Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/75c017-162f-4d0b-97c9-013b2feb5d28/1/m1EYaxRsDl2drkBt4xluHF06w3E.roa
File: m1EYaxRsDl2drkBt4xluHF06w3E.roa (raw, json)
Hash identifier: 5ByPHf4QKj54X7I7NUZEZYnllBt0abGVTHON+op7t+4=
Subject key identifier: 9B:51:18:6B:14:6C:0E:5D:9D:AE:40:6D:E3:19:6E:1C:5D:3A:C3:71
Certificate issuer: /CN=896d50ab12dac757a8517f989e7317255a147c50
Certificate serial: 0190A172CF3D3788FBCD046F0B1908F92C94
Authority key identifier: 89:6D:50:AB:12:DA:C7:57:A8:51:7F:98:9E:73:17:25:5A:14:7C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW1QqxLax1eoUX-YnnMXJVoUfFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/75c017-162f-4d0b-97c9-013b2feb5d28/1/m1EYaxRsDl2drkBt4xluHF06w3E.roa
Signing time: Thu 11 Jul 2024 10:59:34 +0000
ROA not before: Thu 11 Jul 2024 10:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204916
IP address blocks: 2a05:53c0::/29 maxlen: 29
2a05:53c0::/32 maxlen: 32
2a05:53c1::/32 maxlen: 32
2a05:53c2::/32 maxlen: 32
2a05:53c3::/32 maxlen: 32
2a05:53c4::/32 maxlen: 32
2a05:53c5::/32 maxlen: 32
2a05:53c6::/32 maxlen: 32
2a05:53c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/75c017-162f-4d0b-97c9-013b2feb5d28/1/iW1QqxLax1eoUX-YnnMXJVoUfFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/75c017-162f-4d0b-97c9-013b2feb5d28/1/iW1QqxLax1eoUX-YnnMXJVoUfFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iW1QqxLax1eoUX-YnnMXJVoUfFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:72:cf:3d:37:88:fb:cd:04:6f:0b:19:08:f9:2c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896d50ab12dac757a8517f989e7317255a147c50
Validity
Not Before: Jul 11 10:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b51186b146c0e5d9dae406de3196e1c5d3ac371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:76:b0:11:eb:d1:1c:9b:e5:a3:5d:58:b4:e6:
1d:7e:c2:7c:ee:07:74:28:28:84:74:75:01:35:ea:
eb:b8:30:46:d1:ca:62:0a:fb:49:8f:df:61:f0:94:
3c:ac:ed:a2:68:d4:32:42:33:15:cb:15:6e:70:45:
a5:90:04:c3:2d:12:fd:f5:cf:c1:54:c7:22:82:c8:
aa:a5:7e:14:1c:eb:96:74:0b:5f:a1:19:dd:f3:e7:
8c:a0:61:be:68:1d:b6:c7:6e:de:30:a0:ee:0a:80:
01:5b:7d:aa:0a:35:13:98:47:82:49:e7:1a:6a:de:
21:7a:f5:7c:89:f9:ab:b7:81:2b:c4:e1:4b:e4:ac:
2d:a0:98:e4:4d:05:20:79:aa:9e:e1:a1:a5:1c:45:
32:b8:17:9b:6b:ce:08:a4:87:94:7e:bc:ab:5b:16:
de:65:92:fc:ae:df:d7:58:29:01:7e:27:2a:41:80:
27:4a:ac:9d:6d:57:3c:c1:3d:25:ec:ea:4b:45:5a:
01:3a:78:09:3e:7a:8d:4d:34:53:9b:69:df:3b:2d:
32:8a:43:54:9e:c1:69:a3:92:f7:22:f3:8e:bf:c6:
e1:a9:72:db:54:2f:c9:b2:bd:3a:2d:0f:05:de:cc:
83:c6:7e:2f:0f:3a:97:dd:f8:ba:1c:d0:23:26:07:
7c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:51:18:6B:14:6C:0E:5D:9D:AE:40:6D:E3:19:6E:1C:5D:3A:C3:71
X509v3 Authority Key Identifier:
keyid:89:6D:50:AB:12:DA:C7:57:A8:51:7F:98:9E:73:17:25:5A:14:7C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW1QqxLax1eoUX-YnnMXJVoUfFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/75c017-162f-4d0b-97c9-013b2feb5d28/1/m1EYaxRsDl2drkBt4xluHF06w3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/75c017-162f-4d0b-97c9-013b2feb5d28/1/iW1QqxLax1eoUX-YnnMXJVoUfFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:53c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:f2:d4:5c:d1:5a:6a:8f:ae:40:b4:2d:22:b9:09:be:27:7d:
78:d7:77:de:6a:98:22:7c:78:0a:e4:0a:3f:f6:b9:ce:b1:3a:
da:29:01:a2:25:0c:09:e9:bd:c6:9e:00:a8:d9:0c:64:a7:9b:
b3:06:b1:4b:0b:26:dc:89:98:b4:67:9e:6f:a7:30:fa:03:e8:
19:62:91:40:a8:48:f4:b8:6f:52:84:06:29:a9:04:0b:1c:9c:
7b:a3:1f:f9:7e:18:99:42:ae:de:fa:f3:b6:b1:19:7b:17:44:
6b:0d:22:c1:bc:8b:7d:d2:63:59:9f:c3:43:e5:e5:36:a3:7c:
8e:3a:35:59:22:f9:70:90:70:9c:48:74:11:b0:a9:9d:e0:d8:
5b:f9:98:68:ee:54:e8:7c:94:6c:4f:ac:c8:5f:dd:5d:1c:a6:
ba:b5:0d:a7:5c:e0:23:a0:43:3b:e1:de:43:1f:d3:f0:1b:89:
4d:1f:45:42:64:47:ef:08:a2:13:b1:f6:29:86:a4:c0:8a:7c:
a7:83:5a:63:f1:b6:50:96:0d:25:16:ea:8d:05:de:9f:df:58:
a9:24:5d:d8:d1:37:51:26:c7:f3:5d:4a:db:c9:20:27:a4:78:
7e:85:7f:a2:e2:9e:40:b3:92:06:ac:4e:f2:a8:40:27:00:3b:
b1:0b:61:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZChcs89N4j7zQRvCxkI+SyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmQ1MGFiMTJkYWM3NTdhODUxN2Y5ODllNzMxNzI1NWEx
NDdjNTAwHhcNMjQwNzExMTA1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjUxMTg2YjE0NmMwZTVkOWRhZTQwNmRlMzE5NmUxYzVkM2FjMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHawEevRHJvlo11YtOYdfsJ87gd0
KCiEdHUBNerruDBG0cpiCvtJj99h8JQ8rO2iaNQyQjMVyxVucEWlkATDLRL99c/B
VMcigsiqpX4UHOuWdAtfoRnd8+eMoGG+aB22x27eMKDuCoABW32qCjUTmEeCSeca
at4hevV8ifmrt4ErxOFL5KwtoJjkTQUgeaqe4aGlHEUyuBeba84IpIeUfryrWxbe
ZZL8rt/XWCkBficqQYAnSqydbVc8wT0l7OpLRVoBOngJPnqNTTRTm2nfOy0yikNU
nsFpo5L3IvOOv8bhqXLbVC/Jsr06LQ8F3syDxn4vDzqX3fi6HNAjJgd8XQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJtRGGsUbA5dna5AbeMZbhxdOsNxMB8GA1UdIwQY
MBaAFIltUKsS2sdXqFF/mJ5zFyVaFHxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVcxUXF4TGF4MWVvVVgtWW5uTVhKVm9VZkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83NWMwMTctMTYyZi00ZDBiLTk3Yzkt
MDEzYjJmZWI1ZDI4LzEvbTFFWWF4UnNEbDJkcmtCdDR4bHVIRjA2dzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83NWMwMTctMTYyZi00ZDBiLTk3YzktMDEzYjJmZWI1ZDI4
LzEvaVcxUXF4TGF4MWVvVVgtWW5uTVhKVm9VZkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVTwDAN
BgkqhkiG9w0BAQsFAAOCAQEAPvLUXNFaao+uQLQtIrkJvid9eNd33mqYInx4CuQK
P/a5zrE62ikBoiUMCem9xp4AqNkMZKebswaxSwsm3ImYtGeeb6cw+gPoGWKRQKhI
9LhvUoQGKakECxyce6Mf+X4YmUKu3vrztrEZexdEaw0iwbyLfdJjWZ/DQ+XlNqN8
jjo1WSL5cJBwnEh0EbCpneDYW/mYaO5U6HyUbE+syF/dXRymurUNp1zgI6BDO+He
Qx/T8BuJTR9FQmRH7wiiE7H2KYakwIp8p4NaY/G2UJYNJRbqjQXen99YqSRd2NE3
USbH811K28kgJ6R4foV/ouKeQLOSBqxO8qhAJwA7sQthog==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:19:44 2024 by rpki-client on console-fra.rpki-client.org