Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/JL2yqAQQ73Ghto92lJM0b-Xhb_g.roa
File: JL2yqAQQ73Ghto92lJM0b-Xhb_g.roa (raw, json)
Hash identifier: 0RFSA0i0bWHmJNoSMurjBm8M3HI+HgMVtxQ3P8V0H8k=
Subject key identifier: 24:BD:B2:A8:04:10:EF:71:A1:B6:8F:76:94:93:34:6F:E5:E1:6F:F8
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018EC335E3FFF12FBBFA3001CD6A8F506AE3
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/JL2yqAQQ73Ghto92lJM0b-Xhb_g.roa
Signing time: Tue 09 Apr 2024 14:14:32 +0000
ROA not before: Tue 09 Apr 2024 14:14:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208861
IP address blocks: 2a0c:ab03::/32 maxlen: 32
2a0c:ab05::/32 maxlen: 32
2a0c:ab06::/32 maxlen: 32
2a0c:ab07:2000::/36 maxlen: 36
2a0c:ab07:3000::/36 maxlen: 36
2a0c:ab07:5000::/36 maxlen: 36
2a0c:ab07:c000::/36 maxlen: 36
2a0c:ab07:d000::/36 maxlen: 36
2a0c:ab07:e000::/36 maxlen: 36
2a0c:ab07:f000::/36 maxlen: 36
2a10:2ec1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 07:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:35:e3:ff:f1:2f:bb:fa:30:01:cd:6a:8f:50:6a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Apr 9 14:14:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24bdb2a80410ef71a1b68f769493346fe5e16ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:23:eb:15:e0:99:85:19:01:fc:79:4c:f2:8f:
7a:73:d2:e0:f7:71:ed:75:a3:70:7b:c3:6c:e2:bc:
95:9f:da:78:45:de:e0:40:a0:ee:53:14:96:3f:0e:
48:f6:2e:1f:36:e6:73:42:15:41:a3:27:02:0f:89:
ca:e0:78:0f:2b:ae:b7:d2:5b:9a:d5:fb:c7:7e:3d:
bc:24:be:73:8f:9c:bf:0b:a8:84:75:b7:67:4e:38:
f9:aa:7f:83:23:2a:74:6f:93:ba:e2:a3:ad:8d:b5:
e0:f1:87:72:af:a2:2a:41:3c:22:39:ff:d8:45:d9:
e1:26:39:11:2a:dc:0a:1f:af:27:56:db:e5:e5:ba:
8d:e5:e5:46:86:30:88:eb:ef:41:a9:b5:bd:ac:1f:
d9:26:03:3f:4a:0f:5a:59:6a:17:3c:b6:63:61:08:
ec:04:cb:49:74:2b:01:92:f6:c0:6a:66:32:86:9a:
29:63:fa:18:e9:24:97:37:45:8e:db:5c:a1:68:03:
09:b4:b2:45:cb:60:1f:24:d1:27:39:01:8e:69:28:
65:76:71:7a:e8:ad:a7:f7:bc:34:62:2a:14:45:ba:
ea:d0:bd:d0:d3:1d:ae:40:6f:5c:47:46:a6:4b:83:
b4:ba:ac:4c:42:4c:9e:4f:92:16:20:85:3a:1b:ce:
34:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BD:B2:A8:04:10:EF:71:A1:B6:8F:76:94:93:34:6F:E5:E1:6F:F8
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/JL2yqAQQ73Ghto92lJM0b-Xhb_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:ab03::/32
2a0c:ab05::-2a0c:ab06:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:ab07:2000::/35
2a0c:ab07:5000::/36
2a0c:ab07:c000::/34
2a10:2ec1::/32
Signature Algorithm: sha256WithRSAEncryption
11:c9:f6:25:af:e2:e5:90:14:9a:3c:98:9f:1e:e3:81:68:91:
bd:d4:6d:30:c4:1e:8a:cc:d0:91:02:b2:2a:71:84:92:b7:6d:
fa:71:ff:e2:fa:d2:48:2f:73:fe:91:19:de:fc:55:94:cd:89:
3a:71:06:a4:8d:6d:76:77:0c:94:07:ce:cf:cf:53:8b:20:c7:
ad:7e:ca:7b:c8:21:62:31:ab:68:de:3d:fb:79:a7:87:02:5d:
3b:b4:c1:bb:be:5d:91:82:a9:a4:04:e3:53:30:49:2e:ae:1a:
16:9f:cc:c3:5b:03:b7:f8:d9:91:03:9f:3a:2f:39:15:9b:d5:
86:d5:07:73:4c:5e:13:92:08:d6:ae:45:2a:71:3c:18:2b:75:
8d:72:44:a3:95:cf:cf:0d:9d:86:22:a9:ba:47:d9:5a:e6:67:
38:ba:83:27:0b:ee:fa:a7:ea:81:01:14:ec:c0:9f:a2:04:ac:
3a:98:3e:3d:9f:8b:28:be:b4:90:7c:fe:8f:f4:24:64:7f:3f:
b1:aa:43:6b:44:49:9a:a4:68:ea:58:be:d8:f8:65:89:e0:fa:
02:3c:33:65:4b:08:b3:fb:06:4f:58:72:e1:53:8f:e6:cf:b2:
3b:b5:e6:ff:b6:65:f8:1c:50:b1:47:bc:51:6c:a3:0e:f7:b7:
98:9d:a4:b4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY7DNeP/8S+7+jABzWqPUGrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwNDA5MTQxNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGJkYjJhODA0MTBlZjcxYTFiNjhmNzY5NDkzMzQ2ZmU1ZTE2ZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCPrFeCZhRkB/HlM8o96c9Lg93Ht
daNwe8Ns4ryVn9p4Rd7gQKDuUxSWPw5I9i4fNuZzQhVBoycCD4nK4HgPK6630lua
1fvHfj28JL5zj5y/C6iEdbdnTjj5qn+DIyp0b5O64qOtjbXg8Ydyr6IqQTwiOf/Y
RdnhJjkRKtwKH68nVtvl5bqN5eVGhjCI6+9BqbW9rB/ZJgM/Sg9aWWoXPLZjYQjs
BMtJdCsBkvbAamYyhpopY/oY6SSXN0WO21yhaAMJtLJFy2AfJNEnOQGOaShldnF6
6K2n97w0YioURbrq0L3Q0x2uQG9cR0amS4O0uqxMQkyeT5IWIIU6G8402wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCS9sqgEEO9xobaPdpSTNG/l4W/4MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvSkwyeXFBUVE3M0dodG85MmxKTTBiLVhoYl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwUAKgyrAzAO
AwUAKgyrBQMFACoMqwYDBgUqDKsHIAMGBCoMqwdQAwYGKgyrB8ADBQAqEC7BMA0G
CSqGSIb3DQEBCwUAA4IBAQARyfYlr+LlkBSaPJifHuOBaJG91G0wxB6KzNCRArIq
cYSSt236cf/i+tJIL3P+kRne/FWUzYk6cQakjW12dwyUB87Pz1OLIMetfsp7yCFi
Mato3j37eaeHAl07tMG7vl2RgqmkBONTMEkurhoWn8zDWwO3+NmRA586LzkVm9WG
1QdzTF4TkgjWrkUqcTwYK3WNckSjlc/PDZ2GIqm6R9la5mc4uoMnC+76p+qBARTs
wJ+iBKw6mD49n4sovrSQfP6P9CRkfz+xqkNrREmapGjqWL7Y+GWJ4PoCPDNlSwiz
+wZPWHLhU4/mz7I7teb/tmX4HFCxR7xRbKMO97eYnaS0
-----END CERTIFICATE-----
Generated at Tue May 7 15:41:46 2024 by rpki-client on console-fra.rpki-client.org