Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/exMVTTp9pYHm9NDGNE03Li3icWk.roa
File: exMVTTp9pYHm9NDGNE03Li3icWk.roa (raw, json)
Hash identifier: KX8Kbpkx89SXZc+dRbLu0ie7NriEAAlRK3R57J9lfjY=
Subject key identifier: 7B:13:15:4D:3A:7D:A5:81:E6:F4:D0:C6:34:4D:37:2E:2D:E2:71:69
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 01913BF430C8C96C1FC2511A8A98BF87C771
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/exMVTTp9pYHm9NDGNE03Li3icWk.roa
Signing time: Sat 10 Aug 2024 11:02:24 +0000
ROA not before: Sat 10 Aug 2024 11:02:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47787
IP address blocks: 2001:b18::/32 maxlen: 48
2001:b18:1005::/48 maxlen: 48
2001:b18:1009::/48 maxlen: 48
2001:b18:1014::/48 maxlen: 48
2001:b18:1019::/48 maxlen: 48
2a0d:82c0::/29 maxlen: 48
2a0d:82c7:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3b:f4:30:c8:c9:6c:1f:c2:51:1a:8a:98:bf:87:c7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Aug 10 11:02:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b13154d3a7da581e6f4d0c6344d372e2de27169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:02:f2:51:1f:b2:e1:ca:d2:3f:22:4c:3a:16:
1c:4e:9b:4b:b2:a8:bb:78:5b:33:c3:15:03:71:b7:
dc:e7:eb:bc:df:d3:67:75:d5:74:ef:65:d9:bc:9e:
5c:39:6d:55:0b:2d:23:4e:31:24:21:ac:53:c7:90:
6f:40:25:e7:16:85:82:e3:79:6b:14:d3:93:ef:ef:
ba:f8:79:16:0a:23:04:a8:c0:56:fc:4b:a4:8d:35:
d0:7d:da:b0:a9:91:89:78:2e:f6:ae:a0:9d:1f:ac:
42:a2:ec:94:48:5b:bb:27:24:27:79:00:2e:5c:9d:
21:d2:6a:15:0a:2e:8a:b6:4c:6e:3b:14:57:63:fd:
b5:50:ec:98:a5:b8:65:52:cf:fd:8e:4a:49:e8:36:
ad:11:ca:99:6b:01:f8:57:3a:2e:e3:00:0c:b4:cb:
a7:90:cb:f6:3d:35:24:0f:bd:df:0e:19:31:7b:3d:
fa:4e:9e:47:9c:59:5f:55:c8:68:f1:ac:61:34:74:
59:f7:15:36:51:4d:8f:a4:c3:1a:6c:80:aa:75:e4:
f2:9b:25:09:30:a2:a6:dc:f3:44:e6:19:90:b5:37:
b9:aa:bb:ec:71:f6:c1:3d:2c:dc:a3:72:53:48:e8:
0b:37:92:48:76:b1:4e:58:4d:97:93:cb:1f:8c:b8:
c0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:13:15:4D:3A:7D:A5:81:E6:F4:D0:C6:34:4D:37:2E:2D:E2:71:69
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/exMVTTp9pYHm9NDGNE03Li3icWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:b18::/32
2a0d:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:39:0a:66:04:7a:e4:2f:58:6e:d7:c1:5c:0a:8f:f3:31:fc:
5a:59:82:29:76:3f:4e:33:c9:c5:14:ad:37:4e:1f:7d:ea:56:
8d:7b:46:66:40:bf:a5:be:34:a6:bc:92:93:b2:f3:4a:74:6a:
d7:55:a3:5d:7d:8c:f1:09:76:6c:d8:e0:60:0d:e2:9e:ff:3f:
e3:3e:9c:24:d2:19:bc:30:04:f4:8b:a0:65:a2:5d:cf:89:8c:
ef:6d:50:e4:9a:df:04:fb:ba:37:38:bd:6b:15:8a:b0:08:7c:
57:31:e8:eb:30:e5:6c:3e:2d:fe:91:d1:c3:6c:31:23:5e:5b:
6f:c9:19:7e:4d:82:41:3c:c3:46:66:5d:f9:92:55:7f:47:ab:
9e:12:c6:09:0e:1a:9e:0b:47:3a:0b:0b:21:ef:1f:5d:74:93:
17:74:0c:de:d3:f5:00:d9:02:08:75:f6:d2:f0:f0:83:70:0c:
36:aa:14:df:70:e9:80:b7:48:36:b1:34:28:bb:2a:e9:4d:e7:
04:b4:73:ac:df:6c:98:65:8c:9c:f7:69:46:ef:46:b5:99:f8:
5f:7a:21:ba:90:9f:9b:43:f1:52:a5:eb:53:eb:c5:d2:a1:53:
d5:71:ce:59:6c:be:3d:a8:33:33:fa:39:7d:c3:34:be:35:84:
f6:36:6f:66
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZE79DDIyWwfwlEaipi/h8dxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwODEwMTEwMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjEzMTU0ZDNhN2RhNTgxZTZmNGQwYzYzNDRkMzcyZTJkZTI3MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtALyUR+y4crSPyJMOhYcTptLsqi7
eFszwxUDcbfc5+u839NnddV072XZvJ5cOW1VCy0jTjEkIaxTx5BvQCXnFoWC43lr
FNOT7++6+HkWCiMEqMBW/EukjTXQfdqwqZGJeC72rqCdH6xCouyUSFu7JyQneQAu
XJ0h0moVCi6KtkxuOxRXY/21UOyYpbhlUs/9jkpJ6DatEcqZawH4Vzou4wAMtMun
kMv2PTUkD73fDhkxez36Tp5HnFlfVcho8axhNHRZ9xU2UU2PpMMabICqdeTymyUJ
MKKm3PNE5hmQtTe5qrvscfbBPSzco3JTSOgLN5JIdrFOWE2Xk8sfjLjApwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHsTFU06faWB5vTQxjRNNy4t4nFpMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvZXhNVlRUcDlwWUhtOU5ER05FMDNMaTNpY1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAIAELGAMF
AyoNgsAwDQYJKoZIhvcNAQELBQADggEBACE5CmYEeuQvWG7XwVwKj/Mx/FpZgil2
P04zycUUrTdOH33qVo17RmZAv6W+NKa8kpOy80p0atdVo119jPEJdmzY4GAN4p7/
P+M+nCTSGbwwBPSLoGWiXc+JjO9tUOSa3wT7ujc4vWsVirAIfFcx6Osw5Ww+Lf6R
0cNsMSNeW2/JGX5NgkE8w0ZmXfmSVX9Hq54SxgkOGp4LRzoLCyHvH110kxd0DN7T
9QDZAgh19tLw8INwDDaqFN9w6YC3SDaxNCi7KulN5wS0c6zfbJhljJz3aUbvRrWZ
+F96IbqQn5tD8VKl61PrxdKhU9Vxzllsvj2oMzP6OX3DNL41hPY2b2Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:21 2024 by rpki-client on console-fra.rpki-client.org