Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/s75Az28fliYKku19fmrS7842MIM.roa
File: s75Az28fliYKku19fmrS7842MIM.roa (raw, json)
Hash identifier: JKXia2g57PYFa1Y/GQ/o5BNDhIC1PkPepC4AAT8AtXg=
Subject key identifier: B3:BE:40:CF:6F:1F:96:26:0A:92:ED:7D:7E:6A:D2:EF:CE:36:30:83
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 018EF614404751B94E2131607C6D50485C72
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/s75Az28fliYKku19fmrS7842MIM.roa
Signing time: Fri 19 Apr 2024 11:18:25 +0000
ROA not before: Fri 19 Apr 2024 11:18:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a0e:7f44::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:27:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:14:40:47:51:b9:4e:21:31:60:7c:6d:50:48:5c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Apr 19 11:18:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3be40cf6f1f96260a92ed7d7e6ad2efce363083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:35:35:9d:43:05:bd:d0:8e:ab:b5:d5:36:67:
f2:23:15:c3:0e:28:2d:c5:71:50:61:5f:5b:3b:c4:
2a:74:a8:36:c8:c7:93:75:49:fe:50:39:d0:04:53:
2a:af:92:bc:3f:64:53:d1:c3:bd:45:f2:f2:4d:c4:
8d:95:26:89:82:a9:4f:f8:96:5f:14:6c:7f:46:7a:
04:aa:26:40:ae:97:05:ed:fb:88:3f:0a:1e:00:59:
ee:5a:0d:c6:98:53:40:30:6a:30:8a:5b:78:c8:81:
cf:f9:41:c1:05:a0:7a:b2:9b:a6:22:eb:1b:35:5e:
63:ae:2e:44:6d:aa:bd:4f:79:51:b2:c9:d0:cf:72:
ad:c0:b9:de:7e:1a:39:83:1b:0f:78:95:7a:bd:9c:
d0:25:b2:5d:d6:8a:b3:0a:b2:74:ec:a0:d7:07:4a:
27:14:8a:39:1d:60:46:cc:66:6c:14:3a:bd:57:22:
ae:f3:40:99:36:3d:8c:42:d0:8b:ea:b8:f9:c1:e6:
75:49:9c:4d:75:e9:cb:e6:2c:64:94:38:f6:a0:2c:
eb:e7:44:ea:f2:9a:e0:ef:45:97:c9:87:32:eb:f9:
cd:0e:b8:7d:3d:c5:29:ef:04:c6:27:06:a8:78:2a:
13:7f:eb:d4:86:75:ac:ea:47:6a:23:32:89:68:15:
b9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BE:40:CF:6F:1F:96:26:0A:92:ED:7D:7E:6A:D2:EF:CE:36:30:83
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/s75Az28fliYKku19fmrS7842MIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f44::/32
Signature Algorithm: sha256WithRSAEncryption
99:9c:d6:47:fd:ad:b3:8d:a5:ea:bc:af:a6:50:34:bd:7d:31:
11:6c:28:d3:f2:29:33:fe:cc:44:2d:72:ac:55:25:71:1f:17:
84:c3:22:0e:c4:8f:70:ee:7b:9d:52:4e:52:36:f2:70:7b:fb:
15:c1:6d:20:5a:6a:e6:dc:31:06:c9:db:00:e5:29:77:39:82:
3f:fa:06:16:6b:96:8d:81:dd:e4:37:e4:23:2f:2a:25:01:98:
ef:7f:11:48:a1:33:25:6e:6e:dd:6d:1b:69:fb:51:a1:7b:5c:
3d:96:cb:37:57:90:29:ca:a3:01:d4:20:9d:79:75:a9:d8:1b:
c0:fa:c0:71:b9:47:30:3e:cc:8a:9b:4d:c2:68:e1:16:d9:cf:
73:a9:64:40:c6:c4:f8:71:ef:b6:20:c3:07:22:66:14:21:41:
6f:73:c4:21:12:0b:5e:5a:95:aa:b7:c2:09:3d:b7:d6:c9:aa:
4f:1b:a2:7b:43:c6:b7:b6:14:64:c5:94:32:6b:11:0d:a7:94:
4e:be:c4:d0:a6:0f:60:0b:e4:ee:8b:cc:5b:07:e8:4b:8f:f0:
f6:8b:59:60:9e:dc:ff:8f:f9:32:94:13:72:75:fc:6a:9c:21:
df:d7:1b:27:81:1d:d7:b8:30:10:af:56:56:b6:bc:aa:1d:d8:
eb:e3:a3:84
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY72FEBHUblOITFgfG1QSFxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjQwNDE5MTExODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2JlNDBjZjZmMWY5NjI2MGE5MmVkN2Q3ZTZhZDJlZmNlMzYzMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjU1nUMFvdCOq7XVNmfyIxXDDigt
xXFQYV9bO8QqdKg2yMeTdUn+UDnQBFMqr5K8P2RT0cO9RfLyTcSNlSaJgqlP+JZf
FGx/RnoEqiZArpcF7fuIPwoeAFnuWg3GmFNAMGowilt4yIHP+UHBBaB6spumIusb
NV5jri5Ebaq9T3lRssnQz3KtwLnefho5gxsPeJV6vZzQJbJd1oqzCrJ07KDXB0on
FIo5HWBGzGZsFDq9VyKu80CZNj2MQtCL6rj5weZ1SZxNdenL5ixklDj2oCzr50Tq
8prg70WXyYcy6/nNDrh9PcUp7wTGJwaoeCoTf+vUhnWs6kdqIzKJaBW5LwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLO+QM9vH5YmCpLtfX5q0u/ONjCDMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvczc1QXoyOGZsaVlLa3UxOWZtclM3ODQyTUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5/RDAN
BgkqhkiG9w0BAQsFAAOCAQEAmZzWR/2ts42l6ryvplA0vX0xEWwo0/IpM/7MRC1y
rFUlcR8XhMMiDsSPcO57nVJOUjbycHv7FcFtIFpq5twxBsnbAOUpdzmCP/oGFmuW
jYHd5DfkIy8qJQGY738RSKEzJW5u3W0baftRoXtcPZbLN1eQKcqjAdQgnXl1qdgb
wPrAcblHMD7MiptNwmjhFtnPc6lkQMbE+HHvtiDDByJmFCFBb3PEIRILXlqVqrfC
CT231smqTxuie0PGt7YUZMWUMmsRDaeUTr7E0KYPYAvk7ovMWwfoS4/w9otZYJ7c
/4/5MpQTcnX8apwh39cbJ4Ed17gwEK9WVra8qh3Y6+OjhA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:43:17 2024 by rpki-client on console-ams.rpki-client.org