Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pg4SmgtO7Q-JXQyXahdl0Lx8Fis.roa
File: pg4SmgtO7Q-JXQyXahdl0Lx8Fis.roa (raw, json)
Hash identifier: MpfvS9cCfFmB/HsCU4WVpPhrLM9ZNKbq09xQ1k939zs=
Subject key identifier: A6:0E:12:9A:0B:4E:ED:0F:89:5D:0C:97:6A:17:65:D0:BC:7C:16:2B
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019033F8B2D56D00990D404FAA38F220AE4C
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pg4SmgtO7Q-JXQyXahdl0Lx8Fis.roa
Signing time: Thu 20 Jun 2024 04:47:35 +0000
ROA not before: Thu 20 Jun 2024 04:47:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213328
IP address blocks: 2a0d:6f80:2a42::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:33:f8:b2:d5:6d:00:99:0d:40:4f:aa:38:f2:20:ae:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 20 04:47:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a60e129a0b4eed0f895d0c976a1765d0bc7c162b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:40:e5:8c:80:85:ca:ca:3b:88:53:8e:87:5e:
93:46:20:21:d6:b7:28:ec:a8:3e:29:8d:30:f4:e5:
5a:14:ec:b1:8d:5d:6e:7a:96:4d:97:63:c4:eb:ed:
34:fe:6f:63:1a:63:a1:ad:da:4c:f3:00:ed:0e:49:
65:84:2c:31:19:94:33:a3:4f:5d:bf:f1:55:e5:d9:
50:81:72:15:1b:36:b4:ee:c9:dc:3e:68:59:94:b2:
0e:53:e5:f1:7c:90:13:7e:6a:5f:50:ef:6f:03:12:
e2:26:63:5d:6e:82:34:ad:4b:4f:88:ba:cb:25:56:
8d:73:32:bd:03:58:a3:92:81:15:e2:03:d1:5a:eb:
97:fc:8a:54:90:59:f2:8f:19:2e:c6:25:5a:ce:b4:
80:31:08:e2:d9:7b:3e:2a:b4:46:0b:a1:e5:df:0f:
c0:7a:0a:e9:20:9a:04:ae:6a:b2:66:1c:fa:85:4f:
6a:6e:77:5c:30:10:2c:58:58:71:5c:bd:a9:16:63:
55:5f:95:84:34:c7:8f:3e:49:89:35:f5:b9:97:b6:
09:4a:d9:a0:ae:fb:af:5e:58:45:fe:89:8d:97:92:
2d:18:9b:3d:1a:9b:02:57:c5:37:ae:8f:77:34:72:
84:ac:48:ba:3b:e9:4a:f1:ac:a0:b3:62:73:da:07:
3a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0E:12:9A:0B:4E:ED:0F:89:5D:0C:97:6A:17:65:D0:BC:7C:16:2B
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pg4SmgtO7Q-JXQyXahdl0Lx8Fis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:6f80:2a42::/48
Signature Algorithm: sha256WithRSAEncryption
03:41:35:dd:60:e0:da:6f:90:5c:ea:c8:07:1f:66:14:6c:b1:
c0:64:66:68:9a:fe:77:ab:0f:21:c9:67:66:6d:cd:cb:3c:42:
70:9c:88:50:82:bc:db:ce:c2:f9:61:1c:e4:42:cc:fc:2b:bb:
97:2b:68:bc:1f:df:b1:da:70:d4:01:9c:28:50:80:d0:d7:1c:
64:f8:55:38:d8:84:d4:ba:47:38:89:41:7f:81:ad:65:24:01:
5c:6a:09:68:c5:53:f5:f1:14:68:97:24:dc:33:be:b9:53:ff:
76:a5:d2:b0:5a:85:bb:55:49:5c:5f:05:4f:71:f7:a9:cb:22:
05:00:25:a5:da:b3:21:49:77:2b:b4:63:11:e6:2d:fd:72:6a:
54:7f:ff:08:51:6b:71:c9:06:57:d9:1a:60:a1:77:f0:14:2a:
90:77:41:ee:48:b0:1c:54:67:66:5a:63:61:22:6f:fb:d6:43:
69:b3:41:5b:ca:20:b8:a2:b2:71:26:c6:59:68:07:ae:73:84:
c7:a6:f4:9f:fd:86:d8:38:aa:41:ac:a7:09:d9:a4:48:de:f9:
85:05:02:2f:c7:b7:f3:0c:64:04:69:fe:18:1f:94:0f:88:20:
fd:a8:24:ba:fe:d8:37:5c:79:e1:c7:7b:27:4b:02:79:f4:30:
29:10:40:bd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZAz+LLVbQCZDUBPqjjyIK5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNjIwMDQ0NzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBlMTI5YTBiNGVlZDBmODk1ZDBjOTc2YTE3NjVkMGJjN2MxNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0DljICFyso7iFOOh16TRiAh1rco
7Kg+KY0w9OVaFOyxjV1uepZNl2PE6+00/m9jGmOhrdpM8wDtDkllhCwxGZQzo09d
v/FV5dlQgXIVGza07sncPmhZlLIOU+XxfJATfmpfUO9vAxLiJmNdboI0rUtPiLrL
JVaNczK9A1ijkoEV4gPRWuuX/IpUkFnyjxkuxiVazrSAMQji2Xs+KrRGC6Hl3w/A
egrpIJoErmqyZhz6hU9qbndcMBAsWFhxXL2pFmNVX5WENMePPkmJNfW5l7YJStmg
rvuvXlhF/omNl5ItGJs9GpsCV8U3ro93NHKErEi6O+lK8aygs2Jz2gc60QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKYOEpoLTu0PiV0Ml2oXZdC8fBYrMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcGc0U21ndE83US1KWFF5WGFoZGwwTHg4RmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg1vgCpC
MA0GCSqGSIb3DQEBCwUAA4IBAQADQTXdYODab5Bc6sgHH2YUbLHAZGZomv53qw8h
yWdmbc3LPEJwnIhQgrzbzsL5YRzkQsz8K7uXK2i8H9+x2nDUAZwoUIDQ1xxk+FU4
2ITUukc4iUF/ga1lJAFcagloxVP18RRolyTcM765U/92pdKwWoW7VUlcXwVPcfep
yyIFACWl2rMhSXcrtGMR5i39cmpUf/8IUWtxyQZX2RpgoXfwFCqQd0HuSLAcVGdm
WmNhIm/71kNps0FbyiC4orJxJsZZaAeuc4THpvSf/YbYOKpBrKcJ2aRI3vmFBQIv
x7fzDGQEaf4YH5QPiCD9qCS6/tg3XHnhx3snSwJ59DApEEC9
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:08:29 2024 by rpki-client on console-fra.rpki-client.org