Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dWXL5qMDBSlj3KNzB6nt451lzjU.roa
File: dWXL5qMDBSlj3KNzB6nt451lzjU.roa (raw, json)
Hash identifier: OV2DMHNVryivdVJCKLicNKaF9v3ru5rglSriU1jKxX4=
Subject key identifier: 75:65:CB:E6:A3:03:05:29:63:DC:A3:73:07:A9:ED:E3:9D:65:CE:35
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 01904A5924B758E4351B5D1D3EDECC90F8FE
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dWXL5qMDBSlj3KNzB6nt451lzjU.roa
Signing time: Mon 24 Jun 2024 13:04:34 +0000
ROA not before: Mon 24 Jun 2024 13:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a04:fa00::/29 maxlen: 29
2a11:1480::/29 maxlen: 29
2a11:1540::/29 maxlen: 29
2a11:3440::/29 maxlen: 29
2a11:45c0::/29 maxlen: 29
2a11:4a80::/29 maxlen: 29
2a12:1c40::/29 maxlen: 29
2a12:2ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:59:24:b7:58:e4:35:1b:5d:1d:3e:de:cc:90:f8:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Jun 24 13:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7565cbe6a303052963dca37307a9ede39d65ce35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bf:e6:12:96:75:9e:02:33:ec:4e:5b:0d:9c:
b4:fb:69:41:cd:f7:dd:57:d0:35:ae:e8:fc:61:7f:
85:93:f4:55:0e:65:e5:7d:0d:05:6a:3f:30:28:36:
67:d2:c0:1d:02:3d:18:7d:ff:49:f7:b8:f6:0a:c7:
67:7a:40:84:c1:c0:46:e0:c1:d2:07:39:80:b8:9c:
5c:fb:21:0e:23:d8:f4:b2:17:a2:29:c2:5e:47:6d:
d8:2f:02:ff:37:e6:bc:a3:71:f5:ac:fd:ea:2a:69:
c4:be:df:c0:08:de:1f:b8:81:d4:30:16:ea:68:d5:
00:8a:4e:9a:de:6d:e6:90:8a:26:39:fa:bb:6a:e3:
eb:a9:30:14:64:0b:82:fc:69:eb:c0:fc:f8:dc:02:
03:99:e9:d9:1c:0d:39:56:75:e1:2e:c1:dd:4e:ab:
3d:06:52:83:07:17:1c:40:ce:0c:1f:48:d1:ed:eb:
43:e3:d5:0a:dc:aa:3b:77:e4:ce:6b:2c:cd:b9:79:
d6:b7:1e:43:d0:7a:67:19:6a:9c:3d:f1:57:c5:78:
f5:38:63:76:81:de:8e:2f:70:3e:77:0d:ea:a8:cb:
b9:61:0e:79:19:49:c5:83:a1:36:d2:89:ba:2e:1a:
5d:b9:08:fa:61:bf:c2:dc:a3:d0:13:bd:ad:34:5f:
64:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:65:CB:E6:A3:03:05:29:63:DC:A3:73:07:A9:ED:E3:9D:65:CE:35
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dWXL5qMDBSlj3KNzB6nt451lzjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:fa00::/29
2a11:1480::/29
2a11:1540::/29
2a11:3440::/29
2a11:45c0::/29
2a11:4a80::/29
2a12:1c40::/29
2a12:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
16:d0:5d:74:ea:c5:83:b4:b8:bb:5b:15:8a:48:1d:dd:cf:6f:
14:dd:0b:99:a4:11:e8:fa:45:e8:89:95:2b:ef:3e:a7:39:09:
f0:e9:37:50:35:81:44:aa:f7:0e:83:50:92:5f:a9:c7:a9:c4:
78:8b:63:28:4f:0e:f2:93:d2:9d:07:31:e7:3c:4e:2a:e1:ac:
89:0a:31:d8:a1:a8:8d:3b:e8:6b:88:83:9a:c5:19:a1:a2:ca:
32:41:a6:cc:b2:f1:68:e0:3c:ed:c1:74:ae:2f:72:8f:ff:23:
33:cf:18:10:c4:52:2a:28:8b:c1:9c:00:cf:7e:28:72:2a:93:
80:12:79:7f:1f:b9:f3:3b:8d:27:14:da:cb:eb:3e:38:e9:c8:
21:f1:6c:2d:fd:e6:2f:fb:6d:c2:15:76:32:51:e3:27:af:17:
de:df:ab:2d:89:81:94:ec:76:d7:a8:9a:f3:ee:34:04:44:cb:
52:f6:c8:a4:9f:0b:6b:43:3c:b1:44:4c:25:1d:cb:79:bd:32:
8d:60:f0:df:db:c6:0f:26:a8:00:ba:93:23:8d:39:73:9e:e6:
54:6f:a0:98:eb:52:ce:5c:c6:67:ce:e2:4c:e6:d5:00:e3:a0:
c8:96:67:c5:d4:56:10:01:0c:5e:59:03:ed:25:02:61:b9:44:
6d:aa:58:fd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZBKWSS3WOQ1G10dPt7MkPj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjQwNjI0MTMwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTY1Y2JlNmEzMDMwNTI5NjNkY2EzNzMwN2E5ZWRlMzlkNjVjZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb/mEpZ1ngIz7E5bDZy0+2lBzffd
V9A1ruj8YX+Fk/RVDmXlfQ0Faj8wKDZn0sAdAj0Yff9J97j2CsdnekCEwcBG4MHS
BzmAuJxc+yEOI9j0sheiKcJeR23YLwL/N+a8o3H1rP3qKmnEvt/ACN4fuIHUMBbq
aNUAik6a3m3mkIomOfq7auPrqTAUZAuC/GnrwPz43AIDmenZHA05VnXhLsHdTqs9
BlKDBxccQM4MH0jR7etD49UK3Ko7d+TOayzNuXnWtx5D0HpnGWqcPfFXxXj1OGN2
gd6OL3A+dw3qqMu5YQ55GUnFg6E20om6LhpduQj6Yb/C3KPQE72tNF9kRQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHVly+ajAwUpY9yjcwep7eOdZc41MB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvZFdYTDVxTURCU2xqM0tOekI2bnQ0NTFsempVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgT6AAMF
AyoRFIADBQMqERVAAwUDKhE0QAMFAyoRRcADBQMqEUqAAwUDKhIcQAMFAyoSLsAw
DQYJKoZIhvcNAQELBQADggEBABbQXXTqxYO0uLtbFYpIHd3PbxTdC5mkEej6ReiJ
lSvvPqc5CfDpN1A1gUSq9w6DUJJfqcepxHiLYyhPDvKT0p0HMec8TirhrIkKMdih
qI076GuIg5rFGaGiyjJBpsyy8WjgPO3BdK4vco//IzPPGBDEUiooi8GcAM9+KHIq
k4ASeX8fufM7jScU2svrPjjpyCHxbC395i/7bcIVdjJR4yevF97fqy2JgZTsdteo
mvPuNAREy1L2yKSfC2tDPLFETCUdy3m9Mo1g8N/bxg8mqAC6kyONOXOe5lRvoJjr
Us5cxmfO4kzm1QDjoMiWZ8XUVhABDF5ZA+0lAmG5RG2qWP0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:12 2024 by rpki-client on console-ams.rpki-client.org