Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/ic4kSEApIrIEjL0d1epfnNwowKs.roa
File: ic4kSEApIrIEjL0d1epfnNwowKs.roa (raw, json)
Hash identifier: FkGWgwhznAgz8y5/4QpCWNyCU4LujoncIll+8gTMHf0=
Subject key identifier: 89:CE:24:48:40:29:22:B2:04:8C:BD:1D:D5:EA:5F:9C:DC:28:C0:AB
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 0190BD2DCEF0BA86AA89E400EA2F23194247
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/ic4kSEApIrIEjL0d1epfnNwowKs.roa
Signing time: Tue 16 Jul 2024 20:13:34 +0000
ROA not before: Tue 16 Jul 2024 20:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a09:a500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 21:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bd:2d:ce:f0:ba:86:aa:89:e4:00:ea:2f:23:19:42:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Jul 16 20:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89ce2448402922b2048cbd1dd5ea5f9cdc28c0ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4b:d6:f2:f2:18:09:57:ae:9e:1a:e9:e5:0a:
12:88:9d:1a:e7:33:8b:cf:1f:72:3d:5b:bd:07:f0:
e0:29:9f:91:84:17:02:4c:73:dd:87:2c:b2:6d:bd:
df:0e:79:29:7c:dd:7d:1c:bb:14:c0:65:47:4f:ec:
5e:9d:2b:b6:0e:ef:61:dd:f4:d2:fe:1b:aa:99:3a:
81:8f:8a:38:df:d0:ad:76:af:db:03:c6:52:e5:30:
c2:00:dd:3c:8a:21:6d:0f:25:b6:34:3b:be:aa:2d:
13:49:ef:96:ea:d0:bd:c3:f6:7e:81:61:3f:22:13:
d8:05:aa:c4:f0:94:48:53:a3:1b:de:af:d1:d2:77:
60:cb:a4:12:9e:73:8d:2a:f7:fd:04:c0:1d:ca:cc:
25:42:b3:5b:09:38:db:44:16:12:17:12:ba:99:4d:
79:65:bc:02:a7:6c:7b:ed:5d:1f:cd:b3:0d:b8:9a:
2a:3b:44:ad:d6:2a:ca:17:03:d5:a2:cc:2d:4a:63:
42:eb:fa:40:52:35:bb:42:32:88:31:a9:41:c5:c0:
e9:81:34:e6:be:67:28:b0:23:1b:87:e3:48:b7:14:
b8:d3:c3:9f:33:95:1b:58:b3:a9:15:70:bc:8d:1c:
ab:2b:06:9d:a0:f2:21:49:55:55:6f:fa:af:42:08:
82:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CE:24:48:40:29:22:B2:04:8C:BD:1D:D5:EA:5F:9C:DC:28:C0:AB
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/ic4kSEApIrIEjL0d1epfnNwowKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a500::/29
Signature Algorithm: sha256WithRSAEncryption
84:31:3b:0b:55:f0:db:0d:ca:08:c2:af:44:0b:0f:a2:69:85:
05:1b:e2:92:22:aa:c1:75:1d:9c:d8:37:c4:d9:e9:5b:8e:57:
a3:f3:0e:d3:13:5f:35:7a:7f:f2:66:71:1d:16:ae:f1:60:af:
dd:74:c0:02:13:be:58:18:e5:48:39:d0:f5:d0:9d:56:4d:87:
73:0f:cb:08:60:4a:ca:2e:6f:12:fe:9c:8a:5c:79:31:f0:99:
b7:b8:64:2c:c3:ee:93:d6:ab:b7:14:3f:ca:a4:19:ff:3c:ff:
4e:84:dd:2c:b3:1c:6d:27:18:11:32:4c:7a:4e:a4:c8:58:85:
74:f9:ef:8c:a4:44:d5:61:11:a7:82:04:86:df:fd:f9:ed:97:
3e:50:cd:63:95:c5:24:3d:df:8a:0c:50:a8:bf:2c:55:8b:ab:
f5:b8:aa:84:d0:ae:85:b4:be:e2:be:3d:d0:5d:10:cc:ff:e8:
03:d8:e7:4b:86:21:18:91:9f:de:f7:f4:8e:90:b5:96:da:3a:
95:0d:92:a8:b1:f1:99:48:c4:61:a1:54:f3:29:56:48:dd:e0:
73:a3:ed:f5:40:e5:7d:82:e5:0a:dc:c3:fa:51:47:41:1c:a4:
c6:d9:e5:36:0e:f9:34:3c:b1:0d:9a:07:c4:81:99:c2:5a:70:
7a:ff:79:83
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZC9Lc7wuoaqieQA6i8jGUJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQwNzE2MjAxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNlMjQ0ODQwMjkyMmIyMDQ4Y2JkMWRkNWVhNWY5Y2RjMjhjMGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUvW8vIYCVeunhrp5QoSiJ0a5zOL
zx9yPVu9B/DgKZ+RhBcCTHPdhyyybb3fDnkpfN19HLsUwGVHT+xenSu2Du9h3fTS
/huqmTqBj4o439Ctdq/bA8ZS5TDCAN08iiFtDyW2NDu+qi0TSe+W6tC9w/Z+gWE/
IhPYBarE8JRIU6Mb3q/R0ndgy6QSnnONKvf9BMAdyswlQrNbCTjbRBYSFxK6mU15
ZbwCp2x77V0fzbMNuJoqO0St1irKFwPVoswtSmNC6/pAUjW7QjKIMalBxcDpgTTm
vmcosCMbh+NItxS408OfM5UbWLOpFXC8jRyrKwadoPIhSVVVb/qvQgiCOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFInOJEhAKSKyBIy9HdXqX5zcKMCrMB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvaWM0a1NFQXBJcklFakwwZDFlcGZuTndvd0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgmlADAN
BgkqhkiG9w0BAQsFAAOCAQEAhDE7C1Xw2w3KCMKvRAsPommFBRvikiKqwXUdnNg3
xNnpW45Xo/MO0xNfNXp/8mZxHRau8WCv3XTAAhO+WBjlSDnQ9dCdVk2Hcw/LCGBK
yi5vEv6cilx5MfCZt7hkLMPuk9artxQ/yqQZ/zz/ToTdLLMcbScYETJMek6kyFiF
dPnvjKRE1WERp4IEht/9+e2XPlDNY5XFJD3figxQqL8sVYur9biqhNCuhbS+4r49
0F0QzP/oA9jnS4YhGJGf3vf0jpC1lto6lQ2SqLHxmUjEYaFU8ylWSN3gc6Pt9UDl
fYLlCtzD+lFHQRykxtnlNg75NDyxDZoHxIGZwlpwev95gw==
-----END CERTIFICATE-----
Generated at Sat Sep 21 04:43:44 2024 by rpki-client on console-ams.rpki-client.org