Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/_EzXQ96pOS2QwTQMqye_Bj0PsXM.roa
File: _EzXQ96pOS2QwTQMqye_Bj0PsXM.roa (raw, json)
Hash identifier: C8mvVtMxqjzoZXooEtLw2Q/N6Lhp5sPcTUspZ2/jnq4=
Subject key identifier: FC:4C:D7:43:DE:A9:39:2D:90:C1:34:0C:AB:27:BF:06:3D:0F:B1:73
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 018CC2DB20EC96B73D1B77E67945F06DA909
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/_EzXQ96pOS2QwTQMqye_Bj0PsXM.roa
Signing time: Mon 01 Jan 2024 02:29:49 +0000
ROA not before: Mon 01 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 328778
IP address blocks: 2a02:f406:ff50::/48 maxlen: 48
2a02:f406:fed0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:20:ec:96:b7:3d:1b:77:e6:79:45:f0:6d:a9:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Jan 1 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc4cd743dea9392d90c1340cab27bf063d0fb173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:39:75:e5:9c:0c:84:3c:02:16:24:d2:94:64:
19:45:ec:78:e6:37:7f:a4:11:e8:0e:14:0d:cc:b7:
36:c9:bd:a6:86:ef:e9:50:8c:e6:2d:16:cc:4b:81:
a0:95:f7:6a:8f:e7:6a:b0:11:c4:4b:35:1c:2c:e1:
11:8d:17:64:17:52:42:b3:26:63:7f:da:24:2c:ce:
1b:d9:84:16:8d:64:dd:47:2b:a7:f4:f3:c5:cd:8d:
4a:78:59:35:da:cc:67:6f:f5:ec:f3:bd:b8:1a:65:
da:2d:bd:94:04:6f:1b:d1:41:5c:1b:d5:e9:f0:2b:
0a:3b:c7:2b:62:8d:84:a5:8d:24:b9:2f:6e:1f:89:
48:c3:ee:74:6b:cf:91:e8:9e:34:b0:6d:70:c8:40:
0e:24:2b:fe:7e:04:ea:b3:a8:b4:52:ce:ca:66:11:
4c:ee:d9:83:01:c9:dc:76:33:5e:43:62:86:d3:2c:
83:60:8c:6b:0a:83:f9:60:cd:20:e4:9c:8b:96:95:
3f:13:93:5c:99:40:03:54:3a:dd:f0:f5:60:d1:10:
a8:f2:7f:a9:83:fd:54:a7:7e:78:60:d9:1f:5d:58:
ac:ba:3c:ae:2b:b9:00:98:3c:9c:24:a9:8d:6f:5c:
c8:44:89:05:33:51:47:f3:3a:2d:90:b1:c2:1a:21:
aa:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:4C:D7:43:DE:A9:39:2D:90:C1:34:0C:AB:27:BF:06:3D:0F:B1:73
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/_EzXQ96pOS2QwTQMqye_Bj0PsXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:f406:fed0::/48
2a02:f406:ff50::/48
Signature Algorithm: sha256WithRSAEncryption
47:27:da:01:b1:cd:86:71:e5:06:87:a2:d8:34:43:76:36:5e:
93:bd:7d:9d:56:3a:0d:0f:81:c1:dc:41:15:c0:ab:70:ac:19:
8f:1e:1e:93:be:af:14:5a:0f:f2:72:92:bc:bb:76:de:2d:54:
ad:b5:f2:50:98:d9:a6:b7:c2:e1:e0:b3:ea:0b:27:82:3d:b3:
cb:a3:a6:05:4e:05:dd:8b:74:b7:71:74:c2:ed:6f:fd:8c:88:
fb:35:9d:da:b5:1f:3f:56:c9:b8:a6:8d:32:7c:3d:5b:3f:0a:
62:ff:0e:0b:55:a1:1b:5c:07:06:85:71:7a:5c:a7:22:0d:e6:
e8:4a:50:f6:a1:c6:92:4a:e3:5b:32:76:ea:eb:4b:33:55:42:
95:7e:5f:97:d2:42:d3:64:59:9a:b8:f2:3c:5f:ee:34:a8:6a:
a2:c1:bc:58:2e:1d:1c:2e:d7:4c:49:64:11:e8:25:a4:d3:63:
e9:b3:de:d2:23:04:70:e3:02:94:8d:ab:1e:2b:ae:86:bf:dd:
13:d3:5a:9f:10:6e:af:be:92:4d:37:40:f0:8a:0b:46:2a:97:
66:43:9e:ab:70:cf:ca:74:90:1b:a0:2f:de:7c:d3:0e:35:34:
14:c1:e2:07:15:e9:a2:03:e1:e3:77:4e:58:c0:c4:0a:a4:95:
5c:d1:ba:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2yDslrc9G3fmeUXwbakJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjQwMTAxMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzRjZDc0M2RlYTkzOTJkOTBjMTM0MGNhYjI3YmYwNjNkMGZiMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Tl15ZwMhDwCFiTSlGQZRex45jd/
pBHoDhQNzLc2yb2mhu/pUIzmLRbMS4Gglfdqj+dqsBHESzUcLOERjRdkF1JCsyZj
f9okLM4b2YQWjWTdRyun9PPFzY1KeFk12sxnb/Xs8724GmXaLb2UBG8b0UFcG9Xp
8CsKO8crYo2EpY0kuS9uH4lIw+50a8+R6J40sG1wyEAOJCv+fgTqs6i0Us7KZhFM
7tmDAcncdjNeQ2KG0yyDYIxrCoP5YM0g5JyLlpU/E5NcmUADVDrd8PVg0RCo8n+p
g/1Up354YNkfXVisujyuK7kAmDycJKmNb1zIRIkFM1FH8zotkLHCGiGqpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPxM10PeqTktkME0DKsnvwY9D7FzMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEvX0V6WFE5NnBPUzJRd1RRTXF5ZV9CajBQc1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgL0Bv7Q
AwcAKgL0Bv9QMA0GCSqGSIb3DQEBCwUAA4IBAQBHJ9oBsc2GceUGh6LYNEN2Nl6T
vX2dVjoND4HB3EEVwKtwrBmPHh6Tvq8UWg/ycpK8u3beLVSttfJQmNmmt8Lh4LPq
CyeCPbPLo6YFTgXdi3S3cXTC7W/9jIj7NZ3atR8/Vsm4po0yfD1bPwpi/w4LVaEb
XAcGhXF6XKciDeboSlD2ocaSSuNbMnbq60szVUKVfl+X0kLTZFmauPI8X+40qGqi
wbxYLh0cLtdMSWQR6CWk02Pps97SIwRw4wKUjaseK66Gv90T01qfEG6vvpJNN0Dw
igtGKpdmQ56rcM/KdJAboC/efNMONTQUweIHFemiA+Hjd05YwMQKpJVc0bqE
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:38:49 2024 by rpki-client on console-ams.rpki-client.org