Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Khg3x1HWTHnU8D79vhku6PHJ_-c.roa
File: Khg3x1HWTHnU8D79vhku6PHJ_-c.roa (raw, json)
Hash identifier: arj7dduYFfeQxUGzyK30vcXZ5OrRnZYZfMYRoVcHJpU=
Subject key identifier: 2A:18:37:C7:51:D6:4C:79:D4:F0:3E:FD:BE:19:2E:E8:F1:C9:FF:E7
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01915B7F1CCED9199F8C2379F3FE88066BD9
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Khg3x1HWTHnU8D79vhku6PHJ_-c.roa
Signing time: Fri 16 Aug 2024 14:02:22 +0000
ROA not before: Fri 16 Aug 2024 14:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a0c:72c0::/29 maxlen: 29
2a0e:b200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:7f:1c:ce:d9:19:9f:8c:23:79:f3:fe:88:06:6b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Aug 16 14:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a1837c751d64c79d4f03efdbe192ee8f1c9ffe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:91:22:c6:10:ea:f1:20:3f:49:e0:07:ba:e9:
e3:05:58:63:58:ce:ea:db:d4:2f:aa:e1:ac:1c:e9:
fb:f8:56:f2:45:ce:6d:03:2b:4d:58:59:c8:a3:03:
79:67:84:22:b8:02:c6:cf:88:e3:94:1f:3a:3a:f8:
e7:36:54:5f:3e:23:87:b0:93:bb:67:b1:22:f1:4a:
05:e3:21:42:67:75:ee:69:03:7f:9a:82:ba:a8:f6:
09:04:c4:4c:07:ef:1e:82:d2:0c:2a:c3:3a:d6:cc:
a6:14:2d:31:65:ee:98:fe:61:a4:62:b0:53:64:e5:
69:c6:e0:b6:6b:1d:db:bf:a5:87:36:2d:ae:42:65:
23:6b:62:1c:2c:3d:74:c8:05:9d:70:9f:a6:03:48:
99:71:23:40:4f:94:5d:e4:17:59:b3:4b:9d:a7:31:
0e:50:1b:e7:02:49:c1:fe:d0:64:19:84:ac:d3:2c:
85:64:79:c7:9d:40:0d:9d:b1:df:dd:55:9c:9b:f3:
7b:23:4f:54:3b:a6:9a:83:fc:cb:2c:22:b4:f0:a2:
a2:c9:5d:de:2a:13:c0:be:cf:2a:5c:6e:4a:cb:ad:
9a:2b:88:52:23:5e:29:5e:df:40:c4:b1:09:83:27:
b8:4d:cd:bb:d6:4f:04:b9:2d:38:cf:98:7a:63:c5:
71:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:18:37:C7:51:D6:4C:79:D4:F0:3E:FD:BE:19:2E:E8:F1:C9:FF:E7
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/Khg3x1HWTHnU8D79vhku6PHJ_-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:72c0::/29
2a0e:b200::/29
Signature Algorithm: sha256WithRSAEncryption
03:c4:96:0b:fe:0d:7d:ae:70:ac:f9:d4:46:c5:4a:3a:7d:51:
aa:3b:d9:d2:5f:e4:47:a4:ea:66:f7:13:20:c4:08:2c:bf:c6:
64:74:31:8f:92:11:4f:02:61:f2:19:6d:ea:9e:4d:cb:9a:8d:
08:c8:b6:7d:de:c1:df:9e:36:d5:4b:69:10:59:94:48:c6:81:
49:a9:29:ff:23:b7:d4:42:1a:11:c4:fa:63:c6:49:8a:75:b6:
d4:4b:b6:a0:c1:48:31:d8:79:70:24:6d:75:de:12:e6:75:f9:
e3:0c:da:8b:d9:55:c1:a4:f7:34:da:2f:64:72:10:c6:ac:47:
3f:ef:ff:2b:de:39:f8:67:0c:58:d5:f2:99:cb:1c:5e:10:9c:
31:25:62:89:0f:44:b4:cf:6a:c6:72:59:0d:10:62:98:cf:54:
f2:83:2c:ca:04:69:df:25:3c:73:17:a3:f4:6f:ef:0d:2a:7a:
d8:e6:3f:da:cd:9c:83:08:dd:ea:fa:41:11:32:69:42:86:45:
9b:0c:dd:96:c0:f1:0f:83:ca:1c:f5:d2:9f:c6:cb:c4:07:e6:
80:a7:06:61:fd:b8:97:e6:56:0c:32:04:d4:91:77:2c:f7:5d:
c7:90:b8:ce:e9:2b:de:6e:99:04:c0:c6:a1:9c:5f:77:26:df:
7b:b0:cc:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFbfxzO2RmfjCN58/6IBmvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwODE2MTQwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE4MzdjNzUxZDY0Yzc5ZDRmMDNlZmRiZTE5MmVlOGYxYzlmZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJEixhDq8SA/SeAHuunjBVhjWM7q
29QvquGsHOn7+FbyRc5tAytNWFnIowN5Z4QiuALGz4jjlB86OvjnNlRfPiOHsJO7
Z7Ei8UoF4yFCZ3XuaQN/moK6qPYJBMRMB+8egtIMKsM61symFC0xZe6Y/mGkYrBT
ZOVpxuC2ax3bv6WHNi2uQmUja2IcLD10yAWdcJ+mA0iZcSNAT5Rd5BdZs0udpzEO
UBvnAknB/tBkGYSs0yyFZHnHnUANnbHf3VWcm/N7I09UO6aag/zLLCK08KKiyV3e
KhPAvs8qXG5Ky62aK4hSI14pXt9AxLEJgye4Tc271k8EuS04z5h6Y8VxmQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCoYN8dR1kx51PA+/b4ZLujxyf/nMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvS2hnM3gxSFdUSG5VOEQ3OXZoa3U2UEhKXy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgxywAMF
AyoOsgAwDQYJKoZIhvcNAQELBQADggEBAAPElgv+DX2ucKz51EbFSjp9Uao72dJf
5Eek6mb3EyDECCy/xmR0MY+SEU8CYfIZbeqeTcuajQjItn3ewd+eNtVLaRBZlEjG
gUmpKf8jt9RCGhHE+mPGSYp1ttRLtqDBSDHYeXAkbXXeEuZ1+eMM2ovZVcGk9zTa
L2RyEMasRz/v/yveOfhnDFjV8pnLHF4QnDElYokPRLTPasZyWQ0QYpjPVPKDLMoE
ad8lPHMXo/Rv7w0qetjmP9rNnIMI3er6QREyaUKGRZsM3ZbA8Q+Dyhz10p/Gy8QH
5oCnBmH9uJfmVgwyBNSRdyz3XceQuM7pK95umQTAxqGcX3cm33uwzOA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:43:23 2024 by rpki-client on console-ams.rpki-client.org