Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/l7reqsvWSgp7CTG_3yFRejHESK8.roa
File: l7reqsvWSgp7CTG_3yFRejHESK8.roa (raw, json)
Hash identifier: ybX+YaOqmNv6mYQRM03oR2FykfM2VaOrBjGx9VlDdX8=
Subject key identifier: 97:BA:DE:AA:CB:D6:4A:0A:7B:09:31:BF:DF:21:51:7A:31:C4:48:AF
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 018EA72F174A0B61756B05CA2C10290BDDC6
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/l7reqsvWSgp7CTG_3yFRejHESK8.roa
Signing time: Thu 04 Apr 2024 03:37:44 +0000
ROA not before: Thu 04 Apr 2024 03:37:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202525
IP address blocks: 2001:67c:c00::/48 maxlen: 48
2a13:d040::/48 maxlen: 48
2a13:d040:2::/48 maxlen: 48
2a13:d040:3::/48 maxlen: 48
2a13:d046:fffc::/48 maxlen: 48
2a13:d046:fffd::/48 maxlen: 48
2a13:d046:fffe::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
2a13:d047::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:2f:17:4a:0b:61:75:6b:05:ca:2c:10:29:0b:dd:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Apr 4 03:37:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97badeaacbd64a0a7b0931bfdf21517a31c448af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5e:a4:a8:15:3b:2f:12:3e:80:25:02:96:3e:
2e:65:ae:7e:8d:78:27:01:25:fd:ad:db:cb:98:b6:
15:5e:18:bf:51:d9:37:23:6b:ef:e5:1a:43:d0:aa:
eb:db:ac:ef:6f:4e:b6:9d:29:77:45:97:d1:88:6c:
88:da:fa:7d:d1:23:43:44:6f:40:84:5c:33:8c:cf:
5c:fe:6f:84:9e:eb:72:03:1b:6c:77:23:76:7d:69:
61:5e:82:12:0f:c1:86:37:27:5d:8c:cd:1d:1c:5d:
bc:4d:f5:1e:08:48:c0:18:78:35:d2:f8:dd:86:05:
bf:b7:25:1b:19:d1:b6:5f:12:73:a1:ee:d5:7e:25:
81:c8:05:26:2b:41:ac:16:66:df:8e:42:93:5d:5a:
df:5d:89:c5:40:9c:0b:8e:dc:ae:a5:0c:71:3d:e7:
80:6e:ec:2e:cf:65:6a:a2:cd:35:c3:4d:2d:aa:ec:
75:df:8a:17:a8:27:18:27:eb:8f:62:e2:87:eb:c7:
97:98:84:b6:7a:64:c5:c1:2b:da:63:e4:2f:74:c5:
56:40:d9:e8:10:26:d2:01:3b:17:16:b4:0b:d7:fc:
e7:f2:39:e6:83:27:75:8a:f7:d0:40:e4:d2:c0:78:
75:4a:fc:50:39:28:23:fb:7c:59:be:50:75:0b:94:
22:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BA:DE:AA:CB:D6:4A:0A:7B:09:31:BF:DF:21:51:7A:31:C4:48:AF
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/l7reqsvWSgp7CTG_3yFRejHESK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c00::/48
2a13:d040::/48
2a13:d040:2::/47
2a13:d046:fffc::-2a13:d047:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
41:58:d0:e0:0c:36:5d:b0:7d:8e:4a:39:96:39:31:f6:ad:b0:
d8:2d:f6:0e:de:9a:92:55:9a:36:08:50:11:3e:7b:6e:21:54:
fa:06:ef:3b:a5:5e:08:e6:c9:52:6e:53:b3:19:81:02:0f:9a:
0b:f9:1e:6e:e1:e8:d9:71:74:4c:cc:0b:88:a4:f4:34:a8:75:
7b:9c:1f:ab:5c:a9:eb:e1:d8:63:5a:84:a2:af:52:2f:32:31:
d8:9c:f1:c8:c1:2a:81:ed:7f:9c:ad:81:88:f2:94:5b:05:58:
3b:0b:a6:15:d9:67:2a:c3:dc:5b:8c:2f:57:d8:1b:54:40:21:
a2:00:0e:87:06:9d:2b:4d:36:1c:3b:be:6c:1e:67:08:fb:d0:
5b:86:a8:49:5f:ca:4b:be:9e:e3:2b:2a:55:34:ce:a2:3e:0b:
9f:31:bf:be:6f:53:84:b0:05:bb:a0:a0:29:21:03:db:f5:61:
f8:1b:e4:47:91:4a:a8:cd:47:9a:36:6b:78:81:cb:07:68:22:
ec:36:3f:97:09:ef:4e:a7:2b:ba:ef:6a:63:d6:61:17:cd:7f:
57:d7:b1:fb:b0:c0:14:e4:a1:9f:83:44:97:9d:62:8f:6d:51:
ee:3d:8d:35:48:e9:cc:a5:3b:89:5c:91:83:5a:61:e9:b6:60:
66:fc:a2:3f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY6nLxdKC2F1awXKLBApC93GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjQwNDA0MDMzNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JhZGVhYWNiZDY0YTBhN2IwOTMxYmZkZjIxNTE3YTMxYzQ0OGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6kqBU7LxI+gCUClj4uZa5+jXgn
ASX9rdvLmLYVXhi/Udk3I2vv5RpD0Krr26zvb062nSl3RZfRiGyI2vp90SNDRG9A
hFwzjM9c/m+EnutyAxtsdyN2fWlhXoISD8GGNyddjM0dHF28TfUeCEjAGHg10vjd
hgW/tyUbGdG2XxJzoe7VfiWByAUmK0GsFmbfjkKTXVrfXYnFQJwLjtyupQxxPeeA
buwuz2Vqos01w00tqux134oXqCcYJ+uPYuKH68eXmIS2emTFwSvaY+QvdMVWQNno
ECbSATsXFrQL1/zn8jnmgyd1ivfQQOTSwHh1SvxQOSgj+3xZvlB1C5QisQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJe63qrL1koKewkxv98hUXoxxEivMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvbDdyZXFzdldTZ3A3Q1RHXzN5RlJlakhFU0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAIAEGfAwA
AwcAKhPQQAAAAwcBKhPQQAACMBIDBwIqE9BG//wDBwAqE9BHAAAwDQYJKoZIhvcN
AQELBQADggEBAEFY0OAMNl2wfY5KOZY5MfatsNgt9g7empJVmjYIUBE+e24hVPoG
7zulXgjmyVJuU7MZgQIPmgv5Hm7h6NlxdEzMC4ik9DSodXucH6tcqevh2GNahKKv
Ui8yMdic8cjBKoHtf5ytgYjylFsFWDsLphXZZyrD3FuML1fYG1RAIaIADocGnStN
Nhw7vmweZwj70FuGqElfyku+nuMrKlU0zqI+C58xv75vU4SwBbugoCkhA9v1Yfgb
5EeRSqjNR5o2a3iBywdoIuw2P5cJ706nK7rvamPWYRfNf1fXsfuwwBTkoZ+DRJed
Yo9tUe49jTVI6cylO4lckYNaYem2YGb8oj8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:40 2024 by rpki-client on console-fra.rpki-client.org