQwx7mwdvoRKe6SSIR
AsY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:02:34 2024 by rpki-client on console-fra.rpki-client.org