Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/qZbelJNZqn6rwGT-i2aqWn3YQ1o.roa
File: qZbelJNZqn6rwGT-i2aqWn3YQ1o.roa (raw, json)
Hash identifier: XDIhr/WXevbTApc//npl1BZ747nzjteYzri05SFDJTE=
Subject key identifier: A9:96:DE:94:93:59:AA:7E:AB:C0:64:FE:8B:66:AA:5A:7D:D8:43:5A
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 01910CD8CAC46B93716CD2F04310C30BF02A
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/qZbelJNZqn6rwGT-i2aqWn3YQ1o.roa
Signing time: Thu 01 Aug 2024 07:30:19 +0000
ROA not before: Thu 01 Aug 2024 07:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210107
IP address blocks: 2a05:d740::/32 maxlen: 32
2a05:d741::/32 maxlen: 32
2a05:d742::/32 maxlen: 32
2a05:d743::/32 maxlen: 32
2a05:d744::/32 maxlen: 32
2a05:d745::/32 maxlen: 32
2a05:d746::/32 maxlen: 32
2a05:d747::/32 maxlen: 32
2a06:e900::/32 maxlen: 32
2a06:e901::/32 maxlen: 32
2a06:e902::/32 maxlen: 32
2a06:e903::/32 maxlen: 32
2a06:e904::/32 maxlen: 32
2a06:e905::/32 maxlen: 32
2a06:e906::/32 maxlen: 32
2a06:e907::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0c:d8:ca:c4:6b:93:71:6c:d2:f0:43:10:c3:0b:f0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Aug 1 07:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a996de949359aa7eabc064fe8b66aa5a7dd8435a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:4d:2c:20:15:71:3d:6c:66:f7:45:70:d2:e5:
5a:cf:41:1a:79:49:83:11:43:2e:ba:13:98:f2:bf:
23:ee:77:84:c7:c6:d6:16:04:2c:76:5d:fe:5d:e9:
f7:dd:70:a0:79:90:be:a8:ed:2d:24:0b:a5:e9:11:
c7:bf:9f:ad:ed:2b:c2:4c:16:e4:18:8c:76:a6:55:
ea:2e:e6:ab:6a:a8:f7:ce:4a:4c:78:5a:9a:22:b4:
cb:67:65:70:eb:12:83:4f:63:c4:3c:49:46:67:14:
4c:74:92:a0:a9:cc:b2:a1:1b:eb:3b:ed:ec:db:f4:
25:c0:d3:d7:30:d2:2e:81:65:4b:db:02:7d:7e:47:
e3:1b:3e:1d:7d:36:d7:18:df:b1:98:15:43:38:15:
a8:0e:f7:3b:d4:7f:0a:99:bf:5b:76:98:1d:46:37:
47:eb:a6:65:2d:2e:64:84:74:30:99:3f:90:b2:5e:
6b:d1:d4:72:7a:b9:39:15:d8:b8:7e:ef:38:10:1c:
1c:8c:56:5b:fe:0d:ea:39:b3:9b:8a:8b:d5:f7:d6:
76:81:79:3f:03:e3:c0:31:f9:7f:8e:dd:87:97:17:
7c:0b:b2:bc:07:62:4b:77:18:ba:e5:66:25:9a:ee:
b5:d0:18:98:99:59:ce:5f:f8:68:64:af:ff:45:d1:
c6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:96:DE:94:93:59:AA:7E:AB:C0:64:FE:8B:66:AA:5A:7D:D8:43:5A
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/qZbelJNZqn6rwGT-i2aqWn3YQ1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d740::/29
2a06:e900::/29
Signature Algorithm: sha256WithRSAEncryption
9f:00:23:fc:b0:6e:8c:b3:06:90:73:35:9c:ab:6d:f1:86:4c:
2f:af:5f:5f:42:d0:92:c8:33:d1:a6:be:36:c8:1f:92:43:2f:
f9:cb:e8:70:50:2e:75:a5:bf:b0:ae:b5:10:11:57:ec:12:be:
54:32:9b:94:f0:0f:d5:37:ef:fa:7a:db:73:b6:fb:3c:20:9e:
4a:cd:c9:8b:78:30:c5:ef:b2:8a:68:72:ba:be:13:3b:a4:f0:
2f:9d:27:0f:63:0d:ab:a7:c5:33:79:58:8e:ff:65:ea:44:ec:
a0:1e:c9:3c:f6:56:a1:cd:c6:03:ff:4c:4b:99:41:be:8a:35:
76:09:1f:8e:5f:83:b4:c5:ec:31:7c:8c:4e:f5:d2:2c:d3:a6:
a1:69:39:95:c8:4e:45:27:31:bb:8c:99:36:1b:9b:a6:cc:25:
01:8c:85:02:1c:03:c3:d1:44:46:dc:04:ff:33:bd:b8:0c:d1:
e8:a8:27:3b:b2:2f:eb:9c:b9:66:3e:40:c4:68:10:e7:6c:ac:
20:39:3f:22:6d:8b:ee:5e:50:01:2a:12:9d:01:06:30:37:3e:
b3:3b:06:cd:19:76:54:d8:0e:27:60:4a:48:ff:57:1e:08:85:
20:9f:6f:06:b3:d5:e4:83:cd:e5:14:ec:1e:c6:28:d1:a2:70:
a4:9d:d1:34
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZEM2MrEa5NxbNLwQxDDC/AqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQwODAxMDczMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTk2ZGU5NDkzNTlhYTdlYWJjMDY0ZmU4YjY2YWE1YTdkZDg0MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8U0sIBVxPWxm90Vw0uVaz0EaeUmD
EUMuuhOY8r8j7neEx8bWFgQsdl3+Xen33XCgeZC+qO0tJAul6RHHv5+t7SvCTBbk
GIx2plXqLuaraqj3zkpMeFqaIrTLZ2Vw6xKDT2PEPElGZxRMdJKgqcyyoRvrO+3s
2/QlwNPXMNIugWVL2wJ9fkfjGz4dfTbXGN+xmBVDOBWoDvc71H8Kmb9bdpgdRjdH
66ZlLS5khHQwmT+Qsl5r0dRyerk5Fdi4fu84EBwcjFZb/g3qObObiovV99Z2gXk/
A+PAMfl/jt2Hlxd8C7K8B2JLdxi65WYlmu610BiYmVnOX/hoZK//RdHGLwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKmW3pSTWap+q8Bk/otmqlp92ENaMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvcVpiZWxKTlpxbjZyd0dULWkyYXFXbjNZUTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgXXQAMF
AyoG6QAwDQYJKoZIhvcNAQELBQADggEBAJ8AI/ywboyzBpBzNZyrbfGGTC+vX19C
0JLIM9GmvjbIH5JDL/nL6HBQLnWlv7CutRARV+wSvlQym5TwD9U37/p623O2+zwg
nkrNyYt4MMXvsopocrq+Ezuk8C+dJw9jDaunxTN5WI7/ZepE7KAeyTz2VqHNxgP/
TEuZQb6KNXYJH45fg7TF7DF8jE710izTpqFpOZXITkUnMbuMmTYbm6bMJQGMhQIc
A8PRREbcBP8zvbgM0eioJzuyL+ucuWY+QMRoEOdsrCA5PyJti+5eUAEqEp0BBjA3
PrM7Bs0ZdlTYDidgSkj/Vx4IhSCfbwaz1eSDzeUU7B7GKNGicKSd0TQ=
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:25:20 2024 by rpki-client on console-fra.rpki-client.org