Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/PnrC0g3J7tZ6Blelm_qXUTYGEd8.roa
File: PnrC0g3J7tZ6Blelm_qXUTYGEd8.roa (raw, json)
Hash identifier: qgYEC42V4/uvZxfBU1ijZvRPGdNSsBSq/xb2HztyJ70=
Subject key identifier: 3E:7A:C2:D2:0D:C9:EE:D6:7A:06:57:A5:9B:FA:97:51:36:06:11:DF
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 0191D8DC6770BF8FAB4B0F755CAD0F3812E0
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/PnrC0g3J7tZ6Blelm_qXUTYGEd8.roa
Signing time: Mon 09 Sep 2024 22:16:48 +0000
ROA not before: Mon 09 Sep 2024 22:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215633
IP address blocks: 2a09:2b80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:dc:67:70:bf:8f:ab:4b:0f:75:5c:ad:0f:38:12:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Sep 9 22:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e7ac2d20dc9eed67a0657a59bfa9751360611df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e3:79:40:fe:35:9e:64:f3:0a:28:b3:a5:b1:
52:19:33:8b:6f:a1:1b:7c:b1:12:83:72:23:be:64:
28:8e:cc:e9:af:96:2f:4b:26:86:aa:0d:92:d0:d6:
b2:39:2d:48:b6:d7:76:18:41:1b:84:3d:14:32:a8:
cb:7c:44:dc:50:77:f6:81:62:cd:91:ce:a7:00:a3:
d9:76:b3:67:ff:57:51:af:a6:01:87:5e:9a:27:78:
cf:29:00:de:21:41:b7:a5:a5:0e:f0:be:c4:16:98:
9f:4b:7e:da:d7:8d:07:44:8f:2d:f8:0c:ce:0e:b1:
a2:d4:2c:dc:3b:e7:21:e7:5a:60:90:88:43:95:3c:
66:67:0b:d2:ee:ff:f7:51:b6:b6:11:1b:80:43:01:
b0:3d:1c:b6:4e:63:d4:6d:eb:55:3d:6c:f8:7b:df:
25:1f:1b:96:78:e2:0d:43:af:8e:a0:7d:8e:9c:22:
bf:28:cd:37:ca:84:cf:cc:22:14:51:cf:c0:cd:9b:
57:08:05:e2:36:b8:14:2d:17:4d:16:84:85:4a:82:
db:c1:b5:bb:91:89:86:e3:fb:20:9a:9e:43:f8:8f:
78:30:21:00:21:67:66:8b:ef:18:0a:f4:24:f6:0b:
47:19:72:14:7b:1f:98:81:7a:da:47:f8:02:86:67:
78:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7A:C2:D2:0D:C9:EE:D6:7A:06:57:A5:9B:FA:97:51:36:06:11:DF
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/PnrC0g3J7tZ6Blelm_qXUTYGEd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:1::/48
Signature Algorithm: sha256WithRSAEncryption
71:73:c1:cf:ba:6f:1f:83:e3:c1:fc:85:92:52:9c:ef:5c:7c:
5d:28:d5:78:5a:de:50:d1:41:d4:c8:11:e7:ba:28:1d:ed:52:
ab:b1:4e:7d:4f:58:62:9d:7f:2e:93:d6:fa:8a:87:a2:e4:14:
be:f1:e0:e3:0c:3c:92:1e:bc:1e:5c:70:0f:23:16:c4:25:a0:
bf:1b:02:e0:00:bd:13:cd:75:45:04:ed:44:1f:73:85:78:47:
bd:1b:6f:b1:d5:47:68:07:2d:0f:3b:71:ba:34:06:45:4b:3d:
f4:43:0f:eb:84:ef:8c:5a:55:0e:81:f3:1b:aa:f9:16:4e:7e:
c0:af:61:f5:77:33:a9:53:04:9e:95:16:0f:2e:47:61:48:4e:
bb:0b:f5:81:20:2a:a6:a3:70:ef:39:53:0f:72:67:a7:cd:db:
86:44:d4:47:93:ac:79:ea:4b:63:12:6e:d4:b7:28:07:da:bf:
3a:b1:56:06:99:e1:b4:d7:79:2e:59:ca:9e:cc:62:03:d7:b4:
bf:8d:f7:44:29:3c:40:7a:be:33:73:84:a0:37:c9:98:71:a3:
3c:86:c2:16:ec:af:7a:42:1e:48:cb:83:9b:5b:d9:6f:96:c9:
f6:43:4d:fc:7a:16:53:2a:82:08:05:e0:da:c3:06:21:b5:29:
d2:4b:a2:0a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZHY3Gdwv4+rSw91XK0POBLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjQwOTA5MjIxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTdhYzJkMjBkYzllZWQ2N2EwNjU3YTU5YmZhOTc1MTM2MDYxMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ON5QP41nmTzCiizpbFSGTOLb6Eb
fLESg3IjvmQojszpr5YvSyaGqg2S0NayOS1Ittd2GEEbhD0UMqjLfETcUHf2gWLN
kc6nAKPZdrNn/1dRr6YBh16aJ3jPKQDeIUG3paUO8L7EFpifS37a140HRI8t+AzO
DrGi1CzcO+ch51pgkIhDlTxmZwvS7v/3Uba2ERuAQwGwPRy2TmPUbetVPWz4e98l
HxuWeOINQ6+OoH2OnCK/KM03yoTPzCIUUc/AzZtXCAXiNrgULRdNFoSFSoLbwbW7
kYmG4/sgmp5D+I94MCEAIWdmi+8YCvQk9gtHGXIUex+YgXraR/gChmd4ywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD56wtINye7WegZXpZv6l1E2BhHfMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvUG5yQzBnM0o3dFo2QmxlbG1fcVhVVFlHRWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBxc8HPum8fg+PB/IWSUpzvXHxdKNV4Wt5Q0UHU
yBHnuigd7VKrsU59T1hinX8uk9b6ioei5BS+8eDjDDySHrweXHAPIxbEJaC/GwLg
AL0TzXVFBO1EH3OFeEe9G2+x1UdoBy0PO3G6NAZFSz30Qw/rhO+MWlUOgfMbqvkW
Tn7Ar2H1dzOpUwSelRYPLkdhSE67C/WBICqmo3DvOVMPcmenzduGRNRHk6x56ktj
Em7UtygH2r86sVYGmeG013kuWcqezGID17S/jfdEKTxAer4zc4SgN8mYcaM8hsIW
7K96Qh5Iy4ObW9lvlsn2Q038ehZTKoIIBeDawwYhtSnSS6IK
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:41:38 2024 by rpki-client on console-ams.rpki-client.org