Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/_QYycUlFukg85tfwDYqJ0EvSum8.roa
File: _QYycUlFukg85tfwDYqJ0EvSum8.roa (raw, json)
Hash identifier: 3jdALHgUQimr8TH11+ayjLtfRVHX5FFkIsH93xOgw4g=
Subject key identifier: FD:06:32:71:49:45:BA:48:3C:E6:D7:F0:0D:8A:89:D0:4B:D2:BA:6F
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 0193251FA1016F8CE9F8FBD332700F8E1DC9
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/_QYycUlFukg85tfwDYqJ0EvSum8.roa
Signing time: Wed 13 Nov 2024 10:44:09 +0000
ROA not before: Wed 13 Nov 2024 10:44:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:3900::/32 maxlen: 32
2a09:3904::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:1f:a1:01:6f:8c:e9:f8:fb:d3:32:70:0f:8e:1d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Nov 13 10:44:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd0632714945ba483ce6d7f00d8a89d04bd2ba6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:04:75:ca:5f:e1:6b:85:14:96:df:42:30:ff:
ca:0b:47:a9:95:ce:87:e7:37:a4:99:1d:e4:e2:46:
a5:24:4f:ad:93:1b:83:15:0f:e8:b7:bb:0e:fb:fa:
89:85:b9:9e:15:85:3e:31:c4:bb:98:7b:eb:64:2f:
25:98:a6:dc:3f:46:c0:98:c6:46:8a:da:79:49:6c:
71:dc:19:72:d0:92:0c:77:27:f9:8a:a1:02:bd:5f:
ef:52:2c:6b:5b:1a:5a:7f:8a:ee:c8:7a:a3:3c:e5:
bd:eb:f4:35:e1:f4:0d:9f:db:e8:ff:0c:1f:30:ea:
8a:83:b4:2b:43:2f:89:3e:e5:bc:5b:84:27:f9:bb:
a7:d5:b2:c2:9d:8e:1c:c1:1e:ee:4e:ca:54:50:c0:
ce:a6:ef:f7:7e:3e:2c:e0:af:9a:4d:3c:14:61:d1:
b9:c8:24:50:0b:d4:7d:78:f3:e4:a8:83:85:55:78:
55:0f:9a:19:86:53:99:7f:1e:5a:5b:bb:22:b0:78:
70:15:50:20:60:bf:22:a9:15:c4:95:c7:b7:06:e6:
3a:2e:01:47:73:52:43:79:84:0d:67:31:45:70:d3:
5c:af:90:24:ab:df:89:de:cf:9c:0e:f2:08:ad:75:
77:a6:d0:b8:24:92:8c:58:6d:8b:15:22:e3:b8:d4:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:06:32:71:49:45:BA:48:3C:E6:D7:F0:0D:8A:89:D0:4B:D2:BA:6F
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/_QYycUlFukg85tfwDYqJ0EvSum8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3900::/32
2a09:3904::/32
Signature Algorithm: sha256WithRSAEncryption
b8:9e:b8:f7:b6:0f:41:2f:47:cc:de:7f:86:de:11:47:5d:f5:
b0:81:44:41:4e:5d:39:1b:4b:73:f9:65:a1:c0:0f:f2:07:aa:
ab:24:84:2d:ea:56:54:05:5e:e4:6f:a1:8b:1f:06:65:66:d8:
96:a2:ab:09:94:20:71:ee:03:b8:b2:2a:ed:6f:b5:18:2d:c5:
1a:77:eb:a8:a6:9e:12:ac:fa:0c:76:48:60:0f:e0:a5:0d:c6:
7e:42:d8:a8:97:71:aa:74:f0:48:b1:86:9b:b3:37:3e:b5:ae:
85:7e:25:1f:a2:1a:1c:d6:49:8d:ae:42:fe:ca:79:3a:bd:4f:
4c:cb:3e:89:1e:80:f5:8b:c9:c5:53:e6:83:ff:e8:73:cd:a8:
ae:3b:79:33:2a:c4:24:a2:9a:f6:47:69:88:61:12:d6:8f:e2:
05:7b:f2:b6:05:17:8e:0e:3c:de:69:a0:8c:aa:02:ba:a3:0e:
b5:ab:4f:94:13:82:45:ae:eb:cb:06:3a:ad:22:d7:c0:9b:af:
ff:2e:52:57:76:40:e0:8d:e3:dd:98:b4:97:47:6f:f0:8c:21:
3d:34:47:bf:83:90:5c:3f:db:c7:ed:59:65:f7:36:06:fe:8e:
46:59:fd:cc:c6:b9:93:dd:b0:fd:ff:d8:e2:a7:37:cb:d4:2d:
c7:d9:53:71
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZMlH6EBb4zp+PvTMnAPjh3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQxMTEzMTA0NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA2MzI3MTQ5NDViYTQ4M2NlNmQ3ZjAwZDhhODlkMDRiZDJiYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAR1yl/ha4UUlt9CMP/KC0eplc6H
5zekmR3k4kalJE+tkxuDFQ/ot7sO+/qJhbmeFYU+McS7mHvrZC8lmKbcP0bAmMZG
itp5SWxx3Bly0JIMdyf5iqECvV/vUixrWxpaf4ruyHqjPOW96/Q14fQNn9vo/wwf
MOqKg7QrQy+JPuW8W4Qn+bun1bLCnY4cwR7uTspUUMDOpu/3fj4s4K+aTTwUYdG5
yCRQC9R9ePPkqIOFVXhVD5oZhlOZfx5aW7sisHhwFVAgYL8iqRXElce3BuY6LgFH
c1JDeYQNZzFFcNNcr5Akq9+J3s+cDvIIrXV3ptC4JJKMWG2LFSLjuNT+LwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP0GMnFJRbpIPObX8A2KidBL0rpvMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvX1FZeWNVbEZ1a2c4NXRmd0RZcUowRXZTdW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgk5AAMF
ACoJOQQwDQYJKoZIhvcNAQELBQADggEBALieuPe2D0EvR8zef4beEUdd9bCBREFO
XTkbS3P5ZaHAD/IHqqskhC3qVlQFXuRvoYsfBmVm2JaiqwmUIHHuA7iyKu1vtRgt
xRp366imnhKs+gx2SGAP4KUNxn5C2KiXcap08EixhpuzNz61roV+JR+iGhzWSY2u
Qv7KeTq9T0zLPokegPWLycVT5oP/6HPNqK47eTMqxCSimvZHaYhhEtaP4gV78rYF
F44OPN5poIyqArqjDrWrT5QTgkWu68sGOq0i18Cbr/8uUld2QOCN492YtJdHb/CM
IT00R7+DkFw/28ftWWX3Ngb+jkZZ/czGuZPdsP3/2OKnN8vULcfZU3E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:05 2024 by rpki-client on console-ams.rpki-client.org