Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/bt_XrLZM8HMf_z4vQeK5KtExbQk.roa
File: bt_XrLZM8HMf_z4vQeK5KtExbQk.roa (raw, json)
Hash identifier: EHWP520ZfRXlMFbLdNqjrsgOxGjgZeV7CGfEgMOshW8=
Subject key identifier: 6E:DF:D7:AC:B6:4C:F0:73:1F:FF:3E:2F:41:E2:B9:2A:D1:31:6D:09
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0193251FA2FCC68DD5EB729B335F566BE6D5
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/bt_XrLZM8HMf_z4vQeK5KtExbQk.roa
Signing time: Wed 13 Nov 2024 10:44:10 +0000
ROA not before: Wed 13 Nov 2024 10:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a06:d640::/32 maxlen: 32
2a06:d646::/32 maxlen: 32
2a09:e302::/32 maxlen: 32
2a09:ef01::/32 maxlen: 32
2a09:ef02::/32 maxlen: 32
2a09:ef05::/32 maxlen: 32
2a09:ef07::/32 maxlen: 32
2a0a:b385::/32 maxlen: 32
2a0d:3c44::/32 maxlen: 32
2a0d:95c1::/32 maxlen: 32
2a0d:95c5::/32 maxlen: 32
2a0d:afc0::/32 maxlen: 32
2a0d:c105::/32 maxlen: 32
2a0f:3102::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:1f:a2:fc:c6:8d:d5:eb:72:9b:33:5f:56:6b:e6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Nov 13 10:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6edfd7acb64cf0731fff3e2f41e2b92ad1316d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:5e:43:f5:10:c7:0f:b3:42:f1:27:3b:71:59:
7e:f9:68:13:7b:57:88:75:23:8d:23:20:fa:98:bd:
d5:97:1d:f8:cd:17:f6:6b:dd:cc:84:7b:9d:52:15:
75:69:a4:b3:8b:f8:b2:eb:4e:a6:ee:68:b4:c7:fe:
ff:9a:8a:a6:27:44:28:66:c2:b5:cc:f5:b1:ca:88:
16:04:a3:b4:89:80:8e:c2:8d:0d:90:07:be:f5:99:
d2:fa:6d:90:4c:ed:52:51:09:dc:b6:36:48:0e:70:
6d:89:44:5e:65:67:2a:b0:2a:25:be:be:ba:ba:bc:
36:fe:d4:1a:05:9f:4a:a0:dc:3c:c4:93:53:ef:a7:
20:f0:cf:df:36:09:8e:10:35:81:ae:86:13:00:1c:
da:78:16:10:d4:83:35:39:d9:e6:37:78:66:b6:1b:
f3:0f:93:07:cc:97:1c:9c:93:f7:50:e9:80:2f:4c:
66:01:a0:6d:a8:cd:83:5e:52:d8:36:2a:23:a1:b9:
a9:4b:54:af:e9:86:d3:f9:c8:65:e3:23:ed:42:a6:
ef:c9:54:ad:d3:5a:9b:2f:fa:0f:d5:06:da:25:32:
33:f8:78:39:89:f8:c7:6a:04:f6:f5:ec:47:37:92:
ee:fe:da:1e:b2:46:50:63:93:cd:69:31:8f:12:db:
18:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DF:D7:AC:B6:4C:F0:73:1F:FF:3E:2F:41:E2:B9:2A:D1:31:6D:09
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/bt_XrLZM8HMf_z4vQeK5KtExbQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d640::/32
2a06:d646::/32
2a09:e302::/32
2a09:ef01::-2a09:ef02:ffff:ffff:ffff:ffff:ffff:ffff
2a09:ef05::/32
2a09:ef07::/32
2a0a:b385::/32
2a0d:3c44::/32
2a0d:95c1::/32
2a0d:95c5::/32
2a0d:afc0::/32
2a0d:c105::/32
2a0f:3102::/32
Signature Algorithm: sha256WithRSAEncryption
96:79:f5:09:ed:42:2e:c2:b1:84:07:a2:0e:8a:a8:4c:e3:7c:
c9:ad:46:f8:5a:8b:00:b8:13:fd:74:3a:92:1f:02:e0:6b:2e:
cb:5c:ef:d3:a8:5e:d8:c4:af:8b:31:8b:d1:08:94:70:dd:5e:
df:44:43:0b:bc:97:a4:e2:81:cf:39:91:62:e2:a0:70:2b:18:
be:2f:ca:23:7a:64:b2:7f:5f:7c:f9:ac:ce:fc:17:43:00:26:
11:e3:6f:b5:56:ee:d0:cb:3b:16:cb:15:0c:4a:c4:a8:05:1f:
10:fc:41:72:71:d8:9d:14:25:9a:25:cb:dc:ef:ed:87:82:62:
dc:bc:b4:d2:2f:b2:83:80:41:fe:a4:9f:f0:55:6c:47:bf:58:
d4:90:7f:ff:d4:f6:9a:c3:2a:0f:d4:9b:31:91:9b:bd:13:ed:
2b:02:0d:73:77:58:f4:02:88:f3:f7:3d:1c:b3:c3:b7:4c:80:
5e:94:9b:c9:51:75:5d:55:65:f6:3f:a8:4e:5e:5d:47:91:8d:
e4:60:f4:4d:4c:a9:f4:cd:a0:fd:1e:a6:af:a3:79:a6:ca:55:
ff:b2:cb:ca:0e:53:72:03:44:a0:4d:69:31:8c:bc:3e:ef:b4:
cd:58:73:f9:bc:14:33:7b:84:38:b6:cb:e5:51:d2:fc:aa:9a:
b2:ab:6d:1a
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZMlH6L8xo3V63KbM19Wa+bVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQxMTEzMTA0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRmZDdhY2I2NGNmMDczMWZmZjNlMmY0MWUyYjkyYWQxMzE2ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8V5D9RDHD7NC8Sc7cVl++WgTe1eI
dSONIyD6mL3Vlx34zRf2a93MhHudUhV1aaSzi/iy606m7mi0x/7/moqmJ0QoZsK1
zPWxyogWBKO0iYCOwo0NkAe+9ZnS+m2QTO1SUQnctjZIDnBtiUReZWcqsColvr66
urw2/tQaBZ9KoNw8xJNT76cg8M/fNgmOEDWBroYTABzaeBYQ1IM1OdnmN3hmthvz
D5MHzJccnJP3UOmAL0xmAaBtqM2DXlLYNiojobmpS1Sv6YbT+chl4yPtQqbvyVSt
01qbL/oP1QbaJTIz+Hg5ifjHagT29exHN5Lu/toeskZQY5PNaTGPEtsYPwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFG7f16y2TPBzH/8+L0HiuSrRMW0JMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvYnRfWHJMWk04SE1mX3o0dlFlSzVLdEV4YlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAAjBkAwUAKgbWQAMF
ACoG1kYDBQAqCeMCMA4DBQAqCe8BAwUAKgnvAgMFACoJ7wUDBQAqCe8HAwUAKgqz
hQMFACoNPEQDBQAqDZXBAwUAKg2VxQMFACoNr8ADBQAqDcEFAwUAKg8xAjANBgkq
hkiG9w0BAQsFAAOCAQEAlnn1Ce1CLsKxhAeiDoqoTON8ya1G+FqLALgT/XQ6kh8C
4Gsuy1zv06he2MSvizGL0QiUcN1e30RDC7yXpOKBzzmRYuKgcCsYvi/KI3pksn9f
fPmszvwXQwAmEeNvtVbu0Ms7FssVDErEqAUfEPxBcnHYnRQlmiXL3O/th4Ji3Ly0
0i+yg4BB/qSf8FVsR79Y1JB//9T2msMqD9SbMZGbvRPtKwINc3dY9AKI8/c9HLPD
t0yAXpSbyVF1XVVl9j+oTl5dR5GN5GD0TUyp9M2g/R6mr6N5pspV/7LLyg5TcgNE
oE1pMYy8Pu+0zVhz+bwUM3uEOLbL5VHS/KqasqttGg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:33 2024 by rpki-client on console-fra.rpki-client.org