Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/lBAesENEpP969uz9dVY5Z8rgAMs.roa
File: lBAesENEpP969uz9dVY5Z8rgAMs.roa (raw, json)
Hash identifier: 4TfGAirs/k32mBJWby5JSHrzGHUUMpBOodn1FiS0YNA=
Subject key identifier: 94:10:1E:B0:43:44:A4:FF:7A:F6:EC:FD:75:56:39:67:CA:E0:00:CB
Certificate issuer: /CN=c85106daad3a973fde98914f7cc1ccd35d8cc3c3
Certificate serial: 0191E6B0BFC771F901080C430290884151C8
Authority key identifier: C8:51:06:DA:AD:3A:97:3F:DE:98:91:4F:7C:C1:CC:D3:5D:8C:C3:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yFEG2q06lz_emJFPfMHM012Mw8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/lBAesENEpP969uz9dVY5Z8rgAMs.roa
Signing time: Thu 12 Sep 2024 14:43:48 +0000
ROA not before: Thu 12 Sep 2024 14:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214343
IP address blocks: 2001:3e80::/29 maxlen: 29
2001:3e81::/32 maxlen: 32
2001:3e82::/32 maxlen: 32
2001:3e83::/32 maxlen: 32
2001:3e84::/32 maxlen: 32
2001:3e85::/32 maxlen: 32
2001:3e86::/32 maxlen: 32
2001:3e87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/yFEG2q06lz_emJFPfMHM012Mw8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/yFEG2q06lz_emJFPfMHM012Mw8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/yFEG2q06lz_emJFPfMHM012Mw8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:b0:bf:c7:71:f9:01:08:0c:43:02:90:88:41:51:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c85106daad3a973fde98914f7cc1ccd35d8cc3c3
Validity
Not Before: Sep 12 14:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94101eb04344a4ff7af6ecfd75563967cae000cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a4:b8:18:da:d4:c4:87:cd:d4:26:19:53:9a:
6c:d8:c9:2a:51:22:65:2d:45:28:6a:11:0f:5f:f6:
d8:4c:a5:7c:ce:eb:73:09:2c:21:ba:74:c5:b8:42:
cb:f0:0b:cf:60:73:6b:8c:2f:5f:79:9d:89:57:a3:
66:65:b3:b9:66:75:cf:b2:d0:04:e5:47:30:b4:e1:
2a:0b:1f:8b:b7:3b:25:b4:b9:7c:02:4c:14:5b:94:
74:69:6e:e3:18:5a:d5:ab:68:0f:2a:75:3c:da:ea:
0f:ee:01:63:a0:63:7e:0f:82:3d:84:a4:3b:f4:6a:
00:27:ec:5c:01:e8:bb:9a:90:fc:89:28:1d:aa:21:
8d:1b:f3:ef:61:e6:64:b7:f9:5a:04:9d:82:04:69:
1d:1e:87:e8:f3:12:d6:39:e9:2e:e2:98:06:c5:66:
64:92:f3:49:47:ca:a5:48:aa:0c:88:1f:d6:ee:2f:
cd:80:ee:03:a4:ca:d2:83:60:56:1c:4a:e6:32:e3:
1a:52:9d:9b:40:06:bc:c9:8f:ef:3b:a2:7f:89:b5:
b7:86:e3:ed:cd:0a:d5:81:a6:ef:68:b8:01:fd:0a:
f8:e4:d4:bb:47:3f:9a:3c:6d:a6:09:e7:cb:d2:a0:
27:68:4e:bf:4c:c1:de:6e:6f:ec:4a:84:cb:74:9a:
03:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:10:1E:B0:43:44:A4:FF:7A:F6:EC:FD:75:56:39:67:CA:E0:00:CB
X509v3 Authority Key Identifier:
keyid:C8:51:06:DA:AD:3A:97:3F:DE:98:91:4F:7C:C1:CC:D3:5D:8C:C3:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yFEG2q06lz_emJFPfMHM012Mw8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/lBAesENEpP969uz9dVY5Z8rgAMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8c88bb-44dc-4f08-beee-fef48712acab/1/yFEG2q06lz_emJFPfMHM012Mw8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3e80::/29
Signature Algorithm: sha256WithRSAEncryption
1e:13:a1:7d:37:9e:fb:d2:37:3a:dc:2b:20:66:e6:1e:b9:16:
f0:ee:5b:34:45:c1:98:9c:9c:53:c0:d3:e7:8f:a0:cc:3a:84:
2b:8e:6d:2c:d7:e5:24:fb:25:6a:b7:45:cc:ab:8a:3c:eb:10:
56:49:2e:c0:cc:dc:48:b2:8e:fa:a2:eb:41:61:52:b3:62:01:
eb:9c:7d:70:9a:de:d3:7d:2b:e6:01:ad:5f:c7:e1:7e:5c:80:
3c:1a:3c:68:0d:d7:8f:25:93:46:56:c2:ea:95:71:c2:47:71:
fb:7b:74:3a:f5:04:86:92:79:e3:d2:70:8c:56:4c:a0:fa:2c:
03:75:23:96:58:6e:ff:bc:60:8b:ab:30:d3:17:cd:e0:ce:06:
18:a9:85:d4:94:fc:24:44:23:78:d3:b5:64:b9:b7:af:e3:2e:
57:cb:a7:44:2d:a8:52:31:13:93:9a:ee:e6:f5:cb:64:c8:c9:
01:c1:04:47:73:d9:50:9a:0e:b4:c3:95:d0:c1:4a:e9:a1:a5:
e7:5d:d7:87:22:2d:cf:97:05:9c:42:23:33:70:0f:5f:3f:49:
78:79:1e:c3:dd:1f:dd:94:fb:73:c4:e5:eb:90:fe:2b:00:cb:
d2:f1:23:82:0e:51:30:b0:ad:17:82:d4:53:4c:83:e8:47:19:
84:1a:ac:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZHmsL/HcfkBCAxDApCIQVHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NTEwNmRhYWQzYTk3M2ZkZTk4OTE0ZjdjYzFjY2QzNWQ4
Y2MzYzMwHhcNMjQwOTEyMTQ0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDEwMWViMDQzNDRhNGZmN2FmNmVjZmQ3NTU2Mzk2N2NhZTAwMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aS4GNrUxIfN1CYZU5ps2MkqUSJl
LUUoahEPX/bYTKV8zutzCSwhunTFuELL8AvPYHNrjC9feZ2JV6NmZbO5ZnXPstAE
5UcwtOEqCx+LtzsltLl8AkwUW5R0aW7jGFrVq2gPKnU82uoP7gFjoGN+D4I9hKQ7
9GoAJ+xcAei7mpD8iSgdqiGNG/PvYeZkt/laBJ2CBGkdHofo8xLWOeku4pgGxWZk
kvNJR8qlSKoMiB/W7i/NgO4DpMrSg2BWHErmMuMaUp2bQAa8yY/vO6J/ibW3huPt
zQrVgabvaLgB/Qr45NS7Rz+aPG2mCefL0qAnaE6/TMHebm/sSoTLdJoD1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJQQHrBDRKT/evbs/XVWOWfK4ADLMB8GA1UdIwQY
MBaAFMhRBtqtOpc/3piRT3zBzNNdjMPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUZFRzJxMDZsel9lbUpGUGZNSE0wMTJNdzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Yzg4YmItNDRkYy00ZjA4LWJlZWUt
ZmVmNDg3MTJhY2FiLzEvbEJBZXNFTkVwUDk2OXV6OWRWWTVaOHJnQU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC84Yzg4YmItNDRkYy00ZjA4LWJlZWUtZmVmNDg3MTJhY2Fi
LzEveUZFRzJxMDZsel9lbUpGUGZNSE0wMTJNdzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAE+gDAN
BgkqhkiG9w0BAQsFAAOCAQEAHhOhfTee+9I3OtwrIGbmHrkW8O5bNEXBmJycU8DT
54+gzDqEK45tLNflJPslardFzKuKPOsQVkkuwMzcSLKO+qLrQWFSs2IB65x9cJre
030r5gGtX8fhflyAPBo8aA3XjyWTRlbC6pVxwkdx+3t0OvUEhpJ549JwjFZMoPos
A3Ujllhu/7xgi6sw0xfN4M4GGKmF1JT8JEQjeNO1ZLm3r+MuV8unRC2oUjETk5ru
5vXLZMjJAcEER3PZUJoOtMOV0MFK6aGl513XhyItz5cFnEIjM3APXz9JeHkew90f
3ZT7c8Tl65D+KwDL0vEjgg5RMLCtF4LUU0yD6EcZhBqsXQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:14:09 2024 by rpki-client on console-ams.rpki-client.org