Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/xkNhsomxfHdg6QpZJ9G90WJOwSo.roa
File: xkNhsomxfHdg6QpZJ9G90WJOwSo.roa (raw, json)
Hash identifier: d6FwyVQSqXAH61yTBxiMnmODDvNxvgxxymFwQmP3uZQ=
Subject key identifier: C6:43:61:B2:89:B1:7C:77:60:E9:0A:59:27:D1:BD:D1:62:4E:C1:2A
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 0191F014EC80262D75863BAB103262C0F0A0
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/xkNhsomxfHdg6QpZJ9G90WJOwSo.roa
Signing time: Sat 14 Sep 2024 10:29:48 +0000
ROA not before: Sat 14 Sep 2024 10:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 2a05:543::/32 maxlen: 32
2a06:c007::/32 maxlen: 32
2a0f:381::/32 maxlen: 32
2a0f:383::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f0:14:ec:80:26:2d:75:86:3b:ab:10:32:62:c0:f0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Sep 14 10:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c64361b289b17c7760e90a5927d1bdd1624ec12a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:83:d7:e5:d3:01:39:f1:01:cb:c0:13:fd:2f:
c6:84:45:c7:e5:48:7c:3a:85:33:33:61:66:b2:c0:
26:56:62:cd:23:d8:b9:44:0e:99:f1:3b:d5:91:75:
f2:70:35:7c:0f:db:17:f0:1c:b8:d3:a8:3b:69:3c:
7f:cc:21:d6:2f:e3:95:34:8d:cf:42:3a:27:03:55:
e2:47:2b:23:a5:e4:d2:6d:22:11:67:82:c6:98:90:
f6:a9:0a:97:07:00:6d:f2:48:3c:40:fe:b8:79:56:
68:ed:23:6a:a1:ff:9f:5e:ab:00:97:ef:0b:94:22:
22:4a:66:73:1e:e5:9f:3f:b8:b0:45:2d:4d:85:4d:
fe:2f:05:be:1b:72:1b:01:fd:bd:2e:90:bb:95:75:
a3:20:fa:d5:08:10:f0:3e:1e:f0:ca:07:a5:51:1f:
0b:d0:c2:4b:38:7b:a9:0e:fc:95:47:b8:fb:b5:56:
d0:7b:42:43:44:4b:49:94:c3:a4:47:ec:a7:c1:a5:
b6:b4:1d:45:92:43:0c:0d:6b:9e:c2:d3:a3:a0:27:
19:4f:b9:5c:e2:91:c5:24:dd:5b:f8:5e:8a:32:fc:
51:eb:0d:78:79:60:dc:46:f0:49:8d:8d:7c:07:61:
f8:4d:7e:c9:bb:5e:57:45:56:4d:34:cc:e9:04:b4:
13:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:43:61:B2:89:B1:7C:77:60:E9:0A:59:27:D1:BD:D1:62:4E:C1:2A
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/xkNhsomxfHdg6QpZJ9G90WJOwSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:543::/32
2a06:c007::/32
2a0f:381::/32
2a0f:383::/32
Signature Algorithm: sha256WithRSAEncryption
70:9e:67:d5:ed:50:0f:82:06:4a:ec:40:71:08:52:e6:c4:87:
09:ce:48:c7:4f:93:5b:cc:43:37:2e:6d:c8:15:ce:ec:3e:15:
a4:85:22:27:18:3a:21:2f:6c:51:77:5d:f6:cc:78:78:a3:c3:
64:a1:64:59:3c:da:ac:d1:0d:9e:7e:f3:43:be:9a:4d:17:a6:
b7:3f:48:ff:c3:69:c4:6e:91:ec:15:8d:3c:41:aa:45:0d:d5:
dd:f1:ab:03:04:d5:56:13:43:fe:2f:24:41:d4:9f:fb:60:6f:
9e:fa:13:b3:37:c1:c9:5a:31:4c:96:71:de:92:5d:9e:a4:df:
1f:14:56:af:c7:09:9a:b2:95:b9:98:e9:c1:06:6b:3d:08:3d:
ac:7b:1d:aa:bc:b8:95:d3:cd:3a:3f:d7:0b:ff:9e:e9:86:23:
23:42:e8:cc:e1:43:e6:ba:1b:ff:8b:1e:0e:3b:d0:12:fa:11:
92:fa:40:26:54:e9:e1:32:f7:62:11:72:cc:41:e1:46:58:c9:
76:e3:8b:c2:d4:4e:33:41:19:51:4b:52:91:40:2b:00:e1:0d:
69:c9:bb:7b:a3:4b:d4:40:68:4d:a1:0c:a3:7e:c6:7a:3f:46:
90:40:9f:9e:86:ad:64:8d:c6:4d:7d:0a:f5:d8:0d:92:a4:88:
e9:b9:4f:a6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZHwFOyAJi11hjurEDJiwPCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjQwOTE0MTAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQzNjFiMjg5YjE3Yzc3NjBlOTBhNTkyN2QxYmRkMTYyNGVjMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIPX5dMBOfEBy8AT/S/GhEXH5Uh8
OoUzM2FmssAmVmLNI9i5RA6Z8TvVkXXycDV8D9sX8By406g7aTx/zCHWL+OVNI3P
QjonA1XiRysjpeTSbSIRZ4LGmJD2qQqXBwBt8kg8QP64eVZo7SNqof+fXqsAl+8L
lCIiSmZzHuWfP7iwRS1NhU3+LwW+G3IbAf29LpC7lXWjIPrVCBDwPh7wygelUR8L
0MJLOHupDvyVR7j7tVbQe0JDREtJlMOkR+ynwaW2tB1FkkMMDWuewtOjoCcZT7lc
4pHFJN1b+F6KMvxR6w14eWDcRvBJjY18B2H4TX7Ju15XRVZNNMzpBLQTDwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMZDYbKJsXx3YOkKWSfRvdFiTsEqMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEveGtOaHNvbXhmSGRnNlFwWko5RzkwV0pPd1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgUFQwMF
ACoGwAcDBQAqDwOBAwUAKg8DgzANBgkqhkiG9w0BAQsFAAOCAQEAcJ5n1e1QD4IG
SuxAcQhS5sSHCc5Ix0+TW8xDNy5tyBXO7D4VpIUiJxg6IS9sUXdd9sx4eKPDZKFk
WTzarNENnn7zQ76aTRemtz9I/8NpxG6R7BWNPEGqRQ3V3fGrAwTVVhND/i8kQdSf
+2BvnvoTszfByVoxTJZx3pJdnqTfHxRWr8cJmrKVuZjpwQZrPQg9rHsdqry4ldPN
Oj/XC/+e6YYjI0LozOFD5rob/4seDjvQEvoRkvpAJlTp4TL3YhFyzEHhRljJduOL
wtROM0EZUUtSkUArAOENacm7e6NL1EBoTaEMo37Gej9GkECfnoatZI3GTX0K9dgN
kqSI6blPpg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 14:34:14 2024 by rpki-client on console-ams.rpki-client.org