Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/3UTwmUH3MH-KRGAAjePyuUQVE7Q.roa
File: 3UTwmUH3MH-KRGAAjePyuUQVE7Q.roa (raw, json)
Hash identifier: r09LkNTFQEdJdPA0LTC7xYQzRmrxFRnbIX1BshrkAG4=
Subject key identifier: DD:44:F0:99:41:F7:30:7F:8A:44:60:00:8D:E3:F2:B9:44:15:13:B4
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0191E5CE9D6C2318062D8531EFEE4E67D5A0
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/3UTwmUH3MH-KRGAAjePyuUQVE7Q.roa
Signing time: Thu 12 Sep 2024 10:36:48 +0000
ROA not before: Thu 12 Sep 2024 10:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 2a0e:d785::/32 maxlen: 32
2a0e:d786::/32 maxlen: 32
2a11:f881::/32 maxlen: 48
2a11:f882::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:ce:9d:6c:23:18:06:2d:85:31:ef:ee:4e:67:d5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Sep 12 10:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd44f09941f7307f8a4460008de3f2b9441513b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:40:77:17:9f:2f:67:90:38:25:5e:59:76:9f:
7b:26:2c:9f:1d:54:7e:31:9d:bf:17:1b:f6:0f:39:
6d:71:b1:cf:67:91:f8:3b:7d:c3:5a:8b:44:31:e9:
94:3e:aa:36:b0:cf:b6:82:99:0a:6d:e9:3c:96:e3:
2d:1b:d7:cf:e1:00:d5:ff:c1:1a:ab:98:af:13:62:
37:90:c3:01:28:93:de:71:07:c6:72:24:18:1f:88:
d7:97:d6:ae:ac:d0:d1:b0:ab:9f:66:b0:c9:76:bd:
d2:e4:e3:d4:0e:98:1c:29:dd:72:a3:40:2c:53:65:
53:cc:d9:21:19:65:5a:6e:66:77:45:18:29:a6:d1:
1f:fc:1e:82:91:db:de:58:8a:d9:66:2b:3e:21:00:
b1:5c:4b:92:b3:b0:3d:47:ea:f0:46:02:54:bd:de:
d5:32:3b:3f:36:f7:07:30:2e:08:5d:dc:7a:54:eb:
dc:6a:f2:4e:a4:17:ac:cc:16:f3:5f:e8:da:54:60:
ed:9b:71:29:5c:c0:6c:35:46:12:ca:86:aa:45:c9:
e1:0a:67:04:c5:cc:1a:11:94:0f:01:54:f9:b0:04:
da:0e:16:a5:61:bc:ea:e0:97:72:f9:08:d0:55:ee:
e7:de:2e:be:ef:26:a6:c3:5b:92:1a:c2:1a:1d:53:
e8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:44:F0:99:41:F7:30:7F:8A:44:60:00:8D:E3:F2:B9:44:15:13:B4
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/3UTwmUH3MH-KRGAAjePyuUQVE7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d785::-2a0e:d786:ffff:ffff:ffff:ffff:ffff:ffff
2a11:f881::-2a11:f882:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:5f:f1:70:cf:c6:47:b3:f3:68:67:68:b8:68:73:31:7d:19:
4c:49:24:c5:30:25:1b:8b:d0:d5:ed:9a:e7:46:36:03:ba:fb:
89:76:cc:44:33:71:5e:03:14:c8:90:38:66:07:4f:ad:88:10:
ac:22:54:db:8e:55:fd:a4:91:c7:e4:95:54:14:e4:1e:94:de:
11:2b:e8:34:42:19:8f:b7:66:59:17:87:91:ac:ea:c6:56:99:
5d:0e:5b:da:fe:91:79:7c:94:ce:68:7a:bb:2c:8b:17:eb:f2:
3a:da:5e:a1:0e:94:82:32:db:17:85:1c:88:33:50:e7:e2:90:
d0:b9:9a:0d:c8:23:94:b5:c2:63:50:88:13:b7:10:fc:b0:d6:
23:07:46:09:46:1f:98:4c:47:58:57:96:97:54:8d:9b:a5:e3:
ad:37:35:c2:8c:e1:22:b4:36:3e:b0:c4:a9:88:39:c5:bb:ae:
cb:f0:ed:80:b2:d7:4e:9c:c8:93:d8:93:56:0b:be:e3:79:1b:
37:04:88:1c:1e:b5:52:38:5b:74:cd:dc:64:aa:55:3e:38:74:
a3:41:10:bf:10:f1:71:7f:47:71:2d:9f:e9:f0:a5:ea:47:91:
7f:2f:ae:d3:c7:23:d6:a6:48:9c:42:71:15:01:cc:49:78:17:
32:c7:ff:d9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZHlzp1sIxgGLYUx7+5OZ9WgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwOTEyMTAzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ0ZjA5OTQxZjczMDdmOGE0NDYwMDA4ZGUzZjJiOTQ0MTUxM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskB3F58vZ5A4JV5Zdp97JiyfHVR+
MZ2/Fxv2DzltcbHPZ5H4O33DWotEMemUPqo2sM+2gpkKbek8luMtG9fP4QDV/8Ea
q5ivE2I3kMMBKJPecQfGciQYH4jXl9aurNDRsKufZrDJdr3S5OPUDpgcKd1yo0As
U2VTzNkhGWVabmZ3RRgpptEf/B6CkdveWIrZZis+IQCxXEuSs7A9R+rwRgJUvd7V
Mjs/NvcHMC4IXdx6VOvcavJOpBeszBbzX+jaVGDtm3EpXMBsNUYSyoaqRcnhCmcE
xcwaEZQPAVT5sATaDhalYbzq4Jdy+QjQVe7n3i6+7yamw1uSGsIaHVPoUwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN1E8JlB9zB/ikRgAI3j8rlEFRO0MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvM1VUd21VSDNNSC1LUkdBQWplUHl1VVFWRTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgMA4DBQAqDteF
AwUAKg7XhjAOAwUAKhH4gQMFACoR+IIwDQYJKoZIhvcNAQELBQADggEBAE9f8XDP
xkez82hnaLhoczF9GUxJJMUwJRuL0NXtmudGNgO6+4l2zEQzcV4DFMiQOGYHT62I
EKwiVNuOVf2kkcfklVQU5B6U3hEr6DRCGY+3ZlkXh5Gs6sZWmV0OW9r+kXl8lM5o
erssixfr8jraXqEOlIIy2xeFHIgzUOfikNC5mg3II5S1wmNQiBO3EPyw1iMHRglG
H5hMR1hXlpdUjZul4603NcKM4SK0Nj6wxKmIOcW7rsvw7YCy106cyJPYk1YLvuN5
GzcEiBwetVI4W3TN3GSqVT44dKNBEL8Q8XF/R3Etn+nwpepHkX8vrtPHI9amSJxC
cRUBzEl4FzLH/9k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:20 2024 by rpki-client on console-ams.rpki-client.org