Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/IwmiSc4K8JZ3ySv-uBA2Jtm3Sfw.roa
File: IwmiSc4K8JZ3ySv-uBA2Jtm3Sfw.roa (raw, json)
Hash identifier: hCeujAYG7yruHOaL3uRYm0LEPME0hIHY4rbYfMFvJ1o=
Subject key identifier: 23:09:A2:49:CE:0A:F0:96:77:C9:2B:FE:B8:10:36:26:D9:B7:49:FC
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 018F0328FCE43D3D4B7474F60C7C266B6755
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/IwmiSc4K8JZ3ySv-uBA2Jtm3Sfw.roa
Signing time: Mon 22 Apr 2024 00:16:08 +0000
ROA not before: Mon 22 Apr 2024 00:16:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 2a07:a900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:03:28:fc:e4:3d:3d:4b:74:74:f6:0c:7c:26:6b:67:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Apr 22 00:16:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2309a249ce0af09677c92bfeb8103626d9b749fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:60:3a:2d:9e:9f:da:fb:28:02:24:e8:ec:67:
ac:59:a1:3f:57:b8:b1:04:c4:22:c0:a2:34:b2:28:
a4:b1:21:85:79:4e:70:23:70:a3:c1:65:21:4b:28:
38:00:5a:34:56:03:54:9b:e5:89:cf:28:33:93:16:
fd:07:aa:af:5e:e3:2b:52:0b:44:a7:c9:b3:6d:41:
15:49:1d:3e:db:84:1e:c4:bc:7e:d5:a0:79:f8:22:
f4:3c:5e:18:a4:e0:f1:8d:a1:e8:09:da:2e:6f:63:
18:1b:f4:fc:f4:61:9f:a9:46:e2:36:9d:6f:c7:31:
ac:93:d3:97:a2:97:25:7d:5b:e8:3c:00:b6:e3:c4:
c3:dd:be:db:a3:da:98:9b:cc:cb:18:21:ac:bb:3e:
3e:e5:30:1a:f8:9b:6f:90:35:ea:73:ad:a4:be:46:
89:93:e8:d7:29:d3:5a:5b:db:0f:d5:10:fa:80:45:
e4:dc:e3:42:61:82:b7:5f:62:3d:81:bd:81:c6:09:
25:ed:d3:ef:50:59:4f:08:36:3f:cf:40:11:32:68:
aa:91:b7:0b:0d:db:01:7f:f3:6f:cd:22:42:07:6a:
6c:98:c8:71:96:e2:d8:5b:5e:e3:9e:4d:de:95:7d:
fd:f1:d7:b6:81:57:f0:45:58:e3:76:39:61:27:04:
4e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:09:A2:49:CE:0A:F0:96:77:C9:2B:FE:B8:10:36:26:D9:B7:49:FC
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/IwmiSc4K8JZ3ySv-uBA2Jtm3Sfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:a900::/29
Signature Algorithm: sha256WithRSAEncryption
06:97:23:53:c6:0c:a4:c1:77:c9:ec:c4:21:0f:a8:d1:fe:c4:
b8:04:46:58:c2:7e:ef:3f:2c:ff:ac:2c:a8:96:c0:15:2c:a4:
d3:c7:18:69:89:79:33:89:0b:2e:15:47:19:b8:7a:63:18:27:
ca:7b:b0:35:44:15:af:b2:b3:cd:1e:cb:4c:bf:43:b5:82:3a:
80:5b:8a:93:e0:49:8c:5f:ec:7d:73:d8:a9:15:ba:86:66:67:
23:bb:9b:06:9f:07:48:6a:f5:56:cc:b0:55:7e:d9:97:e4:b3:
64:df:ad:36:eb:3d:39:c8:db:56:a1:04:4a:5f:64:14:aa:9a:
14:c9:93:b4:05:02:63:74:db:45:73:9d:79:5f:55:57:d3:c3:
bb:b6:5b:60:ee:5e:4c:93:1f:a7:74:fd:11:ed:8c:a2:8e:23:
f5:22:d0:d2:90:3a:d3:16:4e:af:f9:74:19:42:cc:14:0b:44:
da:87:e4:fb:dd:9d:b2:65:8c:7d:75:3d:73:b7:7b:05:17:78:
1e:95:f7:dd:86:f7:f4:07:33:84:42:ef:ae:5c:d1:75:7e:f3:
88:8e:1c:64:64:fb:62:d8:84:c8:3e:d7:f1:58:9a:fb:31:6d:
5c:75:12:4c:d3:3d:e5:00:06:8b:1d:1c:a8:45:89:a0:ed:ff:
3c:b8:d7:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8DKPzkPT1LdHT2DHwma2dVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjQwNDIyMDAxNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA5YTI0OWNlMGFmMDk2NzdjOTJiZmViODEwMzYyNmQ5Yjc0OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmA6LZ6f2vsoAiTo7GesWaE/V7ix
BMQiwKI0siiksSGFeU5wI3CjwWUhSyg4AFo0VgNUm+WJzygzkxb9B6qvXuMrUgtE
p8mzbUEVSR0+24QexLx+1aB5+CL0PF4YpODxjaHoCdoub2MYG/T89GGfqUbiNp1v
xzGsk9OXopclfVvoPAC248TD3b7bo9qYm8zLGCGsuz4+5TAa+JtvkDXqc62kvkaJ
k+jXKdNaW9sP1RD6gEXk3ONCYYK3X2I9gb2Bxgkl7dPvUFlPCDY/z0ARMmiqkbcL
DdsBf/NvzSJCB2psmMhxluLYW17jnk3elX398de2gVfwRVjjdjlhJwROWwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCMJoknOCvCWd8kr/rgQNibZt0n8MB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvSXdtaVNjNEs4SlozeVN2LXVCQTJKdG0zU2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgepADAN
BgkqhkiG9w0BAQsFAAOCAQEABpcjU8YMpMF3yezEIQ+o0f7EuARGWMJ+7z8s/6ws
qJbAFSyk08cYaYl5M4kLLhVHGbh6YxgnynuwNUQVr7KzzR7LTL9DtYI6gFuKk+BJ
jF/sfXPYqRW6hmZnI7ubBp8HSGr1VsywVX7Zl+SzZN+tNus9OcjbVqEESl9kFKqa
FMmTtAUCY3TbRXOdeV9VV9PDu7ZbYO5eTJMfp3T9Ee2Moo4j9SLQ0pA60xZOr/l0
GULMFAtE2ofk+92dsmWMfXU9c7d7BRd4HpX33Yb39AczhELvrlzRdX7ziI4cZGT7
YtiEyD7X8Via+zFtXHUSTNM95QAGix0cqEWJoO3/PLjX2Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:51:27 2024 by rpki-client on console-fra.rpki-client.org