Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa
File: wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa (raw, json)
Hash identifier: WOyw1FWUrKA1T+G1augs26p+GbAEV9TkxQKuTywNCtY=
Subject key identifier: C1:09:C8:D9:96:D0:5B:FF:6A:C0:96:2F:1A:D9:0D:C0:C0:B5:04:E2
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019184005F91947427E3C651D5A6FFCD5F68
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa
Signing time: Sat 24 Aug 2024 10:48:22 +0000
ROA not before: Sat 24 Aug 2024 10:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 2a11:f140::/29 maxlen: 29
2a12:440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 13:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:84:00:5f:91:94:74:27:e3:c6:51:d5:a6:ff:cd:5f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 24 10:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c109c8d996d05bff6ac0962f1ad90dc0c0b504e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:97:59:8a:7a:cf:1b:e8:bb:b0:69:1d:7c:d9:
f9:e5:21:e2:4d:43:08:ea:6c:c4:66:56:0a:2a:c7:
2d:f1:4f:1d:80:37:6d:dc:45:f7:2e:de:98:e8:a1:
08:fe:9f:96:df:5c:d0:bc:34:51:85:6f:ba:99:dd:
6d:6d:5a:fe:d0:0e:65:22:d3:92:19:07:74:4d:5f:
90:d5:53:36:85:58:39:ae:40:6f:25:c0:fb:ad:c3:
3b:24:6c:9e:04:24:0a:49:82:54:10:2f:df:bc:1f:
ef:61:1e:42:7f:68:06:77:54:f8:db:ba:e4:39:a4:
fc:51:62:a9:fb:58:6d:3a:f3:a4:50:8e:7d:fc:13:
c5:54:4f:21:ac:6a:97:e9:bd:db:d0:b7:bd:1a:e7:
95:36:f3:8f:87:18:eb:8a:31:d1:de:60:da:64:75:
aa:20:e1:27:68:c4:eb:16:a1:3a:50:1b:31:24:b9:
49:7b:1a:c4:0a:da:45:ce:9e:84:3a:79:20:2d:3a:
39:2e:87:c6:29:a2:4e:c9:7f:0f:d4:98:bb:cd:9e:
b8:ed:6a:4d:76:16:62:44:91:07:73:9f:a0:7c:fa:
3a:f0:07:a8:a2:b9:51:a9:a9:08:ff:41:3e:9b:c8:
73:35:0f:fd:01:28:3e:ce:bf:71:c8:bc:8e:a3:cf:
4e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:09:C8:D9:96:D0:5B:FF:6A:C0:96:2F:1A:D9:0D:C0:C0:B5:04:E2
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/wQnI2ZbQW_9qwJYvGtkNwMC1BOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:f140::/29
2a12:440::/29
Signature Algorithm: sha256WithRSAEncryption
4d:5e:d0:1e:51:d1:83:1c:7c:08:44:b9:87:e1:31:6f:9f:90:
9a:8c:45:ae:63:2b:8b:c1:5d:35:c1:b2:9a:c3:e8:ea:ac:7f:
eb:c2:1f:af:8a:6e:96:d0:8e:0d:af:7c:96:94:bd:91:3d:96:
21:87:30:e9:ea:14:44:e9:14:96:32:ee:69:59:02:9e:41:b8:
e4:e8:6e:1a:b1:6e:ca:24:1b:9a:65:6f:e8:e8:15:3f:c5:e9:
85:f4:0e:fe:86:15:e5:99:23:a6:ff:e6:57:d3:2b:82:9a:f1:
fb:df:60:4f:b1:4a:a9:65:12:1b:70:b8:94:9f:b8:11:86:a4:
3c:c4:20:66:d7:12:cc:80:ad:53:a5:6f:99:07:21:44:37:91:
f0:7d:cf:5c:44:92:ab:54:7f:19:d5:36:40:67:e7:97:e7:04:
21:84:ea:96:05:7d:e0:1d:85:eb:7e:05:d6:88:b8:b0:2c:26:
23:d9:d5:4a:28:fd:d8:94:ff:c0:5d:41:cc:56:80:44:9e:d3:
cf:96:8f:15:a1:c3:24:e2:9f:2e:53:c4:ad:64:cf:92:d3:df:
32:7a:2a:e3:5b:00:85:cb:8e:17:e2:e5:09:3a:82:ff:ed:42:
97:cf:24:e7:47:b0:53:c0:aa:c8:5d:9d:56:f8:98:74:a6:c0:
3b:96:8a:39
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGEAF+RlHQn48ZR1ab/zV9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODI0MTA0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA5YzhkOTk2ZDA1YmZmNmFjMDk2MmYxYWQ5MGRjMGMwYjUwNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pdZinrPG+i7sGkdfNn55SHiTUMI
6mzEZlYKKsct8U8dgDdt3EX3Lt6Y6KEI/p+W31zQvDRRhW+6md1tbVr+0A5lItOS
GQd0TV+Q1VM2hVg5rkBvJcD7rcM7JGyeBCQKSYJUEC/fvB/vYR5Cf2gGd1T427rk
OaT8UWKp+1htOvOkUI59/BPFVE8hrGqX6b3b0Le9GueVNvOPhxjrijHR3mDaZHWq
IOEnaMTrFqE6UBsxJLlJexrECtpFzp6EOnkgLTo5LofGKaJOyX8P1Ji7zZ647WpN
dhZiRJEHc5+gfPo68AeoorlRqakI/0E+m8hzNQ/9ASg+zr9xyLyOo89ONwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMEJyNmW0Fv/asCWLxrZDcDAtQTiMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvd1FuSTJaYlFXXzlxd0pZdkd0a053TUMxQk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhHxQAMF
AyoSBEAwDQYJKoZIhvcNAQELBQADggEBAE1e0B5R0YMcfAhEuYfhMW+fkJqMRa5j
K4vBXTXBsprD6Oqsf+vCH6+KbpbQjg2vfJaUvZE9liGHMOnqFETpFJYy7mlZAp5B
uOTobhqxbsokG5plb+joFT/F6YX0Dv6GFeWZI6b/5lfTK4Ka8fvfYE+xSqllEhtw
uJSfuBGGpDzEIGbXEsyArVOlb5kHIUQ3kfB9z1xEkqtUfxnVNkBn55fnBCGE6pYF
feAdhet+BdaIuLAsJiPZ1Uoo/diU/8BdQcxWgESe08+WjxWhwyTiny5TxK1kz5LT
3zJ6KuNbAIXLjhfi5Qk6gv/tQpfPJOdHsFPAqshdnVb4mHSmwDuWijk=
-----END CERTIFICATE-----
Generated at Tue Oct 22 18:57:40 2024 by rpki-client on console-ams.rpki-client.org