Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/TR7Lfe9EIldCywvzm10EkRJwmBg.roa
File: TR7Lfe9EIldCywvzm10EkRJwmBg.roa (raw, json)
Hash identifier: vx+d21f2ENm4TogU8IhlCECITu67YSg5fHdHLXGFAo4=
Subject key identifier: 4D:1E:CB:7D:EF:44:22:57:42:CB:0B:F3:9B:5D:04:91:12:70:98:18
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018CCA99F7B69CFC2119BBB1F064C4294700
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/TR7Lfe9EIldCywvzm10EkRJwmBg.roa
Signing time: Tue 02 Jan 2024 14:35:37 +0000
ROA not before: Tue 02 Jan 2024 14:35:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21334
IP address blocks: 2a01:870::/32 maxlen: 32
2a01:8f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:f7:b6:9c:fc:21:19:bb:b1:f0:64:c4:29:47:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jan 2 14:35:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d1ecb7def44225742cb0bf39b5d049112709818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:95:f1:2f:f5:3f:47:73:e4:9b:19:2a:dd:90:
c1:a9:d7:66:fb:ec:ee:63:45:02:9b:75:08:c3:6e:
c5:c3:f1:6f:44:8e:9a:b4:d9:21:71:a3:5f:e0:61:
01:13:90:5a:b9:11:10:4d:4f:8a:6c:64:e2:0e:e2:
c1:d5:8d:ae:b3:16:f8:15:d2:e8:ce:36:36:8e:c8:
36:bf:76:56:62:38:c3:50:87:60:63:e8:58:3c:cc:
90:11:a8:ae:4b:c3:22:ea:cb:f2:1e:aa:e0:6c:88:
fc:57:7b:64:9c:0b:92:11:59:15:38:e2:2b:02:95:
c3:82:c5:46:fe:ff:9e:84:6f:cc:d0:59:ac:9d:0d:
6b:69:1d:49:58:b7:d2:fe:13:63:00:69:01:4c:86:
f7:bb:e3:a7:0c:50:99:60:35:ff:75:57:f6:3e:50:
1f:dd:c1:65:6b:f7:bc:3d:df:67:33:58:ef:59:ed:
ed:d0:6f:e8:87:bd:b5:1b:b0:f2:27:21:e1:bc:b4:
39:f8:22:ed:03:d8:a2:7a:d5:00:91:a1:f1:a3:09:
d6:2a:43:4f:fc:61:0c:36:59:fd:c3:25:fd:f7:5c:
b7:92:73:7f:62:10:f1:9b:87:3d:de:ef:20:cf:03:
60:60:87:3e:5b:e5:6c:92:b8:58:1f:49:a0:61:32:
8a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1E:CB:7D:EF:44:22:57:42:CB:0B:F3:9B:5D:04:91:12:70:98:18
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/TR7Lfe9EIldCywvzm10EkRJwmBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:870::/32
2a01:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
7d:b3:9b:2b:b5:29:1d:05:3b:42:68:33:71:b3:62:e6:43:5c:
14:d9:47:c4:3d:d7:72:6e:40:2a:31:8d:f0:4b:c1:68:2b:13:
e8:5a:c2:2b:5b:a2:45:ae:df:ea:7e:18:9b:e0:a7:77:66:02:
14:66:ab:c6:3f:d3:78:52:e2:a1:88:c8:80:b3:ea:fb:48:d5:
cf:64:d1:39:2b:2d:20:5e:df:7e:97:c1:f0:9f:b3:09:b7:aa:
59:eb:96:56:92:37:b1:6e:6f:3c:78:83:38:98:81:1e:f4:ab:
6b:38:4a:55:20:12:12:da:3c:99:9f:aa:3c:68:ed:2b:30:0e:
88:14:c2:66:89:9b:ea:5d:5a:59:b3:5a:a2:94:4a:bc:98:57:
28:bb:eb:d3:d2:1f:2f:34:b0:fe:5a:6e:2d:f6:47:45:ae:ae:
80:89:d1:fa:c4:89:84:d0:c3:f2:d4:90:81:44:ba:2a:a3:bf:
34:d6:a3:c0:a8:85:42:f5:3a:da:7a:ae:0e:10:46:64:e3:a1:
ca:88:0a:24:c8:61:35:80:17:b1:75:76:c8:ce:48:8f:96:5d:
e0:d4:c8:2e:8b:07:03:bb:df:f5:95:4a:06:31:6e:68:96:2d:
3f:85:8d:60:92:0d:30:f4:cc:df:8c:02:29:dc:4d:7a:49:47:
4e:7c:a6:12
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKmfe2nPwhGbux8GTEKUcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjQwMTAyMTQzNTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFlY2I3ZGVmNDQyMjU3NDJjYjBiZjM5YjVkMDQ5MTEyNzA5ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpXxL/U/R3Pkmxkq3ZDBqddm++zu
Y0UCm3UIw27Fw/FvRI6atNkhcaNf4GEBE5BauREQTU+KbGTiDuLB1Y2usxb4FdLo
zjY2jsg2v3ZWYjjDUIdgY+hYPMyQEaiuS8Mi6svyHqrgbIj8V3tknAuSEVkVOOIr
ApXDgsVG/v+ehG/M0FmsnQ1raR1JWLfS/hNjAGkBTIb3u+OnDFCZYDX/dVf2PlAf
3cFla/e8Pd9nM1jvWe3t0G/oh721G7DyJyHhvLQ5+CLtA9iietUAkaHxownWKkNP
/GEMNln9wyX991y3knN/YhDxm4c93u8gzwNgYIc+W+VskrhYH0mgYTKKTwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE0ey33vRCJXQssL85tdBJEScJgYMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvVFI3TGZlOUVJbGRDeXd2em0xMEVrUkp3bUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgEIcAMF
ACoBCPgwDQYJKoZIhvcNAQELBQADggEBAH2zmyu1KR0FO0JoM3GzYuZDXBTZR8Q9
13JuQCoxjfBLwWgrE+hawitbokWu3+p+GJvgp3dmAhRmq8Y/03hS4qGIyICz6vtI
1c9k0TkrLSBe336XwfCfswm3qlnrllaSN7Fubzx4gziYgR70q2s4SlUgEhLaPJmf
qjxo7SswDogUwmaJm+pdWlmzWqKUSryYVyi769PSHy80sP5abi32R0WuroCJ0frE
iYTQw/LUkIFEuiqjvzTWo8CohUL1Otp6rg4QRmTjocqICiTIYTWAF7F1dsjOSI+W
XeDUyC6LBwO73/WVSgYxbmiWLT+FjWCSDTD0zN+MAincTXpJR058phI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:10:53 2024 by rpki-client on console-fra.rpki-client.org