Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/4qVpaGOAVvwgFJQwpb0c_QUQMGE.roa
File: 4qVpaGOAVvwgFJQwpb0c_QUQMGE.roa (raw, json)
Hash identifier: W+r545klIGuCsHZ8QGCQfkWKzNqch79gJYRWUiU5Ft4=
Subject key identifier: E2:A5:69:68:63:80:56:FC:20:14:94:30:A5:BD:1C:FD:05:10:30:61
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 018CC8DE807EFFE933354E7AA70E686F4D1F
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/4qVpaGOAVvwgFJQwpb0c_QUQMGE.roa
Signing time: Tue 02 Jan 2024 06:31:14 +0000
ROA not before: Tue 02 Jan 2024 06:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 2a07:290a::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:80:7e:ff:e9:33:35:4e:7a:a7:0e:68:6f:4d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 2 06:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2a56968638056fc20149430a5bd1cfd05103061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1e:06:c5:5c:7a:04:ae:32:19:26:19:0d:0f:
68:ca:ca:3a:94:3e:43:c1:d0:db:8e:45:ef:17:95:
53:5d:2c:f8:cb:07:3d:66:1e:fd:0d:2c:78:46:67:
e9:40:6d:b0:83:20:05:47:6e:06:d1:99:b7:1d:80:
d7:1f:fd:77:e5:af:57:3e:f3:6a:ed:20:c6:42:3e:
29:5a:36:f8:0a:46:13:05:42:c2:bb:3b:8f:09:96:
93:2e:49:42:fd:a1:16:01:f7:43:50:43:69:e9:07:
d7:6d:53:ca:de:00:eb:41:19:01:fd:1e:72:ea:e3:
b8:b7:df:08:ff:ee:4a:11:54:ce:16:24:78:fa:6b:
fb:17:1c:c0:d4:32:d3:c2:93:30:3c:3d:24:1f:da:
0a:ac:49:ef:7e:c8:6f:ae:af:72:c2:93:bd:a2:64:
bf:3b:e9:b3:b4:14:a7:13:d3:79:0c:43:48:d4:fd:
72:e6:bc:06:2a:c5:23:09:56:fa:24:34:02:33:6b:
22:4f:54:c3:6a:4a:dd:53:57:cb:dc:aa:9b:d8:22:
a8:af:21:5a:57:40:09:31:af:0a:a8:47:ac:10:d8:
48:62:29:6c:6f:0a:a9:99:84:24:4c:58:82:89:8d:
7f:46:20:f7:9f:f1:4c:fe:19:57:f4:07:4e:61:f4:
c6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A5:69:68:63:80:56:FC:20:14:94:30:A5:BD:1C:FD:05:10:30:61
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/4qVpaGOAVvwgFJQwpb0c_QUQMGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:290a::/32
Signature Algorithm: sha256WithRSAEncryption
45:91:5b:e4:40:21:53:11:8f:51:eb:b6:4c:c6:45:30:8d:67:
ce:f4:4b:aa:49:bd:86:e8:73:4c:bb:1e:4c:28:d5:e9:58:26:
dd:27:35:df:5b:87:3b:ee:fc:bb:b5:07:8e:59:e1:14:84:79:
5c:f5:4d:f3:85:97:3f:2f:bc:6f:69:97:cf:52:4e:5d:b0:3f:
ab:ec:3a:19:d3:90:cc:36:cb:68:bf:f3:77:ef:33:21:7d:e5:
d5:90:73:7f:3d:bc:c8:0d:62:94:42:53:18:92:c7:5b:d1:19:
1d:b1:ca:b9:86:ff:d6:25:90:6c:5c:bc:04:be:eb:9b:f6:dd:
cc:b7:c1:d9:5d:a0:a3:3a:73:06:b9:30:c1:d2:11:9a:b9:83:
1b:1c:c5:fc:2b:b2:c1:66:e1:4d:5a:77:6f:bf:15:59:33:a9:
4e:a6:0a:6d:5c:f6:02:2c:0b:6c:44:13:45:a1:03:ff:51:82:
59:7c:76:eb:0e:8b:2f:c3:39:37:cb:c0:34:1b:e9:77:87:51:
7c:a2:50:12:67:08:d4:98:14:a8:f0:21:80:d0:95:14:7f:f9:
0a:c6:73:b0:cd:52:ca:69:d9:1f:37:15:40:28:93:46:67:2c:
cf:41:78:c6:58:78:ca:33:d6:91:9f:8a:db:81:27:a6:09:01:
eb:27:02:07
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI3oB+/+kzNU56pw5ob00fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjQwMTAyMDYzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmE1Njk2ODYzODA1NmZjMjAxNDk0MzBhNWJkMWNmZDA1MTAzMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlB4GxVx6BK4yGSYZDQ9oyso6lD5D
wdDbjkXvF5VTXSz4ywc9Zh79DSx4RmfpQG2wgyAFR24G0Zm3HYDXH/135a9XPvNq
7SDGQj4pWjb4CkYTBULCuzuPCZaTLklC/aEWAfdDUENp6QfXbVPK3gDrQRkB/R5y
6uO4t98I/+5KEVTOFiR4+mv7FxzA1DLTwpMwPD0kH9oKrEnvfshvrq9ywpO9omS/
O+mztBSnE9N5DENI1P1y5rwGKsUjCVb6JDQCM2siT1TDakrdU1fL3Kqb2CKoryFa
V0AJMa8KqEesENhIYilsbwqpmYQkTFiCiY1/RiD3n/FM/hlX9AdOYfTGiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOKlaWhjgFb8IBSUMKW9HP0FEDBhMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvNHFWcGFHT0FWdndnRkpRd3BiMGNfUVVRTUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgcpCjAN
BgkqhkiG9w0BAQsFAAOCAQEARZFb5EAhUxGPUeu2TMZFMI1nzvRLqkm9huhzTLse
TCjV6Vgm3Sc131uHO+78u7UHjlnhFIR5XPVN84WXPy+8b2mXz1JOXbA/q+w6GdOQ
zDbLaL/zd+8zIX3l1ZBzfz28yA1ilEJTGJLHW9EZHbHKuYb/1iWQbFy8BL7rm/bd
zLfB2V2gozpzBrkwwdIRmrmDGxzF/CuywWbhTVp3b78VWTOpTqYKbVz2AiwLbEQT
RaED/1GCWXx26w6LL8M5N8vANBvpd4dRfKJQEmcI1JgUqPAhgNCVFH/5CsZzsM1S
ymnZHzcVQCiTRmcsz0F4xlh4yjPWkZ+K24EnpgkB6ycCBw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:14:09 2024 by rpki-client on console-fra.rpki-client.org