Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/2NEC5jbSg1QEeD-QBCeVWMLil0E.roa
File: 2NEC5jbSg1QEeD-QBCeVWMLil0E.roa (raw, json)
Hash identifier: o/e+CDmMhbJ3jx0ztk1AwfJLhUHbU9D+9nBA39Q1LIY=
Subject key identifier: D8:D1:02:E6:36:D2:83:54:04:78:3F:90:04:27:95:58:C2:E2:97:41
Certificate issuer: /CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Certificate serial: 0190A66F0E2184267F1B51840FDE841D6717
Authority key identifier: 42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/2NEC5jbSg1QEeD-QBCeVWMLil0E.roa
Signing time: Fri 12 Jul 2024 10:13:34 +0000
ROA not before: Fri 12 Jul 2024 10:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214790
IP address blocks: 2a10:c943::/32 maxlen: 32
2a10:c943:100::/48 maxlen: 48
2a10:c943:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:6f:0e:21:84:26:7f:1b:51:84:0f:de:84:1d:67:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Validity
Not Before: Jul 12 10:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8d102e636d2835404783f9004279558c2e29741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:18:db:92:a6:64:b8:d1:25:7e:a9:b0:5e:c0:
8a:1b:d7:46:b0:91:6a:8f:d2:d3:0f:ac:6f:96:0d:
7d:18:84:37:51:9b:75:38:6c:5e:41:e5:a3:39:6b:
97:a3:a7:5f:04:55:86:05:d2:45:7c:8e:6c:f4:3a:
07:2d:fd:5e:b4:af:0b:35:c5:72:c6:9b:f7:2d:5e:
1d:42:d0:33:56:71:5b:3c:e2:52:0b:0e:8d:99:4e:
6a:6e:a8:cc:05:9c:80:af:6b:2c:d5:91:9c:0a:87:
8b:3e:18:d4:58:ab:29:3a:83:37:d9:cb:f5:59:b5:
49:6f:dc:4c:75:3b:bb:6a:fb:65:b3:c3:5f:bc:d3:
cc:09:7c:a5:50:19:b8:c3:5b:c5:25:45:4a:6a:90:
ba:e2:95:42:4e:bb:d9:89:6f:8b:4b:25:d2:d7:6f:
e8:9b:aa:62:5b:b4:1f:47:58:4f:d5:ec:8c:65:a9:
04:88:80:e4:73:b2:d5:4e:eb:79:65:36:6a:1c:86:
ec:ca:0a:f3:79:e3:cb:cc:35:76:09:26:0d:bf:66:
6a:1e:69:9f:d3:2b:cc:51:2b:ce:a4:ca:e2:e5:98:
be:38:21:e5:fd:74:77:aa:df:44:93:95:64:19:fb:
22:fa:a8:46:f1:8b:1f:40:69:d0:e8:6a:d9:ec:91:
b1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D1:02:E6:36:D2:83:54:04:78:3F:90:04:27:95:58:C2:E2:97:41
X509v3 Authority Key Identifier:
keyid:42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/2NEC5jbSg1QEeD-QBCeVWMLil0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:c943::/32
Signature Algorithm: sha256WithRSAEncryption
16:18:68:dd:d9:b5:3c:97:88:35:78:27:2f:fa:a7:04:ea:3e:
43:cd:18:65:2d:b2:0d:63:e1:bb:9c:10:15:c3:3a:39:e0:ce:
12:e5:c3:23:7a:3b:3c:9c:85:0c:6e:30:af:8b:a4:84:7c:c0:
5d:91:91:d2:df:f5:10:b0:47:82:3a:ac:ad:48:7a:f9:7d:18:
d6:a7:d6:6e:ba:52:49:f1:a3:c4:ed:4d:70:fa:f8:5d:ba:65:
33:1e:51:96:47:1d:12:07:c1:7b:f1:4d:12:37:2b:28:28:59:
52:76:3b:77:84:a0:d3:2a:3d:cd:56:8b:86:05:bd:3e:85:9e:
82:28:a5:77:11:fa:29:5f:74:30:25:52:06:32:89:a0:7e:94:
73:ce:dd:7c:82:d3:c0:ff:21:cc:eb:b2:7a:74:96:3f:61:15:
60:96:35:1c:ec:9e:2e:19:7f:94:dc:dd:45:e3:80:89:f1:a4:
e0:0a:84:c3:bd:0c:94:39:23:f7:88:82:36:df:d9:39:e2:e8:
cb:ac:db:70:cd:fd:d3:8f:d9:47:67:b2:86:13:e5:16:06:c2:
6e:96:99:74:1e:2c:28:36:d3:1c:56:65:84:93:e5:d8:f9:7f:
fe:47:89:9e:80:aa:92:8d:c0:2e:b7:00:02:38:37:f5:8c:6b:
28:6b:fb:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZCmbw4hhCZ/G1GED96EHWcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWNiYTU4OTkyMGJlZWJiMTliYzU3MmFlNmQ1MDFiOGNm
NmJiZjAwHhcNMjQwNzEyMTAxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQxMDJlNjM2ZDI4MzU0MDQ3ODNmOTAwNDI3OTU1OGMyZTI5NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hjbkqZkuNElfqmwXsCKG9dGsJFq
j9LTD6xvlg19GIQ3UZt1OGxeQeWjOWuXo6dfBFWGBdJFfI5s9DoHLf1etK8LNcVy
xpv3LV4dQtAzVnFbPOJSCw6NmU5qbqjMBZyAr2ss1ZGcCoeLPhjUWKspOoM32cv1
WbVJb9xMdTu7avtls8NfvNPMCXylUBm4w1vFJUVKapC64pVCTrvZiW+LSyXS12/o
m6piW7QfR1hP1eyMZakEiIDkc7LVTut5ZTZqHIbsygrzeePLzDV2CSYNv2ZqHmmf
0yvMUSvOpMri5Zi+OCHl/XR3qt9Ek5VkGfsi+qhG8YsfQGnQ6GrZ7JGxzwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNjRAuY20oNUBHg/kAQnlVjC4pdBMB8GA1UdIwQY
MBaAFEIculiZIL7rsZvFcq5tUBuM9rvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQt
ZWMwMGUxYTI3Y2M4LzEvMk5FQzVqYlNnMVFFZUQtUUJDZVZXTUxpbDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQtZWMwMGUxYTI3Y2M4
LzEvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhDJQzAN
BgkqhkiG9w0BAQsFAAOCAQEAFhho3dm1PJeINXgnL/qnBOo+Q80YZS2yDWPhu5wQ
FcM6OeDOEuXDI3o7PJyFDG4wr4ukhHzAXZGR0t/1ELBHgjqsrUh6+X0Y1qfWbrpS
SfGjxO1NcPr4XbplMx5RlkcdEgfBe/FNEjcrKChZUnY7d4Sg0yo9zVaLhgW9PoWe
giildxH6KV90MCVSBjKJoH6Uc87dfILTwP8hzOuyenSWP2EVYJY1HOyeLhl/lNzd
ReOAifGk4AqEw70MlDkj94iCNt/ZOeLoy6zbcM3904/ZR2eyhhPlFgbCbpaZdB4s
KDbTHFZlhJPl2Pl//keJnoCqko3ALrcAAjg39YxrKGv7ag==
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:00 2024 by rpki-client on console-fra.rpki-client.org