Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/pArcfgkEsxH6iTxLQCBJ0BkmnQA.roa
File: pArcfgkEsxH6iTxLQCBJ0BkmnQA.roa (raw, json)
Hash identifier: s96zndnDUsSW0f4VJJvgOY4xoANeJZY0o8yKfbvdL0Q=
Subject key identifier: A4:0A:DC:7E:09:04:B3:11:FA:89:3C:4B:40:20:49:D0:19:26:9D:00
Certificate issuer: /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Certificate serial: 018CC87058C92187A108F405EC528AD22C12
Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/pArcfgkEsxH6iTxLQCBJ0BkmnQA.roa
Signing time: Tue 02 Jan 2024 04:30:54 +0000
ROA not before: Tue 02 Jan 2024 04:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25057
IP address blocks: 2a02:e5e::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:58:c9:21:87:a1:08:f4:05:ec:52:8a:d2:2c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee
Validity
Not Before: Jan 2 04:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a40adc7e0904b311fa893c4b402049d019269d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8d:89:a0:98:ec:a1:14:36:bf:62:12:70:4a:
f2:07:be:96:7a:37:5c:6e:0f:6b:79:95:6d:2c:1f:
a8:d4:26:f6:5a:72:b6:80:8d:3a:88:23:bb:e5:ca:
fd:6c:b8:ae:a3:21:e4:47:a7:7e:b6:0d:e7:a3:c9:
94:65:b0:b2:42:59:c0:63:cb:10:e0:1f:aa:62:c7:
9c:87:ca:9e:2d:3e:e4:3d:44:1c:82:7d:8a:6a:fd:
6a:3c:30:09:1b:17:a7:09:0c:48:e1:97:25:48:cb:
35:ac:2f:d7:fa:dd:e5:f6:90:6b:7f:27:bc:f7:c2:
50:a2:17:46:0d:30:56:23:e8:eb:ff:0b:58:d2:ad:
2d:07:a3:a7:6e:03:7b:6d:1f:ad:48:ad:01:c6:84:
bb:a8:02:21:6f:0f:26:af:27:0d:55:3f:c9:e2:bc:
e9:49:6e:f2:32:af:94:7f:a9:4f:dd:c5:f0:6c:e4:
35:8d:f1:2b:52:f8:ac:f1:5f:2b:4a:f1:c9:e8:54:
fc:1f:5c:b0:4f:2a:ff:0a:ac:fd:17:c5:0b:ac:1f:
07:21:a4:15:c4:bd:7a:c7:5a:1e:94:bd:07:f1:de:
05:0a:fe:ad:c1:c3:e0:e9:42:4b:a2:f7:46:aa:e9:
9b:ac:5d:c2:7f:76:a5:1b:53:72:53:a9:f2:51:75:
2b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0A:DC:7E:09:04:B3:11:FA:89:3C:4B:40:20:49:D0:19:26:9D:00
X509v3 Authority Key Identifier:
keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/pArcfgkEsxH6iTxLQCBJ0BkmnQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:e5e::/32
Signature Algorithm: sha256WithRSAEncryption
1b:4a:17:6f:bb:df:e0:e0:8f:4a:9c:e0:4b:76:25:1c:4d:dd:
ee:6a:09:52:4c:1f:9b:84:9d:62:94:66:c0:21:3e:16:2c:f9:
6b:4d:f4:6e:55:b8:6d:64:4a:40:83:06:ff:7e:aa:5e:82:1f:
df:07:92:48:8b:de:7d:06:05:9d:fa:36:e0:19:a4:fc:60:bb:
a9:63:48:7a:5e:c9:7a:5f:f5:30:4d:54:87:83:ff:6b:fe:4f:
f6:cd:3a:35:b2:e3:a5:1d:8d:4f:ec:00:c6:be:ac:a4:ec:8f:
9f:ff:28:de:ca:17:b6:90:57:b6:b5:a0:c4:5b:73:2c:e1:de:
02:09:ba:42:cb:28:6f:84:99:07:5e:ab:e5:6a:b1:cd:77:5d:
5a:8a:f1:ce:90:d0:fb:4d:1e:43:da:cf:fe:71:dc:8b:5e:67:
e2:96:34:79:d3:29:d4:87:6c:b8:f0:de:d3:69:ec:ee:3f:33:
69:a4:f9:86:5c:a8:0f:68:bc:b2:cc:ab:47:6d:9a:5a:b6:2b:
60:62:ee:46:35:31:d7:eb:79:af:a5:0a:15:93:8a:b4:46:dd:
89:a1:2b:cb:4c:31:b4:cc:be:08:0a:a8:28:66:39:72:90:d0:
29:de:af:0d:56:61:93:0d:1c:f7:2c:89:be:93:9f:55:04:90:
20:94:9b:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIcFjJIYehCPQF7FKK0iwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkOWUzMWM5MDI5ZWU0NGJkNjgxYjUxNTMzMDMzNWM2YTFj
ZmRlZWUwHhcNMjQwMTAyMDQzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDBhZGM3ZTA5MDRiMzExZmE4OTNjNGI0MDIwNDlkMDE5MjY5ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoo2JoJjsoRQ2v2IScEryB76Wejdc
bg9reZVtLB+o1Cb2WnK2gI06iCO75cr9bLiuoyHkR6d+tg3no8mUZbCyQlnAY8sQ
4B+qYsech8qeLT7kPUQcgn2Kav1qPDAJGxenCQxI4ZclSMs1rC/X+t3l9pBrfye8
98JQohdGDTBWI+jr/wtY0q0tB6OnbgN7bR+tSK0BxoS7qAIhbw8mrycNVT/J4rzp
SW7yMq+Uf6lP3cXwbOQ1jfErUvis8V8rSvHJ6FT8H1ywTyr/Cqz9F8ULrB8HIaQV
xL16x1oelL0H8d4FCv6twcPg6UJLovdGqumbrF3Cf3alG1NyU6nyUXUrmQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKQK3H4JBLMR+ok8S0AgSdAZJp0AMB8GA1UdIwQY
MBaAFC2eMckCnuRL1oG1FTMDNcahz97uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMt
MDhkYTY2NTJhODY3LzEvcEFyY2Zna0VzeEg2aVR4TFFDQkowQmttblFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMtMDhkYTY2NTJhODY3
LzEvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIOXjAN
BgkqhkiG9w0BAQsFAAOCAQEAG0oXb7vf4OCPSpzgS3YlHE3d7moJUkwfm4SdYpRm
wCE+Fiz5a030blW4bWRKQIMG/36qXoIf3weSSIvefQYFnfo24Bmk/GC7qWNIel7J
el/1ME1Uh4P/a/5P9s06NbLjpR2NT+wAxr6spOyPn/8o3soXtpBXtrWgxFtzLOHe
Agm6Qssob4SZB16r5WqxzXddWorxzpDQ+00eQ9rP/nHci15n4pY0edMp1IdsuPDe
02ns7j8zaaT5hlyoD2i8ssyrR22aWrYrYGLuRjUx1+t5r6UKFZOKtEbdiaEry0wx
tMy+CAqoKGY5cpDQKd6vDVZhkw0c9yyJvpOfVQSQIJSb0A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:02:08 2024 by rpki-client on console-ams.rpki-client.org