Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/dg9TYrpvbG75AXCV03gGH3zJrHo.roa
File: dg9TYrpvbG75AXCV03gGH3zJrHo.roa (raw, json)
Hash identifier: 3ZoJDv4Wi1WuEjcCqaUS4jAhpnbJmizbYkB118aU9NI=
Subject key identifier: 76:0F:53:62:BA:6F:6C:6E:F9:01:70:95:D3:78:06:1F:7C:C9:AC:7A
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0192004844B98AA1115F428A1E30B62F234C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/dg9TYrpvbG75AXCV03gGH3zJrHo.roa
Signing time: Tue 17 Sep 2024 13:59:48 +0000
ROA not before: Tue 17 Sep 2024 13:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a11:a1c0::/29 maxlen: 29
2a11:a1c0::/32 maxlen: 32
2a11:a1c1::/32 maxlen: 32
2a11:a1c2::/32 maxlen: 32
2a11:a1c3::/32 maxlen: 32
2a11:a1c4::/32 maxlen: 32
2a11:a1c5::/32 maxlen: 32
2a11:a1c6::/32 maxlen: 32
2a11:a1c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:48:44:b9:8a:a1:11:5f:42:8a:1e:30:b6:2f:23:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Sep 17 13:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760f5362ba6f6c6ef9017095d378061f7cc9ac7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:6b:f3:84:57:42:7b:b2:85:06:04:6d:25:
c6:c4:87:8a:44:8e:89:4a:17:f9:6d:cb:e1:69:4f:
de:fe:17:59:2c:a4:54:36:3e:52:4f:05:0f:7b:b8:
74:4a:1c:6c:47:99:97:bd:9b:e7:3b:2e:e0:9b:16:
06:ac:4e:81:d7:3e:c8:24:f9:d6:3a:b7:da:78:70:
ce:ca:ff:88:dd:82:fd:a7:6b:1e:b6:66:6a:b3:60:
52:f4:6a:bc:e9:97:21:f3:0a:68:46:3a:d4:51:e3:
b3:3a:71:46:89:32:bf:f7:7a:4a:71:ce:1f:94:fe:
f1:e9:57:7d:29:9d:47:96:f4:58:de:ff:c3:88:8a:
26:36:4a:15:6e:2e:f2:f4:b7:fb:82:5e:dc:3a:9d:
cf:dd:e3:75:b5:4f:f8:e8:12:da:26:4f:59:07:58:
44:4a:ea:a7:b4:35:d9:13:f6:4d:e6:11:62:5e:77:
e0:c1:64:0f:34:2e:f4:4b:d5:31:f9:85:5b:4d:64:
c9:b8:73:6d:2c:6d:4f:2e:14:78:a5:ba:c2:ad:b5:
ec:37:60:6c:50:f6:f1:c1:59:f8:33:69:41:94:32:
a4:ad:ca:9b:2a:e2:9f:e4:32:bc:df:ce:ad:f8:27:
85:6f:a5:27:8f:4f:f7:be:a4:9b:47:52:5f:f8:41:
41:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0F:53:62:BA:6F:6C:6E:F9:01:70:95:D3:78:06:1F:7C:C9:AC:7A
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/dg9TYrpvbG75AXCV03gGH3zJrHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:65:13:bb:f3:ac:66:97:56:db:74:b2:79:c0:73:c1:26:8d:
5c:c6:8d:6d:ae:11:d0:b1:0c:8f:b1:c5:bb:87:b8:a9:cc:80:
22:07:2a:e5:e0:4a:ab:aa:03:40:b7:8d:93:4b:b3:38:0d:4a:
e6:bf:89:2c:ee:60:3f:60:cf:d0:00:40:a0:22:06:d6:df:7e:
1f:78:cd:8f:38:12:bb:b4:52:93:eb:14:98:4b:19:f4:84:66:
56:fc:2f:2c:69:2f:49:e1:5e:9e:71:64:c0:a3:f7:7d:04:fb:
83:0a:4f:4f:4d:92:9a:b2:4e:77:ac:d2:83:0f:25:cc:5d:6d:
f2:89:28:81:50:ab:6a:ae:00:bb:ed:ac:30:71:2e:8e:29:79:
30:e6:44:44:ee:60:9f:7a:0a:98:98:06:76:3d:40:2f:f2:fa:
db:0b:78:70:fb:5b:2f:0f:76:ce:06:35:72:a4:b2:70:84:2d:
75:e4:33:3b:00:1d:57:fa:85:86:d5:e8:02:29:d6:ca:ba:29:
40:3c:3a:ea:23:99:59:68:bd:45:37:af:09:bf:30:6e:d9:83:
e0:4c:18:f9:a1:12:35:89:b5:36:c1:df:69:ce:26:ee:be:fa:
57:5a:c1:26:70:00:c9:66:83:71:e4:e0:50:61:ea:04:95:b7:
1a:6b:e9:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZIASES5iqERX0KKHjC2LyNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwOTE3MTM1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBmNTM2MmJhNmY2YzZlZjkwMTcwOTVkMzc4MDYxZjdjYzlhYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUdr84RXQnuyhQYEbSXGxIeKRI6J
Shf5bcvhaU/e/hdZLKRUNj5STwUPe7h0ShxsR5mXvZvnOy7gmxYGrE6B1z7IJPnW
OrfaeHDOyv+I3YL9p2setmZqs2BS9Gq86Zch8wpoRjrUUeOzOnFGiTK/93pKcc4f
lP7x6Vd9KZ1HlvRY3v/DiIomNkoVbi7y9Lf7gl7cOp3P3eN1tU/46BLaJk9ZB1hE
SuqntDXZE/ZN5hFiXnfgwWQPNC70S9Ux+YVbTWTJuHNtLG1PLhR4pbrCrbXsN2Bs
UPbxwVn4M2lBlDKkrcqbKuKf5DK8386t+CeFb6Unj0/3vqSbR1Jf+EFBSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHYPU2K6b2xu+QFwldN4Bh98yax6MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvZGc5VFlycHZiRzc1QVhDVjAzZ0dIM3pKckhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGhwDAN
BgkqhkiG9w0BAQsFAAOCAQEAP2UTu/OsZpdW23SyecBzwSaNXMaNba4R0LEMj7HF
u4e4qcyAIgcq5eBKq6oDQLeNk0uzOA1K5r+JLO5gP2DP0ABAoCIG1t9+H3jNjzgS
u7RSk+sUmEsZ9IRmVvwvLGkvSeFennFkwKP3fQT7gwpPT02SmrJOd6zSgw8lzF1t
8okogVCraq4Au+2sMHEujil5MOZERO5gn3oKmJgGdj1AL/L62wt4cPtbLw92zgY1
cqSycIQtdeQzOwAdV/qFhtXoAinWyropQDw66iOZWWi9RTevCb8wbtmD4EwY+aES
NYm1NsHfac4m7r76V1rBJnAAyWaDceTgUGHqBJW3Gmvpzg==
-----END CERTIFICATE-----
Generated at Sun Sep 29 01:40:46 2024 by rpki-client on console-ams.rpki-client.org