Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/_QPsGh0HNtlcYaZPGUxvqUr4izg.roa
File: _QPsGh0HNtlcYaZPGUxvqUr4izg.roa (raw, json)
Hash identifier: OcnJA+DhN3pF8jUv/C7g99AZqWWkoMue31qCVRVwPzE=
Subject key identifier: FD:03:EC:1A:1D:07:36:D9:5C:61:A6:4F:19:4C:6F:A9:4A:F8:8B:38
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 018D331EC7C286D91DDE46E950F264A5A270
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/_QPsGh0HNtlcYaZPGUxvqUr4izg.roa
Signing time: Mon 22 Jan 2024 21:41:11 +0000
ROA not before: Mon 22 Jan 2024 21:41:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216308
IP address blocks: 2a10:4646:390::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:33:1e:c7:c2:86:d9:1d:de:46:e9:50:f2:64:a5:a2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 22 21:41:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd03ec1a1d0736d95c61a64f194c6fa94af88b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2b:86:b2:71:6f:69:ac:93:75:4d:19:d8:9f:
c4:86:6a:2c:86:a5:93:53:ca:39:78:86:d2:a9:08:
56:4d:a5:02:47:ff:b1:e6:55:29:53:69:7c:63:52:
06:95:38:d3:de:2e:77:6c:44:1f:58:a5:eb:08:60:
89:02:0d:24:28:9e:f5:74:97:d4:f0:64:68:eb:dd:
04:d8:9c:71:eb:ab:9e:66:70:5c:2b:20:78:fe:1c:
29:56:e3:08:80:a7:4e:b8:d0:dd:2e:f4:dc:01:33:
78:19:7b:d3:4c:53:aa:9b:90:ca:8e:bd:43:59:d0:
9b:6e:bf:82:b2:94:1c:a7:b4:8d:16:a0:64:47:bf:
9d:03:43:eb:e1:92:ac:83:7a:0f:03:59:b3:52:31:
c5:55:9a:e7:62:37:3f:d5:eb:4d:26:b2:aa:a2:8b:
01:15:93:87:1a:4d:f0:a8:9a:d1:b4:01:d4:c1:bd:
0d:8a:96:4e:0d:3d:f3:95:06:7f:94:a8:60:64:2b:
1a:5b:a1:c0:b2:27:db:e0:3e:81:31:6a:1c:48:a6:
ca:20:b6:b3:ab:88:a1:79:04:c3:37:74:57:63:af:
e6:c1:ac:6b:b9:36:da:3e:7f:53:e6:3f:d5:43:25:
80:80:6d:00:2d:93:7f:32:72:64:3a:f4:2f:0b:75:
dc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:03:EC:1A:1D:07:36:D9:5C:61:A6:4F:19:4C:6F:A9:4A:F8:8B:38
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/_QPsGh0HNtlcYaZPGUxvqUr4izg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:390::/44
Signature Algorithm: sha256WithRSAEncryption
2d:8c:e7:e5:b8:9f:5a:b3:05:80:2f:84:20:82:81:2b:0e:21:
5f:2e:f2:c3:f7:40:63:e7:3b:f9:d1:65:4b:ba:a4:46:6d:b1:
f6:a9:2b:56:dd:d4:ac:c9:f4:1a:c7:d5:eb:fb:3c:df:a1:80:
ca:c0:a5:14:df:7a:16:67:f6:6e:fd:ca:54:fb:23:ee:0c:e8:
b7:ac:4d:74:b4:21:dd:c7:b7:ca:8d:81:c3:e9:0f:56:2d:d0:
25:fc:1f:b7:60:4e:a1:52:0b:52:eb:9a:07:5e:bb:51:da:1e:
e9:a4:f6:83:70:2b:2f:4a:fa:a7:85:1b:06:51:31:f2:88:c5:
83:f3:00:89:df:fb:3e:28:85:e7:0e:6d:6a:ff:dc:31:b6:90:
7c:a5:d1:17:6e:6d:b3:55:3f:5e:11:4f:3d:a0:a6:3d:82:a7:
af:f7:f0:e1:c6:5e:f0:0f:62:ae:66:3b:9e:d3:0b:13:ea:71:
47:4a:e7:33:be:ad:22:d6:3a:93:09:2a:24:67:d9:2d:00:cb:
04:60:a0:7d:d7:47:c0:a1:9b:82:aa:95:c0:d7:93:e2:92:85:
bc:05:f4:ad:69:f6:49:ea:57:b3:60:25:83:cc:ff:e8:cf:d4:
dd:3f:1c:b0:b6:24:c6:5c:1b:35:28:50:c7:9e:33:68:14:71:
4a:ac:17:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0zHsfChtkd3kbpUPJkpaJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjQwMTIyMjE0MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAzZWMxYTFkMDczNmQ5NWM2MWE2NGYxOTRjNmZhOTRhZjg4YjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCuGsnFvaayTdU0Z2J/EhmoshqWT
U8o5eIbSqQhWTaUCR/+x5lUpU2l8Y1IGlTjT3i53bEQfWKXrCGCJAg0kKJ71dJfU
8GRo690E2Jxx66ueZnBcKyB4/hwpVuMIgKdOuNDdLvTcATN4GXvTTFOqm5DKjr1D
WdCbbr+CspQcp7SNFqBkR7+dA0Pr4ZKsg3oPA1mzUjHFVZrnYjc/1etNJrKqoosB
FZOHGk3wqJrRtAHUwb0NipZODT3zlQZ/lKhgZCsaW6HAsifb4D6BMWocSKbKILaz
q4iheQTDN3RXY6/mwaxruTbaPn9T5j/VQyWAgG0ALZN/MnJkOvQvC3Xc/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP0D7BodBzbZXGGmTxlMb6lK+Is4MB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvX1FQc0doMEhOdGxjWWFaUEdVeHZxVXI0aXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgOQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAtjOfluJ9aswWAL4QggoErDiFfLvLD90Bj5zv5
0WVLuqRGbbH2qStW3dSsyfQax9Xr+zzfoYDKwKUU33oWZ/Zu/cpU+yPuDOi3rE10
tCHdx7fKjYHD6Q9WLdAl/B+3YE6hUgtS65oHXrtR2h7ppPaDcCsvSvqnhRsGUTHy
iMWD8wCJ3/s+KIXnDm1q/9wxtpB8pdEXbm2zVT9eEU89oKY9gqev9/Dhxl7wD2Ku
Zjue0wsT6nFHSuczvq0i1jqTCSokZ9ktAMsEYKB910fAoZuCqpXA15PikoW8BfSt
afZJ6lezYCWDzP/oz9TdPxywtiTGXBs1KFDHnjNoFHFKrBcF
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:12 2024 by rpki-client on console-ams.rpki-client.org