Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/U1KvqR2zqyPHyuzrug6d4D9g5wc.roa
File: U1KvqR2zqyPHyuzrug6d4D9g5wc.roa (raw, json)
Hash identifier: 4qu3QSJLf+fvEcd4K0H9b9seXXYSQLS3t1U6rBDqRzI=
Subject key identifier: 53:52:AF:A9:1D:B3:AB:23:C7:CA:EC:EB:BA:0E:9D:E0:3F:60:E7:07
Certificate issuer: /CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81
Certificate serial: 0191A1A1840E83EF4405F97BDB438E93AF45
Authority key identifier: 69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/U1KvqR2zqyPHyuzrug6d4D9g5wc.roa
Signing time: Fri 30 Aug 2024 04:53:22 +0000
ROA not before: Fri 30 Aug 2024 04:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199763
IP address blocks: 2a01:e281:a200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a1:a1:84:0e:83:ef:44:05:f9:7b:db:43:8e:93:af:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81
Validity
Not Before: Aug 30 04:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5352afa91db3ab23c7caecebba0e9de03f60e707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:55:d1:78:d9:1d:77:85:aa:f8:34:25:f8:d3:
d4:95:ec:66:b2:d2:85:28:36:6b:b6:59:a8:ac:5f:
70:0d:f7:01:70:2f:c5:0b:22:1f:2b:1b:57:96:6c:
df:65:9c:d7:89:ad:d9:a7:6f:f1:04:68:6c:22:f9:
d3:50:0d:b8:82:c3:e1:8a:07:d6:d0:e5:6b:85:1e:
bf:be:b0:6a:57:75:e9:a8:b0:d0:16:49:1a:5b:e2:
4d:74:74:91:d4:a0:13:6c:14:8e:ce:49:b6:c5:ff:
a0:99:dc:fb:35:24:00:85:15:2c:8c:17:34:b6:70:
a9:c2:3c:5c:22:e8:1e:38:df:c8:63:94:78:a3:9f:
82:95:a9:64:1a:12:23:c7:1b:1a:4f:46:02:e8:04:
90:b3:fd:04:31:a8:3a:7a:18:f8:4c:07:d8:18:b2:
f5:bd:b2:f6:7c:24:7f:8c:dc:5d:fa:02:d6:b2:3a:
0e:b4:71:19:42:92:28:c6:a7:27:b5:37:c6:53:20:
b4:70:c3:62:35:18:ea:3c:ab:3f:7c:c0:95:fe:2d:
e2:e8:4a:a9:c3:52:1a:0f:9b:37:f8:a4:f0:9b:e6:
88:8d:d4:03:c6:ec:d1:b5:3a:4a:8a:fa:f5:68:d0:
89:c9:73:16:86:1f:cb:ac:ae:bb:74:98:8c:b2:68:
da:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:52:AF:A9:1D:B3:AB:23:C7:CA:EC:EB:BA:0E:9D:E0:3F:60:E7:07
X509v3 Authority Key Identifier:
keyid:69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/U1KvqR2zqyPHyuzrug6d4D9g5wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e281:a200::/40
Signature Algorithm: sha256WithRSAEncryption
16:3e:c8:d6:aa:9c:60:58:91:28:45:0c:f4:cd:9d:fa:05:b1:
1c:f3:41:81:4b:95:61:67:92:1f:1b:8e:56:5e:aa:a2:ee:d7:
49:ff:a6:70:c9:41:37:ca:06:b5:0b:98:c4:6a:e1:98:eb:1a:
6d:bc:81:cd:a2:a9:02:d6:64:05:33:9f:61:aa:5d:70:48:96:
da:80:46:d1:2b:21:86:db:ee:71:7b:4e:ef:85:8c:8c:00:be:
6e:25:9a:df:e2:24:cd:0a:93:36:2b:ed:0a:0e:20:57:31:c0:
ea:d6:f3:e4:b6:25:37:79:56:8d:95:cb:d0:c8:df:2a:e2:0d:
6f:12:41:73:20:06:f0:5f:f7:83:95:0c:d2:78:23:0b:4b:4f:
67:c5:77:f0:9e:c6:68:f1:7c:18:14:64:9e:9b:89:66:7b:44:
dc:fe:99:e0:fb:02:48:69:f4:00:03:1b:e6:00:b2:08:ff:38:
5f:4c:3b:93:a3:25:45:70:21:52:15:f9:4d:01:bf:5b:a2:9b:
81:16:40:6e:19:57:e5:84:38:85:ee:4d:7e:da:ec:84:fd:36:
92:16:38:4a:65:97:ed:4d:24:11:dc:fb:53:33:c5:98:d2:a6:
20:c2:b6:d9:dc:f9:be:ea:ab:be:ed:c7:d5:ea:99:72:f8:53:
11:8e:7c:bc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZGhoYQOg+9EBfl720OOk69FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZGJlMWU3ZDllODdkNjg3MDFhNDAzNWE3NmM1MWJmZWNk
ODhkODEwHhcNMjQwODMwMDQ1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUyYWZhOTFkYjNhYjIzYzdjYWVjZWJiYTBlOWRlMDNmNjBlNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVXReNkdd4Wq+DQl+NPUlexmstKF
KDZrtlmorF9wDfcBcC/FCyIfKxtXlmzfZZzXia3Zp2/xBGhsIvnTUA24gsPhigfW
0OVrhR6/vrBqV3XpqLDQFkkaW+JNdHSR1KATbBSOzkm2xf+gmdz7NSQAhRUsjBc0
tnCpwjxcIugeON/IY5R4o5+ClalkGhIjxxsaT0YC6ASQs/0EMag6ehj4TAfYGLL1
vbL2fCR/jNxd+gLWsjoOtHEZQpIoxqcntTfGUyC0cMNiNRjqPKs/fMCV/i3i6Eqp
w1IaD5s3+KTwm+aIjdQDxuzRtTpKivr1aNCJyXMWhh/LrK67dJiMsmjayQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFNSr6kds6sjx8rs67oOneA/YOcHMB8GA1UdIwQY
MBaAFGnb4efZ6H1ocBpANadsUb/s2I2BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWIt
OGQ5NDU1M2I3NWUxLzEvVTFLdnFSMnpxeVBIeXV6cnVnNmQ0RDlnNXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWItOGQ5NDU1M2I3NWUx
LzEvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgHigaIw
DQYJKoZIhvcNAQELBQADggEBABY+yNaqnGBYkShFDPTNnfoFsRzzQYFLlWFnkh8b
jlZeqqLu10n/pnDJQTfKBrULmMRq4ZjrGm28gc2iqQLWZAUzn2GqXXBIltqARtEr
IYbb7nF7Tu+FjIwAvm4lmt/iJM0KkzYr7QoOIFcxwOrW8+S2JTd5Vo2Vy9DI3yri
DW8SQXMgBvBf94OVDNJ4IwtLT2fFd/CexmjxfBgUZJ6biWZ7RNz+meD7Akhp9AAD
G+YAsgj/OF9MO5OjJUVwIVIV+U0Bv1uim4EWQG4ZV+WEOIXuTX7a7IT9NpIWOEpl
l+1NJBHc+1MzxZjSpiDCttnc+b7qq77tx9XqmXL4UxGOfLw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:42 2024 by rpki-client on console-ams.rpki-client.org