Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4HGdUJgIXmJ3-WW9WLP2-bLUONU.roa
File: 4HGdUJgIXmJ3-WW9WLP2-bLUONU.roa (raw, json)
Hash identifier: CJvzUMoWllpKfnhRmXp8bpNyoGiPiVL+tnnKVtoAKZo=
Subject key identifier: E0:71:9D:50:98:08:5E:62:77:F9:65:BD:58:B3:F6:F9:B2:D4:38:D5
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 018CC3B67B79ED777EFA9B6426A6D94440EA
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4HGdUJgIXmJ3-WW9WLP2-bLUONU.roa
Signing time: Mon 01 Jan 2024 06:29:25 +0000
ROA not before: Mon 01 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a11:e101::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7b:79:ed:77:7e:fa:9b:64:26:a6:d9:44:40:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0719d5098085e6277f965bd58b3f6f9b2d438d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ff:e4:73:04:30:ab:7e:e8:1b:f1:1f:d9:db:
f8:5d:7d:f3:16:75:82:76:e3:18:91:68:25:aa:60:
f1:28:4e:71:d8:3a:c2:91:cd:d2:18:12:a0:48:65:
26:49:2f:9d:ab:c2:92:65:94:5d:b7:14:10:26:52:
3a:df:ab:76:9b:8d:9b:0c:5c:20:b3:35:02:81:ed:
12:0f:52:6f:71:ea:c6:96:ac:0a:cc:20:63:2c:95:
d3:04:40:98:69:cb:ce:a1:88:cf:b4:97:6c:23:11:
9e:5d:2e:b3:41:5b:14:19:b0:cc:cd:ed:4d:e1:4c:
60:53:d8:5f:88:bf:e4:9a:c3:82:00:89:4b:78:b0:
cb:fd:e5:92:8e:3c:87:ed:a4:fe:28:8f:7c:76:48:
fc:49:47:99:99:b2:89:7a:34:56:cc:0c:fb:e1:d5:
5d:b0:8f:68:bf:f1:4a:e8:01:bf:50:bc:df:33:4e:
29:04:1a:80:80:fe:e2:a5:ed:02:d1:b6:0a:8e:fd:
b7:5e:45:3a:94:21:40:fc:7b:e3:f3:22:78:6d:a4:
04:4a:4a:b4:00:ca:67:da:45:dd:e1:bb:b4:14:28:
a9:f2:b7:59:43:02:f1:e6:06:29:43:3c:ea:39:05:
e3:65:38:eb:eb:fd:e4:59:f8:1a:4f:46:13:d1:16:
85:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:71:9D:50:98:08:5E:62:77:F9:65:BD:58:B3:F6:F9:B2:D4:38:D5
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/4HGdUJgIXmJ3-WW9WLP2-bLUONU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e101::/32
Signature Algorithm: sha256WithRSAEncryption
68:56:59:0b:e1:b7:38:c4:6a:74:20:fb:40:5e:a0:77:3a:91:
27:09:7d:69:64:ad:31:bc:07:9f:e5:87:e5:18:22:ef:70:e8:
96:09:d9:2b:ce:0d:2f:de:e9:56:07:3e:97:5b:36:31:70:78:
7a:9b:9b:55:2c:23:68:69:35:e2:8e:fb:62:ff:61:22:a4:b2:
f5:51:15:f0:38:92:f2:03:86:b3:60:9a:cc:25:61:c9:9b:ad:
cd:4e:00:f0:e4:30:fe:59:32:85:52:aa:bf:5b:72:18:de:7c:
57:6f:cd:1e:c4:97:c8:a9:c1:71:a4:b1:da:73:4c:30:d4:f7:
30:85:7d:85:c3:cd:3e:89:74:a5:a0:c2:1d:25:46:ff:5b:92:
41:8b:22:94:66:af:92:6f:a5:da:5e:f5:a9:84:6b:a1:24:e6:
13:e8:69:d1:83:66:c1:4c:50:e1:66:8e:b0:f0:6d:ab:11:d1:
ff:4c:0e:d9:f2:02:82:b4:02:02:1f:b0:ae:db:a6:8d:98:12:
c8:6a:f0:49:3b:5e:a2:11:2d:a0:d8:21:a4:d1:27:c4:4f:47:
cb:04:c9:d5:e7:ce:bf:aa:cd:17:d0:d1:d5:5d:b8:9b:6f:33:
1f:88:19:9b:f8:af:35:90:51:3b:68:37:b0:88:75:16:c7:c7:
f9:26:cb:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDtnt57Xd++ptkJqbZREDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjQwMTAxMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDcxOWQ1MDk4MDg1ZTYyNzdmOTY1YmQ1OGIzZjZmOWIyZDQzOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP/kcwQwq37oG/Ef2dv4XX3zFnWC
duMYkWglqmDxKE5x2DrCkc3SGBKgSGUmSS+dq8KSZZRdtxQQJlI636t2m42bDFwg
szUCge0SD1JvcerGlqwKzCBjLJXTBECYacvOoYjPtJdsIxGeXS6zQVsUGbDMze1N
4UxgU9hfiL/kmsOCAIlLeLDL/eWSjjyH7aT+KI98dkj8SUeZmbKJejRWzAz74dVd
sI9ov/FK6AG/ULzfM04pBBqAgP7ipe0C0bYKjv23XkU6lCFA/Hvj8yJ4baQESkq0
AMpn2kXd4bu0FCip8rdZQwLx5gYpQzzqOQXjZTjr6/3kWfgaT0YT0RaFSQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOBxnVCYCF5id/llvViz9vmy1DjVMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvNEhHZFVKZ0lYbUozLVdXOVdMUDItYkxVT05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhHhATAN
BgkqhkiG9w0BAQsFAAOCAQEAaFZZC+G3OMRqdCD7QF6gdzqRJwl9aWStMbwHn+WH
5Rgi73DolgnZK84NL97pVgc+l1s2MXB4epubVSwjaGk14o77Yv9hIqSy9VEV8DiS
8gOGs2CazCVhyZutzU4A8OQw/lkyhVKqv1tyGN58V2/NHsSXyKnBcaSx2nNMMNT3
MIV9hcPNPol0paDCHSVG/1uSQYsilGavkm+l2l71qYRroSTmE+hp0YNmwUxQ4WaO
sPBtqxHR/0wO2fICgrQCAh+wrtumjZgSyGrwSTteohEtoNghpNEnxE9HywTJ1efO
v6rNF9DR1V24m28zH4gZm/ivNZBRO2g3sIh1FsfH+SbL7g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:25 2024 by rpki-client on console-ams.rpki-client.org