Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ENFGXgerYQkd6nw8z0JMV0Kvsg8.roa
File: ENFGXgerYQkd6nw8z0JMV0Kvsg8.roa (raw, json)
Hash identifier: mpIJeKPQfblYUI+SXL16yJn1EgnxjK+84puJkjo7iqE=
Subject key identifier: 10:D1:46:5E:07:AB:61:09:1D:EA:7C:3C:CF:42:4C:57:42:AF:B2:0F
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0191600541147359C0DD99DFD3DCB653D5BC
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ENFGXgerYQkd6nw8z0JMV0Kvsg8.roa
Signing time: Sat 17 Aug 2024 11:07:22 +0000
ROA not before: Sat 17 Aug 2024 11:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 2a11:1140::/29 maxlen: 29
2a12:d3c0::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:60:05:41:14:73:59:c0:dd:99:df:d3:dc:b6:53:d5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 17 11:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10d1465e07ab61091dea7c3ccf424c5742afb20f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:bb:58:75:4c:2b:c8:18:58:8c:56:aa:11:dd:
08:20:76:9d:57:e7:3b:a3:cc:a4:f0:91:c6:9b:ad:
76:5c:d4:ec:6c:e0:f4:e8:ef:d8:16:a2:0d:1d:06:
57:b7:9f:62:db:5a:55:93:d4:f9:45:92:a1:01:5f:
4a:8a:a7:a3:20:40:87:13:53:80:af:c1:b7:06:b6:
97:9d:95:58:21:2d:4a:04:b3:ec:86:0e:98:bc:75:
4b:80:9c:60:3f:b9:18:35:b2:40:14:16:26:41:c0:
6d:9f:8a:7d:98:cd:5a:ab:dd:be:30:31:f0:f6:1f:
fa:c1:d2:25:9a:ee:dd:c0:d5:ff:49:22:ce:3b:01:
07:39:44:79:80:b7:6e:7f:87:4b:1d:90:1e:3c:59:
2b:df:92:e7:1f:d4:7b:21:46:ac:ec:be:68:9c:ad:
4e:b8:e0:11:a2:c1:4c:e2:78:3c:ea:d7:90:1f:64:
e6:f6:dd:76:76:1f:eb:09:98:e5:c1:4b:ae:9d:fb:
63:d3:a0:42:8f:11:c2:6d:b0:e3:ca:ac:68:f7:56:
c5:0f:58:0a:58:a0:46:2b:ed:e0:3d:05:73:4d:cc:
88:62:fd:35:9d:06:62:80:6a:fb:f1:e5:e1:c1:b7:
16:28:c7:a7:f1:d8:f0:92:cd:8f:5e:65:17:42:a9:
56:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D1:46:5E:07:AB:61:09:1D:EA:7C:3C:CF:42:4C:57:42:AF:B2:0F
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/ENFGXgerYQkd6nw8z0JMV0Kvsg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1140::/29
2a12:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:51:99:ab:90:27:82:ed:5d:f6:6b:01:42:39:74:5a:f5:9b:
a6:de:35:bd:f2:b9:40:45:f8:f1:3b:77:cb:56:27:07:e9:69:
f3:d9:ee:79:f0:43:45:ac:27:f4:e3:0b:52:c9:be:03:58:2f:
cb:c8:62:32:b0:44:93:0f:ca:10:85:3b:5c:d8:24:d4:ab:5f:
cb:c3:e3:59:b2:cc:97:37:cf:2c:ad:c2:9d:95:57:13:0b:e1:
78:5e:c6:a2:85:02:35:ca:9d:bd:20:34:f7:80:2a:c1:c3:50:
ed:2a:bf:d0:d4:a6:9c:ee:c5:ba:e4:48:6b:44:b8:9f:6c:9b:
40:e8:4b:8c:36:ad:06:b0:ad:21:9f:0a:97:fc:e0:7f:3e:f0:
2e:d9:cc:e1:a4:51:69:d7:90:87:9a:2b:19:ac:fb:ab:b0:f4:
98:be:ab:55:09:33:a8:73:d5:21:5a:6c:1f:08:8a:53:1f:f8:
a3:a5:87:5b:6b:ca:91:0d:af:03:a4:50:46:57:8c:d5:e0:6d:
32:be:3e:fb:31:9d:72:de:e4:b1:ba:4a:5d:00:bd:ba:99:03:
cc:63:8a:55:60:8f:0a:a1:51:73:a4:fa:c4:0f:4e:34:97:5e:
ae:53:1c:9a:69:64:17:de:e5:f2:67:79:2f:e7:7b:17:96:52:
f2:53:cb:f6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFgBUEUc1nA3Znf09y2U9W8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODE3MTEwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGQxNDY1ZTA3YWI2MTA5MWRlYTdjM2NjZjQyNGM1NzQyYWZiMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7tYdUwryBhYjFaqEd0IIHadV+c7
o8yk8JHGm612XNTsbOD06O/YFqINHQZXt59i21pVk9T5RZKhAV9KiqejIECHE1OA
r8G3BraXnZVYIS1KBLPshg6YvHVLgJxgP7kYNbJAFBYmQcBtn4p9mM1aq92+MDHw
9h/6wdIlmu7dwNX/SSLOOwEHOUR5gLduf4dLHZAePFkr35LnH9R7IUas7L5onK1O
uOARosFM4ng86teQH2Tm9t12dh/rCZjlwUuunftj06BCjxHCbbDjyqxo91bFD1gK
WKBGK+3gPQVzTcyIYv01nQZigGr78eXhwbcWKMen8djwks2PXmUXQqlWRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBDRRl4Hq2EJHep8PM9CTFdCr7IPMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvRU5GR1hnZXJZUWtkNm53OHowSk1WMEt2c2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhERQAMF
AyoS08AwDQYJKoZIhvcNAQELBQADggEBAGtRmauQJ4LtXfZrAUI5dFr1m6beNb3y
uUBF+PE7d8tWJwfpafPZ7nnwQ0WsJ/TjC1LJvgNYL8vIYjKwRJMPyhCFO1zYJNSr
X8vD41myzJc3zyytwp2VVxML4XhexqKFAjXKnb0gNPeAKsHDUO0qv9DUppzuxbrk
SGtEuJ9sm0DoS4w2rQawrSGfCpf84H8+8C7ZzOGkUWnXkIeaKxms+6uw9Ji+q1UJ
M6hz1SFabB8IilMf+KOlh1trypENrwOkUEZXjNXgbTK+PvsxnXLe5LG6Sl0AvbqZ
A8xjilVgjwqhUXOk+sQPTjSXXq5THJppZBfe5fJneS/nexeWUvJTy/Y=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:12:18 2024 by rpki-client on console-fra.rpki-client.org