Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/7YDZZ4MieMO53Ob8f-nXVQJh13E.roa
File: 7YDZZ4MieMO53Ob8f-nXVQJh13E.roa (raw, json)
Hash identifier: +iIOfp1A6vzdj7qhD20Iov5R/4fq7Gfq6f4cG0eGnuY=
Subject key identifier: ED:80:D9:67:83:22:78:C3:B9:DC:E6:FC:7F:E9:D7:55:02:61:D7:71
Certificate issuer: /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial: 01932236639EACAA8D8CF99DB836B157D6BA
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/7YDZZ4MieMO53Ob8f-nXVQJh13E.roa
Signing time: Tue 12 Nov 2024 21:10:10 +0000
ROA not before: Tue 12 Nov 2024 21:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 2a05:9bc0::/29 maxlen: 29
2a05:9bc0::/32 maxlen: 32
2a05:9bc1::/32 maxlen: 32
2a05:9bc2::/32 maxlen: 32
2a05:9bc3::/32 maxlen: 32
2a05:9bc4::/32 maxlen: 32
2a05:9bc5::/32 maxlen: 32
2a05:9bc6::/32 maxlen: 32
2a05:9bc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:22:36:63:9e:ac:aa:8d:8c:f9:9d:b8:36:b1:57:d6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Validity
Not Before: Nov 12 21:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed80d967832278c3b9dce6fc7fe9d7550261d771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:00:16:94:46:30:ea:78:8c:5b:46:83:25:9d:
6c:6a:e1:19:a6:70:13:36:74:08:6e:7a:75:b2:98:
b4:41:04:1f:9e:ec:b1:84:0e:8e:4b:9a:fd:8d:1c:
70:20:be:8a:16:0c:29:d0:a4:04:40:68:6e:30:73:
bf:5c:cc:03:e1:b4:63:b5:55:9f:47:53:78:10:e4:
4f:5d:d8:b5:2a:ba:5a:f7:74:ce:da:1e:51:99:b4:
50:1f:72:7e:ee:0d:dd:70:f3:c8:8e:32:29:0d:95:
be:97:d3:42:32:9a:fa:cf:6b:1b:98:13:c6:c3:8a:
30:54:86:85:05:e7:81:a7:7b:13:08:81:6c:51:a6:
d4:e4:33:f7:97:1f:46:32:38:9b:1f:f1:8b:dd:ca:
0e:b4:4d:48:aa:eb:0c:f1:cd:5e:e0:77:50:0e:d7:
3a:23:d1:88:7e:e6:dd:87:7d:94:d8:dd:43:70:81:
79:7b:e9:30:3e:6d:5e:51:3a:c9:96:df:24:38:57:
dd:28:83:68:11:df:4d:dc:d5:8e:b0:d2:a6:99:73:
0c:d2:af:2a:15:39:19:09:ed:20:99:25:03:88:de:
aa:24:3e:cf:42:7f:44:c7:f7:c1:70:7b:d2:4e:10:
4c:c7:29:38:12:2c:bd:3b:45:0c:a0:39:4c:34:65:
f2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:80:D9:67:83:22:78:C3:B9:DC:E6:FC:7F:E9:D7:55:02:61:D7:71
X509v3 Authority Key Identifier:
keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/7YDZZ4MieMO53Ob8f-nXVQJh13E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
a8:30:77:e6:c5:08:2b:d8:8a:41:a9:5a:1d:08:88:39:77:93:
78:2d:3b:4b:65:5e:fd:73:be:f5:29:2a:a2:07:1b:75:3d:dc:
0c:c0:36:ef:07:8c:36:78:4f:93:0b:3e:4f:78:b7:fb:36:7b:
cc:40:d5:02:61:0d:ad:0d:ea:46:92:d6:f5:46:98:1b:f8:3c:
c0:cb:54:0d:52:30:5b:9e:64:4b:b2:f4:7f:b7:7d:20:b1:1b:
8b:99:f4:d3:f2:6e:4f:87:d5:55:b5:cb:e1:03:28:6c:42:c7:
8d:e2:e4:48:a0:b9:64:1f:c1:a1:73:53:ef:cd:ce:86:56:80:
e8:56:10:64:f4:cc:89:b4:59:5c:cf:0c:a2:e1:76:9c:1f:90:
ee:55:9e:60:e3:85:f5:bd:ad:1d:ea:8c:71:d7:b4:35:94:85:
f7:8f:c5:43:50:b5:83:88:97:cb:55:0b:57:1f:40:64:a4:69:
7e:3b:de:e0:a6:da:c7:15:92:af:6f:33:bb:18:51:9a:55:c9:
66:c1:56:4b:a6:2d:1c:81:d5:13:9a:a6:18:b5:1e:ec:42:c3:
be:f0:8c:96:f0:08:9f:c6:69:a5:70:59:c7:8d:d6:81:d5:e3:
60:6a:bd:1d:6c:bd:f1:88:dc:0b:fc:9a:61:ed:40:c9:39:e0:
8d:5b:d8:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMiNmOerKqNjPmduDaxV9a6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjQxMTEyMjExMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDgwZDk2NzgzMjI3OGMzYjlkY2U2ZmM3ZmU5ZDc1NTAyNjFkNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigAWlEYw6niMW0aDJZ1sauEZpnAT
NnQIbnp1spi0QQQfnuyxhA6OS5r9jRxwIL6KFgwp0KQEQGhuMHO/XMwD4bRjtVWf
R1N4EORPXdi1Krpa93TO2h5RmbRQH3J+7g3dcPPIjjIpDZW+l9NCMpr6z2sbmBPG
w4owVIaFBeeBp3sTCIFsUabU5DP3lx9GMjibH/GL3coOtE1IqusM8c1e4HdQDtc6
I9GIfubdh32U2N1DcIF5e+kwPm1eUTrJlt8kOFfdKINoEd9N3NWOsNKmmXMM0q8q
FTkZCe0gmSUDiN6qJD7PQn9Ex/fBcHvSThBMxyk4Eiy9O0UMoDlMNGXyxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO2A2WeDInjDudzm/H/p11UCYddxMB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvN1lEWlo0TWllTU81M09iOGYtblhWUUpoMTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWbwDAN
BgkqhkiG9w0BAQsFAAOCAQEAqDB35sUIK9iKQalaHQiIOXeTeC07S2Ve/XO+9Skq
ogcbdT3cDMA27weMNnhPkws+T3i3+zZ7zEDVAmENrQ3qRpLW9UaYG/g8wMtUDVIw
W55kS7L0f7d9ILEbi5n00/JuT4fVVbXL4QMobELHjeLkSKC5ZB/BoXNT783OhlaA
6FYQZPTMibRZXM8MouF2nB+Q7lWeYOOF9b2tHeqMcde0NZSF94/FQ1C1g4iXy1UL
Vx9AZKRpfjve4KbaxxWSr28zuxhRmlXJZsFWS6YtHIHVE5qmGLUe7ELDvvCMlvAI
n8ZppXBZx43WgdXjYGq9HWy98YjcC/yaYe1AyTngjVvY8g==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:07:34 2024 by rpki-client on console-fra.rpki-client.org