Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0vC1pfhQ5bu_Wm1yH-SRDd2XF1I.roa
File: 0vC1pfhQ5bu_Wm1yH-SRDd2XF1I.roa (raw, json)
Hash identifier: aaM23s8zGC7ORntOjZn8iOB03vp0Y+DmX1oL1xeH+hI=
Subject key identifier: D2:F0:B5:A5:F8:50:E5:BB:BF:5A:6D:72:1F:E4:91:0D:DD:97:17:52
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01927DA8438469C562FDFBD56D5D93750889
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0vC1pfhQ5bu_Wm1yH-SRDd2XF1I.roa
Signing time: Fri 11 Oct 2024 22:17:12 +0000
ROA not before: Fri 11 Oct 2024 22:17:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:e8c0::/29 maxlen: 29
2a11:ea80::/29 maxlen: 29
2a11:ff40::/29 maxlen: 29
2a12:1040::/29 maxlen: 29
2a12:2e80::/29 maxlen: 29
2a12:3c00::/29 maxlen: 29
2a12:8a00::/29 maxlen: 29
2a12:9300::/29 maxlen: 29
2a12:d080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7d:a8:43:84:69:c5:62:fd:fb:d5:6d:5d:93:75:08:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Oct 11 22:17:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2f0b5a5f850e5bbbf5a6d721fe4910ddd971752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9e:ad:b1:16:ec:23:4d:e7:f8:a7:7d:59:41:
2c:67:85:04:cb:92:44:4b:d7:88:c8:3d:6e:45:de:
4f:ab:be:65:c8:0e:80:60:01:09:3e:60:67:0e:c9:
57:d3:1a:cb:bd:ec:03:28:71:7b:09:84:0d:1d:c3:
c5:e1:08:65:ca:0a:05:54:b3:31:d1:4c:17:f7:11:
ce:af:04:ba:62:ba:de:ce:1c:09:43:fb:18:53:af:
96:ac:18:ba:e9:30:5c:7f:55:df:12:c5:6b:29:77:
ea:3c:35:e9:77:d5:29:90:32:df:57:03:06:db:4e:
bd:74:7f:55:83:d0:e3:c3:ef:fc:64:2e:df:80:74:
0e:47:1c:6a:55:bf:40:85:d9:38:46:80:98:c8:1c:
bc:b0:e4:bd:24:43:8b:50:e0:ef:98:8d:af:ca:24:
50:80:79:ae:4c:dd:91:2b:fb:dd:2a:f9:68:19:8d:
e7:3c:22:37:ef:f5:95:f9:b6:1c:1a:8a:52:4a:a4:
59:02:6d:be:5f:40:5c:82:d9:a9:fd:2b:d7:9a:b1:
9f:89:fd:5c:a1:43:4e:6c:44:72:3d:e4:83:73:41:
be:8e:3c:1d:c3:18:28:12:09:07:06:2a:c5:d9:eb:
a3:5f:b2:eb:df:46:c3:62:7d:60:bd:9f:8d:be:f6:
a5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F0:B5:A5:F8:50:E5:BB:BF:5A:6D:72:1F:E4:91:0D:DD:97:17:52
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0vC1pfhQ5bu_Wm1yH-SRDd2XF1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e8c0::/29
2a11:ea80::/29
2a11:ff40::/29
2a12:1040::/29
2a12:2e80::/29
2a12:3c00::/29
2a12:8a00::/29
2a12:9300::/29
2a12:d080::/29
Signature Algorithm: sha256WithRSAEncryption
98:54:4f:6e:bb:fe:ca:18:b9:95:bc:18:a7:ea:ed:06:f8:e5:
5e:2d:ce:63:07:8e:28:60:75:e4:c7:b2:60:d1:66:0a:55:de:
d2:9f:f5:1e:b8:d6:96:c6:3d:2a:ab:c2:27:a2:6b:75:b5:be:
46:62:65:0b:dc:78:be:4a:35:a1:03:87:1c:9a:94:ac:de:ac:
04:91:6f:80:13:1b:d7:bd:e2:b3:ae:39:1a:f7:90:d9:7a:76:
a0:f9:b9:ad:c2:41:9f:1b:8e:91:89:01:6c:04:a3:62:e2:66:
40:05:9c:ee:5e:b9:32:17:30:81:78:d4:8f:e8:94:5f:db:f5:
cf:f5:b4:4a:ed:9d:00:a0:58:c4:51:3e:a4:9c:94:47:3e:9a:
b9:cb:00:fb:70:07:18:fe:6d:f3:f4:3d:f9:da:ed:6f:1e:c8:
43:f2:47:49:ab:c1:d0:e0:fe:5c:ae:a8:92:16:9a:c3:8f:3a:
27:5c:e4:4d:65:04:ab:7d:ff:1f:93:83:6b:32:be:c1:c2:54:
85:dc:0d:33:b1:c2:d8:26:a1:d1:34:43:25:68:e4:9e:ef:63:
de:17:52:20:dc:8d:5c:ff:31:a4:97:22:12:81:19:0a:99:11:
af:df:4b:ee:ad:33:cf:df:29:f0:08:49:8b:77:32:7f:e4:07:
84:a1:1e:57
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZJ9qEOEacVi/fvVbV2TdQiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQxMDExMjIxNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYwYjVhNWY4NTBlNWJiYmY1YTZkNzIxZmU0OTEwZGRkOTcxNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Z6tsRbsI03n+Kd9WUEsZ4UEy5JE
S9eIyD1uRd5Pq75lyA6AYAEJPmBnDslX0xrLvewDKHF7CYQNHcPF4QhlygoFVLMx
0UwX9xHOrwS6YrrezhwJQ/sYU6+WrBi66TBcf1XfEsVrKXfqPDXpd9UpkDLfVwMG
2069dH9Vg9Djw+/8ZC7fgHQORxxqVb9Ahdk4RoCYyBy8sOS9JEOLUODvmI2vyiRQ
gHmuTN2RK/vdKvloGY3nPCI37/WV+bYcGopSSqRZAm2+X0Bcgtmp/SvXmrGfif1c
oUNObERyPeSDc0G+jjwdwxgoEgkHBirF2eujX7Lr30bDYn1gvZ+NvvalrwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNLwtaX4UOW7v1ptch/kkQ3dlxdSMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMHZDMXBmaFE1YnVfV20xeUgtU1JEZDJYRjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKhHowAMF
AyoR6oADBQMqEf9AAwUDKhIQQAMFAyoSLoADBQMqEjwAAwUDKhKKAAMFAyoSkwAD
BQMqEtCAMA0GCSqGSIb3DQEBCwUAA4IBAQCYVE9uu/7KGLmVvBin6u0G+OVeLc5j
B44oYHXkx7Jg0WYKVd7Sn/UeuNaWxj0qq8Inomt1tb5GYmUL3Hi+SjWhA4ccmpSs
3qwEkW+AExvXveKzrjka95DZenag+bmtwkGfG46RiQFsBKNi4mZABZzuXrkyFzCB
eNSP6JRf2/XP9bRK7Z0AoFjEUT6knJRHPpq5ywD7cAcY/m3z9D352u1vHshD8kdJ
q8HQ4P5crqiSFprDjzonXORNZQSrff8fk4NrMr7BwlSF3A0zscLYJqHRNEMlaOSe
72PeF1Ig3I1c/zGklyISgRkKmRGv30vurTPP3ynwCEmLdzJ/5AeEoR5X
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:15:30 2024 by rpki-client on console-fra.rpki-client.org