Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/abWy6Uzel5DZaM8DpzAHP1AqwV8.roa
File: abWy6Uzel5DZaM8DpzAHP1AqwV8.roa (raw, json)
Hash identifier: QeH/GZ0pZVyejT9h3CQHCof3V1SkvMEL/hTm9+AM5BI=
Subject key identifier: 69:B5:B2:E9:4C:DE:97:90:D9:68:CF:03:A7:30:07:3F:50:2A:C1:5F
Certificate issuer: /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial: 018CC5DC06E179C9D5049084AD97EB93BE4E
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/abWy6Uzel5DZaM8DpzAHP1AqwV8.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42905
IP address blocks: 2a02:680:9100::/40 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:06:e1:79:c9:d5:04:90:84:ad:97:eb:93:be:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69b5b2e94cde9790d968cf03a730073f502ac15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:27:91:43:d0:8b:f3:a6:a7:ce:4e:9c:e5:5d:
5b:d6:6f:49:f6:ff:14:26:13:79:89:3a:01:b0:24:
29:cb:79:4b:7f:75:ed:dc:5d:53:ff:ff:24:56:6b:
09:c9:69:5d:37:6a:29:5f:ca:4b:73:82:0b:39:a0:
86:ba:ac:52:4a:5c:e0:f5:1a:59:90:20:15:00:26:
d6:18:48:cf:92:ce:17:12:0a:3f:54:86:44:fb:8c:
8e:ec:8a:5f:27:77:56:a0:07:b8:33:36:f6:38:83:
29:97:e1:55:c5:85:a2:64:ca:11:8f:9d:e2:ce:ae:
60:55:60:ea:94:5d:91:9c:ae:82:cb:11:c3:4b:ed:
91:bb:3b:4e:73:3e:31:d4:b6:c3:31:be:4e:3c:fa:
fe:69:46:40:ff:db:05:45:2e:1c:a8:5a:b4:42:70:
6d:36:32:f8:d4:95:6f:01:de:8a:42:c8:28:38:0d:
02:9e:1d:4b:42:8c:d3:4f:4c:f9:7f:84:f6:f0:a3:
a6:a3:ba:4c:76:a1:53:39:7f:0a:e3:2a:71:31:f0:
e9:62:b1:ed:0a:62:31:34:19:0a:b5:34:c2:ef:7d:
0b:1a:e3:77:78:76:9b:ae:9c:d6:2b:a5:6a:66:11:
54:7c:b3:f0:bc:d1:83:73:98:f0:66:13:bc:85:7c:
db:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B5:B2:E9:4C:DE:97:90:D9:68:CF:03:A7:30:07:3F:50:2A:C1:5F
X509v3 Authority Key Identifier:
keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/abWy6Uzel5DZaM8DpzAHP1AqwV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:680:9100::/40
Signature Algorithm: sha256WithRSAEncryption
a9:aa:fa:b6:f4:3a:ea:54:aa:c8:65:56:3f:70:91:4d:a0:e5:
40:34:b6:3c:3e:20:0c:e9:f6:29:56:e7:2e:e2:10:e4:32:cf:
ba:8c:0b:83:9e:20:47:db:9a:69:4a:c2:51:97:77:4c:67:2c:
d4:27:e1:f2:14:76:d1:70:2d:08:9c:cf:c7:04:a3:d1:09:78:
e3:fd:6a:46:20:d0:ac:df:95:0d:56:e7:af:91:af:d8:fa:69:
5f:be:72:dd:ee:1a:2a:2c:e4:c2:d8:92:1f:4e:2e:08:0f:82:
6c:43:17:2f:ff:7b:31:9d:a8:4d:9a:da:9a:41:1f:d0:2f:1b:
36:f1:f7:00:2b:c9:26:39:79:d7:16:80:92:2a:c6:c4:7c:70:
a9:2c:86:72:9a:8d:89:73:93:38:95:ae:b8:8f:cf:10:80:94:
c9:06:77:07:22:67:7a:e8:93:75:f5:f4:8b:3a:a2:b1:72:ef:
52:ba:55:98:b0:01:44:a7:e1:7d:70:f6:e3:b9:2f:51:c3:60:
d4:93:de:d4:68:2c:d9:8d:10:4c:10:fd:c1:e9:e9:3c:51:54:
f2:d9:14:e3:e2:78:c9:3d:14:de:57:1f:20:ed:6a:e5:e7:09:
b6:41:29:01:0a:04:3c:fc:e0:24:e2:a7:0b:49:46:bc:74:47:
49:52:0d:cd
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzF3AbhecnVBJCErZfrk75OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0
NDE5NzkwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWI1YjJlOTRjZGU5NzkwZDk2OGNmMDNhNzMwMDczZjUwMmFjMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgieRQ9CL86anzk6c5V1b1m9J9v8U
JhN5iToBsCQpy3lLf3Xt3F1T//8kVmsJyWldN2opX8pLc4ILOaCGuqxSSlzg9RpZ
kCAVACbWGEjPks4XEgo/VIZE+4yO7IpfJ3dWoAe4Mzb2OIMpl+FVxYWiZMoRj53i
zq5gVWDqlF2RnK6CyxHDS+2RuztOcz4x1LbDMb5OPPr+aUZA/9sFRS4cqFq0QnBt
NjL41JVvAd6KQsgoOA0Cnh1LQozTT0z5f4T28KOmo7pMdqFTOX8K4ypxMfDpYrHt
CmIxNBkKtTTC730LGuN3eHabrpzWK6VqZhFUfLPwvNGDc5jwZhO8hXzbXQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGm1sulM3peQ2WjPA6cwBz9QKsFfMB8GA1UdIwQY
MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt
YjdkMWNhYzUxZTBjLzEvYWJXeTZVemVsNURaYU04RHB6QUhQMUFxd1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUtYjdkMWNhYzUxZTBj
LzEvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIGgJEw
DQYJKoZIhvcNAQELBQADggEBAKmq+rb0OupUqshlVj9wkU2g5UA0tjw+IAzp9ilW
5y7iEOQyz7qMC4OeIEfbmmlKwlGXd0xnLNQn4fIUdtFwLQicz8cEo9EJeOP9akYg
0KzflQ1W56+Rr9j6aV++ct3uGios5MLYkh9OLggPgmxDFy//ezGdqE2a2ppBH9Av
Gzbx9wArySY5edcWgJIqxsR8cKkshnKajYlzkziVrriPzxCAlMkGdwciZ3rok3X1
9Is6orFy71K6VZiwAUSn4X1w9uO5L1HDYNST3tRoLNmNEEwQ/cHp6TxRVPLZFOPi
eMk9FN5XHyDtauXnCbZBKQEKBDz84CTipwtJRrx0R0lSDc0=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:42:27 2024 by rpki-client on console-ams.rpki-client.org