Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/LXWugaukwVZM6HLhRjT8Wab9gtE.roa
File: LXWugaukwVZM6HLhRjT8Wab9gtE.roa (raw, json)
Hash identifier: JLtE7KMtY8TBDvjNw3NOTdYqE7+RFbM/q5L+GR2+1iM=
Subject key identifier: 2D:75:AE:81:AB:A4:C1:56:4C:E8:72:E1:46:34:FC:59:A6:FD:82:D1
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0192190C49E9DDC1CC385512E21143E2FC6A
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/LXWugaukwVZM6HLhRjT8Wab9gtE.roa
Signing time: Sun 22 Sep 2024 09:24:48 +0000
ROA not before: Sun 22 Sep 2024 09:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:e000::/29 maxlen: 36
2a12:6b80::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:19:0c:49:e9:dd:c1:cc:38:55:12:e2:11:43:e2:fc:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Sep 22 09:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d75ae81aba4c1564ce872e14634fc59a6fd82d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:85:aa:0d:8d:f8:6d:5a:66:00:a0:11:b3:d0:
91:28:97:7e:d8:5c:a6:66:ee:94:e6:5f:c7:72:45:
8e:af:f2:d1:88:4f:94:97:7f:4b:10:2d:50:c6:7b:
c9:41:c8:1d:34:5d:9f:8a:34:80:80:67:9e:8d:28:
c4:bf:82:1c:5f:86:a2:39:36:68:67:f8:dc:dd:77:
17:aa:59:2b:42:76:86:d7:c0:9b:a0:04:54:c1:3e:
85:06:26:dd:8b:1b:b9:35:42:5a:9a:46:2d:2b:4d:
f4:b2:66:65:26:fe:8a:fd:a2:2a:bf:e7:72:4e:f7:
b7:2d:a7:68:88:e0:19:47:65:7e:81:21:56:b4:65:
44:09:d8:b7:5c:14:b6:38:9b:04:b8:53:ed:29:74:
8b:3b:9a:6a:60:a3:1e:c8:a3:3d:f6:50:2d:c8:d0:
d1:95:75:3a:3a:e7:6d:4b:01:3a:18:4b:10:6f:7a:
86:4f:c0:ef:66:ec:28:f5:91:28:2f:92:9a:5a:f6:
a9:2f:76:4e:3f:15:fa:28:4c:17:fd:f7:de:4a:72:
ec:cb:e4:e8:69:32:44:26:cb:a0:86:b5:6a:fb:38:
f1:b1:73:71:e8:21:c6:b4:20:e1:75:b5:81:61:0d:
90:93:a1:fc:3e:93:d6:b0:6f:8c:0f:c8:3d:cb:0e:
d5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:75:AE:81:AB:A4:C1:56:4C:E8:72:E1:46:34:FC:59:A6:FD:82:D1
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/LXWugaukwVZM6HLhRjT8Wab9gtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e000::/29
2a12:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
55:6d:17:bd:02:00:6f:b6:a4:ae:2f:ad:4e:40:59:34:53:7f:
09:40:e4:ef:8d:a7:7e:33:36:71:b0:cd:7b:fb:be:48:de:91:
3b:eb:3b:1e:0d:10:28:00:45:8a:04:6f:25:4f:4c:42:3e:e9:
c2:a6:b3:e2:30:c2:4a:d2:75:33:0a:de:7c:6b:ef:ea:3e:c3:
3a:50:38:ce:84:dc:ac:e6:c5:37:53:4f:2a:52:76:4b:80:74:
07:8e:29:81:c9:73:0d:97:0d:cf:1b:3f:55:fd:25:ed:49:7c:
ac:5d:96:4b:9b:ab:59:5d:ab:45:21:67:bd:b7:e4:a1:e1:6c:
52:ce:e0:72:50:82:ec:a2:25:a6:22:68:28:47:9f:b2:3c:bc:
d5:25:83:21:b4:9c:5a:7b:b9:a8:93:f2:86:e0:5a:2d:5b:f3:
7c:80:ab:d3:32:8f:00:b0:9f:a2:26:dc:fe:54:02:8f:28:d2:
97:ba:62:ec:08:94:ac:43:5b:fb:38:3b:70:75:96:be:cc:6e:
0c:3a:b4:58:8f:b5:1a:b9:4f:6b:f6:26:8b:73:1e:56:39:51:
a2:8b:7c:53:9f:b0:36:ab:90:a1:a9:6e:2e:65:da:a7:de:08:
eb:42:ee:ea:fc:a2:97:b6:99:04:8a:58:b2:03:b0:14:f4:af:
f3:0b:2d:ff
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZIZDEnp3cHMOFUS4hFD4vxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwOTIyMDkyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDc1YWU4MWFiYTRjMTU2NGNlODcyZTE0NjM0ZmM1OWE2ZmQ4MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIWqDY34bVpmAKARs9CRKJd+2Fym
Zu6U5l/HckWOr/LRiE+Ul39LEC1QxnvJQcgdNF2fijSAgGeejSjEv4IcX4aiOTZo
Z/jc3XcXqlkrQnaG18CboARUwT6FBibdixu5NUJamkYtK030smZlJv6K/aIqv+dy
Tve3LadoiOAZR2V+gSFWtGVECdi3XBS2OJsEuFPtKXSLO5pqYKMeyKM99lAtyNDR
lXU6OudtSwE6GEsQb3qGT8DvZuwo9ZEoL5KaWvapL3ZOPxX6KEwX/ffeSnLsy+To
aTJEJsughrVq+zjxsXNx6CHGtCDhdbWBYQ2Qk6H8PpPWsG+MD8g9yw7VFwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC11roGrpMFWTOhy4UY0/Fmm/YLRMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvTFhXdWdhdWt3VlpNNkhMaFJqVDhXYWI5Z3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg/gAAMF
AyoSa4AwDQYJKoZIhvcNAQELBQADggEBAFVtF70CAG+2pK4vrU5AWTRTfwlA5O+N
p34zNnGwzXv7vkjekTvrOx4NECgARYoEbyVPTEI+6cKms+IwwkrSdTMK3nxr7+o+
wzpQOM6E3KzmxTdTTypSdkuAdAeOKYHJcw2XDc8bP1X9Je1JfKxdlkubq1ldq0Uh
Z7235KHhbFLO4HJQguyiJaYiaChHn7I8vNUlgyG0nFp7uaiT8obgWi1b83yAq9My
jwCwn6Im3P5UAo8o0pe6YuwIlKxDW/s4O3B1lr7Mbgw6tFiPtRq5T2v2JotzHlY5
UaKLfFOfsDarkKGpbi5l2qfeCOtC7ur8ope2mQSKWLIDsBT0r/MLLf8=
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:36:39 2024 by rpki-client on console-fra.rpki-client.org