Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/twey3cA4H8FRbp1ijTB-n7DZTLQ.roa
File: twey3cA4H8FRbp1ijTB-n7DZTLQ.roa (raw, json)
Hash identifier: NSw10HhP6bSOF+QRxD8fYbNYatzMww4BaNwMEOrvi78=
Subject key identifier: B7:07:B2:DD:C0:38:1F:C1:51:6E:9D:62:8D:30:7E:9F:B0:D9:4C:B4
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 018FA563A76AD0BAED622A926CEA003C89CF
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/twey3cA4H8FRbp1ijTB-n7DZTLQ.roa
Signing time: Thu 23 May 2024 12:18:42 +0000
ROA not before: Thu 23 May 2024 12:18:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214868
IP address blocks: 2a09:be41::/32 maxlen: 48
2a09:be42::/32 maxlen: 48
2a09:be43::/32 maxlen: 48
2a09:be44::/32 maxlen: 48
2a09:be45::/32 maxlen: 48
2a09:be46::/32 maxlen: 48
2a09:be47::/32 maxlen: 48
2a12:49c0::/29 maxlen: 48
2a12:49c0::/32 maxlen: 48
2a12:49c1::/32 maxlen: 48
2a12:49c2::/32 maxlen: 48
2a12:49c3::/32 maxlen: 48
2a12:49c4::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.mft
rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:63:a7:6a:d0:ba:ed:62:2a:92:6c:ea:00:3c:89:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: May 23 12:18:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b707b2ddc0381fc1516e9d628d307e9fb0d94cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:da:a9:ca:f4:41:e7:d9:76:98:71:37:b4:a8:
0d:c2:93:ab:00:9f:e7:b4:b5:51:7e:61:84:c3:0a:
3c:e3:58:19:51:c3:f3:64:a6:b5:ef:0a:98:51:15:
c0:b5:c2:85:12:f3:06:4b:84:4c:67:63:ae:7a:18:
33:b2:d0:ee:38:a5:03:3a:33:b5:b1:ef:f4:4a:c0:
b2:78:dd:27:b7:58:4f:df:ab:b2:71:4c:56:71:b8:
75:5a:e6:03:b5:57:b1:ca:2a:26:97:36:b5:ed:d4:
e8:ee:1f:f4:2a:2e:a9:df:8d:e2:99:c5:9f:d5:ff:
8a:24:14:5d:37:d0:13:6b:19:79:78:d3:4d:9a:25:
75:41:5c:65:74:f2:41:54:ea:5a:26:0b:a0:67:d7:
a2:2a:f2:aa:f3:55:14:a9:82:cd:ef:6d:0e:72:c7:
2a:46:e0:d6:20:3a:fe:88:55:a3:a5:cc:43:e2:66:
ed:82:b0:d1:bd:9a:07:a3:89:2a:0b:8a:ec:fc:9c:
f0:73:dc:02:59:cd:44:2c:ca:06:30:f7:1d:68:f6:
03:c6:5b:84:c4:fe:a1:27:33:a9:15:ba:20:31:c6:
b2:75:e1:bb:d3:2a:17:b3:41:01:bc:bb:a2:76:90:
7e:dc:14:9e:1b:6e:5a:9f:44:79:c9:d4:23:1a:d0:
eb:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:07:B2:DD:C0:38:1F:C1:51:6E:9D:62:8D:30:7E:9F:B0:D9:4C:B4
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/twey3cA4H8FRbp1ijTB-n7DZTLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:ee:70:d2:8c:ac:4e:74:dd:ff:14:eb:d5:a0:e7:7c:bb:63:
27:61:d9:be:5f:23:99:65:4d:46:e0:20:e1:2c:94:51:5a:8d:
e8:89:98:ca:08:4b:8d:a6:35:ae:2a:6d:f3:2d:05:06:36:af:
14:47:85:ff:cf:87:e9:bd:b4:bc:9e:db:ba:72:27:77:82:58:
40:3b:06:45:68:e8:55:59:a8:fb:21:90:8f:e6:35:8f:2e:69:
35:80:8d:4a:fb:94:8c:91:25:cf:99:b0:9a:78:98:47:37:ee:
77:e6:af:62:a0:80:76:b9:87:1c:21:84:3d:f3:d0:6c:59:81:
69:63:d5:23:4d:f6:6b:72:7c:bd:5c:70:e8:7e:ce:04:f2:46:
ef:e9:73:a4:7d:46:5a:0f:8f:03:d1:ad:93:aa:3d:a1:52:8f:
8d:70:86:45:96:5a:b9:eb:a6:d0:6d:ac:e8:37:dc:65:f3:a7:
c0:54:52:45:ea:b9:00:41:6c:23:34:d3:88:09:1f:66:35:ea:
36:66:4e:0c:fb:ee:fc:40:a3:71:66:a3:f4:57:3a:48:0a:75:
97:cc:4b:0f:db:6e:88:e0:b1:c7:39:7c:6f:0a:40:2f:bd:d3:
4b:32:94:6d:6d:77:ab:06:f7:4a:e1:6c:3b:86:b3:a0:de:f6:
e1:6d:0a:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+lY6dq0LrtYiqSbOoAPInPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjQwNTIzMTIxODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA3YjJkZGMwMzgxZmMxNTE2ZTlkNjI4ZDMwN2U5ZmIwZDk0Y2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktqpyvRB59l2mHE3tKgNwpOrAJ/n
tLVRfmGEwwo841gZUcPzZKa17wqYURXAtcKFEvMGS4RMZ2OuehgzstDuOKUDOjO1
se/0SsCyeN0nt1hP36uycUxWcbh1WuYDtVexyiomlza17dTo7h/0Ki6p343imcWf
1f+KJBRdN9ATaxl5eNNNmiV1QVxldPJBVOpaJgugZ9eiKvKq81UUqYLN720Ocscq
RuDWIDr+iFWjpcxD4mbtgrDRvZoHo4kqC4rs/Jzwc9wCWc1ELMoGMPcdaPYDxluE
xP6hJzOpFbogMcaydeG70yoXs0EBvLuidpB+3BSeG25an0R5ydQjGtDr3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcHst3AOB/BUW6dYo0wfp+w2Uy0MB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvdHdleTNjQTRIOEZSYnAxaWpUQi1uN0RaVExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQAqCb5B
AwUDKgm+QAMFAyoSScAwDQYJKoZIhvcNAQELBQADggEBABfucNKMrE503f8U69Wg
53y7Yydh2b5fI5llTUbgIOEslFFajeiJmMoIS42mNa4qbfMtBQY2rxRHhf/Ph+m9
tLye27pyJ3eCWEA7BkVo6FVZqPshkI/mNY8uaTWAjUr7lIyRJc+ZsJp4mEc37nfm
r2KggHa5hxwhhD3z0GxZgWlj1SNN9mtyfL1ccOh+zgTyRu/pc6R9RloPjwPRrZOq
PaFSj41whkWWWrnrptBtrOg33GXzp8BUUkXquQBBbCM004gJH2Y16jZmTgz77vxA
o3Fmo/RXOkgKdZfMSw/bbojgscc5fG8KQC+900sylG1td6sG90rhbDuGs6De9uFt
Cjw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:40:33 2024 by rpki-client on console-ams.rpki-client.org