Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/drU5iAMUiEAlM9itISvWQzBvn8g.roa
File: drU5iAMUiEAlM9itISvWQzBvn8g.roa (raw, json)
Hash identifier: dhw56t3cAYbxwkuenzDS0Vv77jwgiIn38zdok8w2le4=
Subject key identifier: 76:B5:39:88:03:14:88:40:25:33:D8:AD:21:2B:D6:43:30:6F:9F:C8
Certificate issuer: /CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
Certificate serial: 018CC64A6CD6DC2A08C27FEDD9598C3F591E
Authority key identifier: 71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/drU5iAMUiEAlM9itISvWQzBvn8g.roa
Signing time: Mon 01 Jan 2024 18:30:15 +0000
ROA not before: Mon 01 Jan 2024 18:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a10:e344::/32 maxlen: 32
2a10:e342::/32 maxlen: 32
2a10:e346::/32 maxlen: 32
2a10:e343::/32 maxlen: 32
2a10:e345::/32 maxlen: 32
2a10:e347::/32 maxlen: 32
2a10:e341::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:6c:d6:dc:2a:08:c2:7f:ed:d9:59:8c:3f:59:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7139bc5cef3aeadf32613f7d959ec8e40a742918
Validity
Not Before: Jan 1 18:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76b53988031488402533d8ad212bd643306f9fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1e:fb:e7:3e:e0:55:ef:c9:10:28:e1:62:a6:
a0:56:d2:33:7e:16:4d:bb:b1:eb:cc:9d:ab:4f:f6:
88:84:7c:40:88:8d:31:17:8b:2b:85:05:44:de:79:
5d:0c:31:87:96:b3:7d:85:ec:a5:81:a3:5f:d5:8a:
f4:57:e1:3c:e5:b1:89:7a:c9:42:20:f5:c4:af:ba:
f3:04:2b:21:90:10:25:84:80:ae:88:da:f4:e7:3f:
79:9a:f3:e5:8f:29:2b:af:50:e3:a5:16:a8:60:97:
fd:7a:34:29:76:7b:b3:87:0d:b0:5e:69:99:0b:3b:
73:23:69:00:00:2e:37:54:bf:01:5a:7f:5c:20:24:
4e:54:b9:5f:b8:9d:7a:03:8a:b6:4e:05:58:26:78:
ac:a7:48:be:d4:7c:d9:93:b2:c2:c0:4f:ac:5b:02:
f2:c3:90:7a:14:5c:cb:d9:f5:b5:0b:d0:0d:6a:5e:
3a:7d:62:fb:ff:30:5f:48:59:50:0a:a9:64:d4:a5:
8b:25:a2:52:40:7f:30:8e:a1:79:10:19:8e:f6:b2:
24:a3:80:46:bf:c0:7e:86:6a:0a:66:fc:9b:8b:12:
a5:75:17:d5:dd:33:b0:31:93:9f:3c:86:bf:a0:4a:
e9:68:c8:6b:9f:e7:a9:ce:21:fe:98:fe:33:49:a7:
34:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B5:39:88:03:14:88:40:25:33:D8:AD:21:2B:D6:43:30:6F:9F:C8
X509v3 Authority Key Identifier:
keyid:71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/drU5iAMUiEAlM9itISvWQzBvn8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:e341::-2a10:e347:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
02:a5:ef:ac:0f:34:86:85:ad:7e:e0:df:06:d1:f0:80:21:8f:
2f:e6:f8:3a:ff:86:f3:04:79:4e:3e:5e:d9:2d:d6:15:3c:46:
84:d9:46:e6:67:5c:2a:c3:3e:80:65:fd:9c:bd:58:31:3c:a5:
65:8a:23:51:3b:4d:4f:d0:fe:77:6c:cf:d9:5b:e1:38:a1:68:
66:23:10:0a:ca:84:94:12:a8:57:a9:77:78:12:b4:4a:a5:90:
c5:a8:e4:42:2c:7c:dc:8f:47:86:ec:56:61:73:c4:dd:13:e6:
a8:d7:78:7d:bb:d9:c4:cd:29:76:31:fe:cd:ba:8d:68:b7:a7:
1f:00:8b:d7:de:bb:46:30:f4:82:bc:44:65:6f:10:f1:41:62:
ec:b6:19:f0:cd:44:e0:1f:46:2d:19:74:8d:8c:96:f3:6d:8c:
a9:39:77:d7:b3:b5:d0:ae:29:7a:db:10:4d:b3:9e:c0:e8:ea:
11:55:83:d5:46:48:c6:ef:3f:6b:35:20:47:c1:ad:36:8d:32:
1b:c9:87:2d:1a:bc:81:68:14:ab:36:fa:91:f0:4a:c1:85:86:
72:6c:7b:c7:0a:95:cf:54:5e:fa:bc:9b:62:99:83:b4:ca:54:
1b:0b:ad:d4:f8:6c:41:e8:45:1f:02:fb:f8:8d:f3:8e:11:79:
ce:ab:2c:0f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYzGSmzW3CoIwn/t2VmMP1keMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzliYzVjZWYzYWVhZGYzMjYxM2Y3ZDk1OWVjOGU0MGE3
NDI5MTgwHhcNMjQwMTAxMTgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI1Mzk4ODAzMTQ4ODQwMjUzM2Q4YWQyMTJiZDY0MzMwNmY5ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx775z7gVe/JECjhYqagVtIzfhZN
u7HrzJ2rT/aIhHxAiI0xF4srhQVE3nldDDGHlrN9heylgaNf1Yr0V+E85bGJeslC
IPXEr7rzBCshkBAlhICuiNr05z95mvPljykrr1DjpRaoYJf9ejQpdnuzhw2wXmmZ
CztzI2kAAC43VL8BWn9cICROVLlfuJ16A4q2TgVYJnisp0i+1HzZk7LCwE+sWwLy
w5B6FFzL2fW1C9ANal46fWL7/zBfSFlQCqlk1KWLJaJSQH8wjqF5EBmO9rIko4BG
v8B+hmoKZvybixKldRfV3TOwMZOfPIa/oErpaMhrn+epziH+mP4zSac0owIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFHa1OYgDFIhAJTPYrSEr1kMwb5/IMB8GA1UdIwQY
MBaAFHE5vFzvOurfMmE/fZWeyOQKdCkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYt
Nzk0YjI4ZWIxNmM1LzEvZHJVNWlBTVVpRUFsTTlpdElTdldRekJ2bjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYtNzk0YjI4ZWIxNmM1
LzEvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqEONB
AwUDKhDjQDANBgkqhkiG9w0BAQsFAAOCAQEAAqXvrA80hoWtfuDfBtHwgCGPL+b4
Ov+G8wR5Tj5e2S3WFTxGhNlG5mdcKsM+gGX9nL1YMTylZYojUTtNT9D+d2zP2Vvh
OKFoZiMQCsqElBKoV6l3eBK0SqWQxajkQix83I9HhuxWYXPE3RPmqNd4fbvZxM0p
djH+zbqNaLenHwCL1967RjD0grxEZW8Q8UFi7LYZ8M1E4B9GLRl0jYyW822MqTl3
17O10K4petsQTbOewOjqEVWD1UZIxu8/azUgR8GtNo0yG8mHLRq8gWgUqzb6kfBK
wYWGcmx7xwqVz1Re+rybYpmDtMpUGwut1PhsQehFHwL7+I3zjhF5zqssDw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:32:18 2024 by rpki-client on console-fra.rpki-client.org