Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/4s7BTSW0AudaH1ml8sYqKziR194.roa
File: 4s7BTSW0AudaH1ml8sYqKziR194.roa (raw, json)
Hash identifier: mqmjeA8s+n+v+gEdWzfW8uF2f+ERtw91nI7Dh/2AWBA=
Subject key identifier: E2:CE:C1:4D:25:B4:02:E7:5A:1F:59:A5:F2:C6:2A:2B:38:91:D7:DE
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 018CC8DF8333148F0A531816DE079D10AAB5
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/4s7BTSW0AudaH1ml8sYqKziR194.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211972
IP address blocks: 2a10:9902:731::/48 maxlen: 48
2a10:9902:730::/48 maxlen: 48
2a10:9902:733::/48 maxlen: 48
2a10:9902:732::/48 maxlen: 48
2a10:9902:73f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:83:33:14:8f:0a:53:18:16:de:07:9d:10:aa:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2cec14d25b402e75a1f59a5f2c62a2b3891d7de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:11:8a:cf:a8:c0:b3:30:18:4c:9a:f1:76:5d:
27:6c:92:1a:20:f6:9b:1a:85:58:8f:d3:5d:7e:53:
b5:97:b0:c6:b0:33:3d:29:93:81:49:cf:f5:7f:51:
c8:4b:9f:bc:8d:aa:5d:26:ac:6e:f4:fa:c4:10:92:
14:b0:ef:44:7e:d9:8d:76:28:b9:1a:6c:8e:1d:9f:
13:28:87:45:54:3c:3e:55:eb:c4:47:96:60:30:3b:
55:25:45:9d:ca:da:53:5f:5c:e7:fb:9c:34:ca:0f:
62:50:65:72:06:52:00:05:96:6e:49:24:ef:6f:ff:
1b:70:c1:54:2e:a5:e2:fa:3f:a9:9d:fb:d7:4c:78:
9f:44:ea:40:ee:5a:c8:8d:77:37:55:44:54:0d:7e:
67:e7:ab:13:38:d3:53:20:b9:09:57:1f:25:61:e6:
53:4e:47:bf:c6:70:fb:3d:34:a5:56:36:05:cc:fd:
ca:ae:86:f9:9d:32:3f:fd:cf:1c:55:5d:16:ec:d3:
c4:ef:85:20:e6:df:ff:70:eb:3f:83:78:6f:f1:22:
2d:24:5a:40:49:83:69:b7:48:19:23:35:24:8a:e9:
c7:14:b7:cd:92:6f:15:6c:c2:e6:b5:36:af:e6:bb:
90:3a:b0:51:fc:1f:07:54:c3:ef:f8:a6:ef:bc:c1:
6b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CE:C1:4D:25:B4:02:E7:5A:1F:59:A5:F2:C6:2A:2B:38:91:D7:DE
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/4s7BTSW0AudaH1ml8sYqKziR194.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9902:730::/46
2a10:9902:73f::/48
Signature Algorithm: sha256WithRSAEncryption
7a:cd:90:33:4b:35:c1:7b:19:ba:7c:3e:cf:19:be:1a:08:36:
e9:e7:a8:5b:d7:1c:9f:1d:93:49:33:b5:3b:13:c0:e1:9d:51:
58:25:86:ad:ac:b7:95:9d:5c:27:b8:df:af:70:90:48:16:80:
03:c2:16:49:d9:4e:6a:e1:3d:b9:78:11:6a:6b:b8:e5:c1:69:
0a:be:45:93:d6:19:af:07:5a:fd:34:58:16:35:62:30:27:ee:
c3:2e:36:ac:af:3a:d4:2c:30:54:e4:1b:42:c2:42:fd:27:a1:
00:6b:f9:8c:4e:50:51:51:ea:5d:a7:bd:ba:d2:7f:c0:29:85:
5c:d4:5b:18:fb:2d:37:0e:bf:80:f1:be:9e:5f:f3:1f:04:d1:
5f:c3:9a:d0:be:cb:a2:47:66:8c:ce:ad:6b:78:b7:f9:e6:e8:
4a:9f:12:d3:76:86:28:16:58:26:d2:10:32:51:af:5d:3c:18:
09:57:7b:70:4f:40:8e:fc:7e:f1:28:36:3c:82:87:ae:49:37:
ed:4b:cb:6f:bd:82:ba:e7:78:f8:fe:72:c1:b4:e7:2e:2d:0f:
76:ec:ec:67:83:b7:8a:5b:28:e9:cf:69:96:97:8e:c5:c4:20:
28:cd:a9:ad:f2:a7:99:a4:a4:7b:36:90:58:28:bc:58:61:81:
be:40:68:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI34MzFI8KUxgW3gedEKq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmNlYzE0ZDI1YjQwMmU3NWExZjU5YTVmMmM2MmEyYjM4OTFkN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xGKz6jAszAYTJrxdl0nbJIaIPab
GoVYj9NdflO1l7DGsDM9KZOBSc/1f1HIS5+8japdJqxu9PrEEJIUsO9EftmNdii5
GmyOHZ8TKIdFVDw+VevER5ZgMDtVJUWdytpTX1zn+5w0yg9iUGVyBlIABZZuSSTv
b/8bcMFULqXi+j+pnfvXTHifROpA7lrIjXc3VURUDX5n56sTONNTILkJVx8lYeZT
Tke/xnD7PTSlVjYFzP3Krob5nTI//c8cVV0W7NPE74Ug5t//cOs/g3hv8SItJFpA
SYNpt0gZIzUkiunHFLfNkm8VbMLmtTav5ruQOrBR/B8HVMPv+KbvvMFrTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOLOwU0ltALnWh9ZpfLGKis4kdfeMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvNHM3QlRTVzBBdWRhSDFtbDhzWXFLemlSMTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKhCZAgcw
AwcAKhCZAgc/MA0GCSqGSIb3DQEBCwUAA4IBAQB6zZAzSzXBexm6fD7PGb4aCDbp
56hb1xyfHZNJM7U7E8DhnVFYJYatrLeVnVwnuN+vcJBIFoADwhZJ2U5q4T25eBFq
a7jlwWkKvkWT1hmvB1r9NFgWNWIwJ+7DLjasrzrULDBU5BtCwkL9J6EAa/mMTlBR
Uepdp7260n/AKYVc1FsY+y03Dr+A8b6eX/MfBNFfw5rQvsuiR2aMzq1reLf55uhK
nxLTdoYoFlgm0hAyUa9dPBgJV3twT0CO/H7xKDY8goeuSTftS8tvvYK653j4/nLB
tOcuLQ927Oxng7eKWyjpz2mWl47FxCAozamt8qeZpKR7NpBYKLxYYYG+QGj6
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:45:51 2024 by rpki-client on console-fra.rpki-client.org