Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/3439d8-7ea3-4e32-9352-ba1ed9474ba2/1/S7s5mZia_hjbb7IOY7Ny-tnD2xY.roa
File: S7s5mZia_hjbb7IOY7Ny-tnD2xY.roa (raw, json)
Hash identifier: R89OHwokzzdW+71FgDVzpPf0hi6tCkdatA4CNKm3+q4=
Subject key identifier: 4B:BB:39:99:98:9A:FE:18:DB:6F:B2:0E:63:B3:72:FA:D9:C3:DB:16
Certificate issuer: /CN=f68e231d5551876e15afc6637eab7fca80088391
Certificate serial: 019030F5D256453C35809FA0571199BD4E9F
Authority key identifier: F6:8E:23:1D:55:51:87:6E:15:AF:C6:63:7E:AB:7F:CA:80:08:83:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9o4jHVVRh24Vr8Zjfqt_yoAIg5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/3439d8-7ea3-4e32-9352-ba1ed9474ba2/1/S7s5mZia_hjbb7IOY7Ny-tnD2xY.roa
Signing time: Wed 19 Jun 2024 14:45:34 +0000
ROA not before: Wed 19 Jun 2024 14:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213100
IP address blocks: 2001:678:d68::/48 maxlen: 48
2001:678:d6c::/48 maxlen: 48
2001:678:d70::/48 maxlen: 48
2001:67c:2848::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/3439d8-7ea3-4e32-9352-ba1ed9474ba2/1/9o4jHVVRh24Vr8Zjfqt_yoAIg5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/3439d8-7ea3-4e32-9352-ba1ed9474ba2/1/9o4jHVVRh24Vr8Zjfqt_yoAIg5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/9o4jHVVRh24Vr8Zjfqt_yoAIg5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:30:f5:d2:56:45:3c:35:80:9f:a0:57:11:99:bd:4e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f68e231d5551876e15afc6637eab7fca80088391
Validity
Not Before: Jun 19 14:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bbb3999989afe18db6fb20e63b372fad9c3db16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:32:a4:62:24:5f:be:67:25:5e:7d:34:51:d7:
e6:63:c0:cc:f4:db:db:15:88:e5:8f:d4:e5:df:eb:
1a:c9:53:7d:df:41:34:1a:55:0b:49:38:7e:29:2b:
c1:6b:e1:0e:6b:9b:52:d7:a4:24:f7:bb:42:d1:57:
88:25:2f:86:6d:a5:9c:32:49:8b:17:0b:b4:0a:14:
b2:4d:9f:e0:53:fd:48:a0:ce:22:48:1f:7c:15:cd:
30:a9:50:45:f9:d2:71:57:e8:3f:84:c5:b6:0f:0d:
6e:76:fb:38:91:07:ab:92:5c:77:66:05:59:a8:d1:
07:8a:67:fc:7b:f8:75:d9:44:d4:02:f9:37:3d:9c:
87:5f:ff:ae:17:48:18:47:40:90:b0:42:6b:fb:e5:
5e:10:81:94:d6:41:70:0d:6e:2a:5c:91:12:a7:4a:
c0:da:7b:b5:99:7c:0d:63:df:d9:18:00:4d:98:3f:
36:99:3b:fd:54:b4:a4:5b:ca:99:e8:59:1d:26:1b:
38:58:92:60:b3:94:aa:80:fd:14:8e:5e:1a:86:c5:
74:43:57:68:87:33:e4:69:68:f1:33:1d:82:ed:e4:
8f:c6:1a:ae:02:ac:ca:65:97:0f:46:85:6a:ab:f4:
e3:38:b8:f0:1e:d3:d4:7b:a3:a5:9e:4d:e6:b6:17:
66:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BB:39:99:98:9A:FE:18:DB:6F:B2:0E:63:B3:72:FA:D9:C3:DB:16
X509v3 Authority Key Identifier:
keyid:F6:8E:23:1D:55:51:87:6E:15:AF:C6:63:7E:AB:7F:CA:80:08:83:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9o4jHVVRh24Vr8Zjfqt_yoAIg5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/3439d8-7ea3-4e32-9352-ba1ed9474ba2/1/S7s5mZia_hjbb7IOY7Ny-tnD2xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/3439d8-7ea3-4e32-9352-ba1ed9474ba2/1/9o4jHVVRh24Vr8Zjfqt_yoAIg5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d68::/48
2001:678:d6c::/48
2001:678:d70::/48
2001:67c:2848::/48
Signature Algorithm: sha256WithRSAEncryption
a5:04:55:ad:1e:fb:51:23:f1:14:4d:20:1c:94:ec:fa:27:e1:
cc:41:0c:5e:14:ae:85:6d:a8:2f:fa:aa:8c:bd:c3:f0:d7:fc:
48:b8:f7:df:b9:bd:8c:bb:ce:02:cc:14:20:41:25:05:90:75:
c4:f8:9e:68:94:95:f9:5a:c1:ee:b3:78:42:e9:bf:99:c1:ea:
04:23:44:6a:a8:c1:d6:23:3d:c4:ad:d5:6f:20:8c:21:ff:25:
2d:97:32:92:84:12:80:08:53:7e:d4:dc:3f:f5:f2:47:6b:53:
26:56:72:0f:e2:69:40:82:76:2f:7d:a1:70:08:16:21:d5:fa:
d3:29:d9:56:01:03:39:c4:88:d1:82:61:e3:5a:c7:87:29:16:
98:14:3b:39:bb:e3:3f:ee:7b:0f:73:63:5a:5b:06:c0:d2:61:
22:18:d5:8f:3a:eb:b6:0f:84:39:c6:02:c1:f8:07:9d:60:6e:
44:f0:61:72:b2:21:3a:be:ac:34:3d:60:84:20:eb:79:b6:b4:
df:f6:88:dc:b7:35:fd:8d:63:1c:2c:38:0f:58:83:e2:3d:7d:
a4:47:ef:41:20:06:ea:3b:11:d3:94:ef:18:f9:4f:b9:1d:78:
0f:f1:ed:7a:8d:ac:8e:4c:61:2e:8c:64:94:0f:04:44:db:5e:
d9:d1:2b:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZAw9dJWRTw1gJ+gVxGZvU6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OGUyMzFkNTU1MTg3NmUxNWFmYzY2MzdlYWI3ZmNhODAw
ODgzOTEwHhcNMjQwNjE5MTQ0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmJiMzk5OTk4OWFmZTE4ZGI2ZmIyMGU2M2IzNzJmYWQ5YzNkYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDKkYiRfvmclXn00UdfmY8DM9Nvb
FYjlj9Tl3+sayVN930E0GlULSTh+KSvBa+EOa5tS16Qk97tC0VeIJS+GbaWcMkmL
Fwu0ChSyTZ/gU/1IoM4iSB98Fc0wqVBF+dJxV+g/hMW2Dw1udvs4kQerklx3ZgVZ
qNEHimf8e/h12UTUAvk3PZyHX/+uF0gYR0CQsEJr++VeEIGU1kFwDW4qXJESp0rA
2nu1mXwNY9/ZGABNmD82mTv9VLSkW8qZ6FkdJhs4WJJgs5SqgP0Ujl4ahsV0Q1do
hzPkaWjxMx2C7eSPxhquAqzKZZcPRoVqq/TjOLjwHtPUe6Olnk3mthdmjwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEu7OZmYmv4Y22+yDmOzcvrZw9sWMB8GA1UdIwQY
MBaAFPaOIx1VUYduFa/GY36rf8qACIORMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW80akhWVlJoMjRWcjhaamZxdF95b0FJZzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zNDM5ZDgtN2VhMy00ZTMyLTkzNTIt
YmExZWQ5NDc0YmEyLzEvUzdzNW1aaWFfaGpiYjdJT1k3TnktdG5EMnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zNDM5ZDgtN2VhMy00ZTMyLTkzNTItYmExZWQ5NDc0YmEy
LzEvOW80akhWVlJoMjRWcjhaamZxdF95b0FJZzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeA1o
AwcAIAEGeA1sAwcAIAEGeA1wAwcAIAEGfChIMA0GCSqGSIb3DQEBCwUAA4IBAQCl
BFWtHvtRI/EUTSAclOz6J+HMQQxeFK6Fbagv+qqMvcPw1/xIuPffub2Mu84CzBQg
QSUFkHXE+J5olJX5WsHus3hC6b+ZweoEI0RqqMHWIz3ErdVvIIwh/yUtlzKShBKA
CFN+1Nw/9fJHa1MmVnIP4mlAgnYvfaFwCBYh1frTKdlWAQM5xIjRgmHjWseHKRaY
FDs5u+M/7nsPc2NaWwbA0mEiGNWPOuu2D4Q5xgLB+AedYG5E8GFysiE6vqw0PWCE
IOt5trTf9ojctzX9jWMcLDgPWIPiPX2kR+9BIAbqOxHTlO8Y+U+5HXgP8e16jayO
TGEujGSUDwRE217Z0Sv3
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:38 2024 by rpki-client on console-fra.rpki-client.org