Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ianuK-n_UCxaq7oJwZ7lOF-WUTo.roa
File: ianuK-n_UCxaq7oJwZ7lOF-WUTo.roa (raw, json)
Hash identifier: 68oAyVehc+lOmP8S0Z4GeFSoSwHgSZtDnyAOyewOz3c=
Subject key identifier: 89:A9:EE:2B:E9:FF:50:2C:5A:AB:BA:09:C1:9E:E5:38:5F:96:51:3A
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 018CCA296404E9B2435F854C1E5ABDCCB686
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ianuK-n_UCxaq7oJwZ7lOF-WUTo.roa
Signing time: Tue 02 Jan 2024 12:32:39 +0000
ROA not before: Tue 02 Jan 2024 12:32:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211168
IP address blocks: 2a0e:8f02:2170::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 13:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:64:04:e9:b2:43:5f:85:4c:1e:5a:bd:cc:b6:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 2 12:32:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a9ee2be9ff502c5aabba09c19ee5385f96513a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:56:31:a7:c4:fd:48:48:4e:73:78:91:2c:22:
07:22:cb:61:12:0f:a5:a3:04:b3:47:2c:06:97:0a:
1c:cf:4c:0c:a5:a6:ad:d8:64:82:75:6c:ae:8f:b1:
6f:e7:56:5e:5f:f9:3c:f7:c8:99:24:79:93:59:e4:
61:71:f1:1a:7a:50:fd:3b:91:9c:e2:91:21:e9:f4:
bd:9f:ce:c4:8b:e8:1f:53:6a:d3:72:51:1d:04:ce:
9a:df:63:ec:f2:f5:16:aa:d6:dc:d2:73:5a:61:d6:
f8:01:4b:e9:42:62:a0:03:02:fb:e3:8c:e0:72:2a:
7d:6f:c4:72:09:62:63:3b:a0:0a:c2:30:17:4a:1a:
b9:c0:6b:d4:ff:2a:e9:4e:e0:0d:80:ff:c5:56:16:
ab:a8:8c:9d:a7:cb:ad:2c:62:83:b3:c7:23:da:b5:
5f:ce:06:b5:7b:09:c0:a3:5c:ef:44:5d:0b:3e:a6:
4f:eb:e3:3f:0a:f1:b0:00:ae:a2:3e:5a:cd:24:c5:
62:f0:38:bd:e1:dc:a3:56:8c:50:56:5f:24:bf:c7:
9a:1a:5d:3b:f3:92:f1:7e:8a:08:84:ae:d5:70:08:
c6:88:be:68:67:23:de:f0:0b:0e:fe:32:1d:ef:16:
c3:13:af:e1:7d:01:d0:5f:fd:13:da:e0:e0:38:f5:
34:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A9:EE:2B:E9:FF:50:2C:5A:AB:BA:09:C1:9E:E5:38:5F:96:51:3A
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ianuK-n_UCxaq7oJwZ7lOF-WUTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2170::/44
Signature Algorithm: sha256WithRSAEncryption
a9:c2:44:a8:73:46:51:37:c7:ce:b5:c4:c3:c0:9e:ec:1c:e3:
e4:33:4a:97:e2:0d:11:af:e5:17:a4:85:07:a0:cc:d6:26:e2:
96:7e:18:a7:5e:96:92:2a:fc:b8:0a:97:f6:9c:0e:04:1a:37:
a8:bd:02:f5:b2:25:f4:66:d3:07:c5:50:40:bc:b2:1c:85:12:
94:4f:6b:1b:bf:37:01:22:92:bb:ec:1b:4c:89:28:49:41:0c:
e2:43:68:7a:78:11:fd:40:c3:00:d2:85:f1:9f:02:1b:9b:02:
84:e7:71:95:01:48:35:02:ed:94:cf:21:99:00:0a:70:1c:a6:
0a:8f:99:06:44:bc:96:a9:a0:d9:9f:1e:1a:24:c7:00:bc:34:
da:cf:f1:8e:fd:2d:b0:1f:b7:5f:1c:dd:cf:bc:c3:7c:05:0d:
71:82:09:dd:1b:6b:56:3c:ef:06:1f:ef:83:b7:d4:e8:cd:fb:
e0:c9:a4:82:de:51:2a:53:da:e6:3f:30:ac:cf:cc:48:75:71:
a6:15:b4:98:c1:c2:a9:7d:75:6b:82:b0:12:d5:c7:86:0c:09:
2d:d8:f3:91:f3:0f:0b:fa:ee:ab:b7:70:56:08:9a:91:b8:67:
41:fd:2b:79:de:c2:04:1c:8b:8d:be:f3:dc:b2:18:1e:1a:b5:
f8:48:c5:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKWQE6bJDX4VMHlq9zLaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjQwMTAyMTIzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE5ZWUyYmU5ZmY1MDJjNWFhYmJhMDljMTllZTUzODVmOTY1MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1Yxp8T9SEhOc3iRLCIHIsthEg+l
owSzRywGlwocz0wMpaat2GSCdWyuj7Fv51ZeX/k898iZJHmTWeRhcfEaelD9O5Gc
4pEh6fS9n87Ei+gfU2rTclEdBM6a32Ps8vUWqtbc0nNaYdb4AUvpQmKgAwL744zg
cip9b8RyCWJjO6AKwjAXShq5wGvU/yrpTuANgP/FVharqIydp8utLGKDs8cj2rVf
zga1ewnAo1zvRF0LPqZP6+M/CvGwAK6iPlrNJMVi8Di94dyjVoxQVl8kv8eaGl07
85LxfooIhK7VcAjGiL5oZyPe8AsO/jId7xbDE6/hfQHQX/0T2uDgOPU01wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFImp7ivp/1AsWqu6CcGe5ThfllE6MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvaWFudUstbl9VQ3hhcTdvSndaN2xPRi1XVVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiFw
MA0GCSqGSIb3DQEBCwUAA4IBAQCpwkSoc0ZRN8fOtcTDwJ7sHOPkM0qX4g0Rr+UX
pIUHoMzWJuKWfhinXpaSKvy4Cpf2nA4EGjeovQL1siX0ZtMHxVBAvLIchRKUT2sb
vzcBIpK77BtMiShJQQziQ2h6eBH9QMMA0oXxnwIbmwKE53GVAUg1Au2UzyGZAApw
HKYKj5kGRLyWqaDZnx4aJMcAvDTaz/GO/S2wH7dfHN3PvMN8BQ1xggndG2tWPO8G
H++Dt9TozfvgyaSC3lEqU9rmPzCsz8xIdXGmFbSYwcKpfXVrgrAS1ceGDAkt2POR
8w8L+u6rt3BWCJqRuGdB/St53sIEHIuNvvPcshgeGrX4SMUh
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:20:43 2024 by rpki-client on console-fra.rpki-client.org