Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/tAN-VyDNRyGrStC5meTP3CeE2S4.roa
File: tAN-VyDNRyGrStC5meTP3CeE2S4.roa (raw, json)
Hash identifier: izBxzGJUOgVsKnRDQNgcZQt2lpzqtb6PNGonjZHnSFU=
Subject key identifier: B4:03:7E:57:20:CD:47:21:AB:4A:D0:B9:99:E4:CF:DC:27:84:D9:2E
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 0192EC706443597B6B574DCECA6CE2722BAB
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/tAN-VyDNRyGrStC5meTP3CeE2S4.roa
Signing time: Sat 02 Nov 2024 10:34:01 +0000
ROA not before: Sat 02 Nov 2024 10:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 2a0a:37c0::/29 maxlen: 29
2a0a:37c0::/32 maxlen: 32
2a0a:37c1::/32 maxlen: 32
2a0a:37c2::/32 maxlen: 32
2a0a:37c3::/32 maxlen: 32
2a0a:37c4::/32 maxlen: 32
2a0a:37c5::/32 maxlen: 32
2a0a:37c6::/32 maxlen: 32
2a0a:37c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:70:64:43:59:7b:6b:57:4d:ce:ca:6c:e2:72:2b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Nov 2 10:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4037e5720cd4721ab4ad0b999e4cfdc2784d92e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b2:cb:8d:6b:5a:c4:d7:be:22:00:f6:61:c1:
25:0b:26:c4:1d:03:87:f8:15:51:e0:b7:41:21:46:
6c:9d:d9:8e:7f:1e:4c:6c:1d:ca:7f:8f:2d:7a:bc:
22:6a:8a:71:50:a2:7c:44:28:19:08:3d:0d:38:35:
5d:0c:38:89:4e:2d:e6:cd:eb:83:a3:7f:bb:a7:7d:
4a:b6:f6:17:77:4d:51:be:37:ef:66:65:cc:fc:77:
20:d0:50:74:38:fd:e4:d1:f1:1d:a7:14:a6:1b:0c:
4c:f6:83:ea:6d:71:0e:36:42:e0:90:dd:83:df:9e:
fd:dc:6b:be:b3:d5:5e:e5:0b:1d:fe:57:85:44:84:
0d:39:45:ca:f3:8f:d2:73:82:1e:23:7b:e8:3d:6d:
38:1f:9a:1b:8f:17:84:40:ab:6c:bf:6f:c6:bb:ac:
a8:83:72:16:fd:08:c1:9d:c8:10:ea:ea:55:a8:4a:
f0:75:aa:87:7c:c9:d9:f3:a6:88:06:d5:f5:99:44:
e1:74:f3:ab:ae:d1:02:96:23:70:61:23:82:77:2c:
2c:8e:56:ac:9d:61:3b:72:29:0c:86:2d:ee:c3:f7:
06:c3:8a:bd:f3:21:3d:af:9d:be:df:8e:b1:ef:5f:
05:61:a3:1a:fc:8c:1c:08:d0:89:a4:31:3c:c6:e2:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:03:7E:57:20:CD:47:21:AB:4A:D0:B9:99:E4:CF:DC:27:84:D9:2E
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/tAN-VyDNRyGrStC5meTP3CeE2S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:2c:bb:21:fd:61:ee:2b:ea:90:81:bf:f6:bc:4b:cd:89:91:
12:28:85:db:f9:e2:15:b2:13:c0:7f:3f:3d:b5:ab:64:0c:81:
d3:86:1b:e3:dc:d7:32:62:aa:0b:b7:14:b8:07:1e:80:fc:ec:
c5:0b:8c:f4:99:b3:f3:8e:f4:4f:84:57:d9:54:a1:16:26:91:
ed:2b:3d:21:36:e6:a0:c5:e1:59:9b:62:db:75:f7:2a:b6:fd:
ec:64:81:25:6f:20:66:90:a0:90:13:6b:f2:d1:e5:18:09:f4:
c0:a1:18:6b:34:7d:a1:39:3c:5a:26:d7:5c:57:79:5e:e2:8c:
7c:77:ba:4c:9c:ea:94:35:5d:a1:e6:a2:b9:93:26:df:d9:59:
28:1b:a0:cd:43:fd:dc:e2:70:68:56:02:f4:7c:42:0d:2c:f4:
39:08:85:c9:7c:0f:e4:c4:d8:7b:6d:de:47:c6:63:a6:76:1a:
5c:0c:3d:64:8d:71:19:4e:b6:52:49:7a:62:10:5e:f6:d1:61:
57:1a:3a:ba:79:56:a4:b7:9c:66:3c:c2:84:e5:78:d5:09:1c:
93:3a:b8:b0:b8:3d:f2:dc:f1:8b:35:96:eb:02:95:72:85:0e:
b8:43:5c:4e:ac:0f:ad:ce:47:37:55:a2:a6:0e:f4:03:25:58:
7b:53:95:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZLscGRDWXtrV03OymziciurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQxMTAyMTAzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDAzN2U1NzIwY2Q0NzIxYWI0YWQwYjk5OWU0Y2ZkYzI3ODRkOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rLLjWtaxNe+IgD2YcElCybEHQOH
+BVR4LdBIUZsndmOfx5MbB3Kf48terwiaopxUKJ8RCgZCD0NODVdDDiJTi3mzeuD
o3+7p31KtvYXd01RvjfvZmXM/Hcg0FB0OP3k0fEdpxSmGwxM9oPqbXEONkLgkN2D
35793Gu+s9Ve5Qsd/leFRIQNOUXK84/Sc4IeI3voPW04H5objxeEQKtsv2/Gu6yo
g3IW/QjBncgQ6upVqErwdaqHfMnZ86aIBtX1mUThdPOrrtECliNwYSOCdywsjlas
nWE7cikMhi3uw/cGw4q98yE9r52+346x718FYaMa/IwcCNCJpDE8xuKuOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLQDflcgzUchq0rQuZnkz9wnhNkuMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvdEFOLVZ5RE5SeUdyU3RDNW1lVFAzQ2VFMlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgo3wDAN
BgkqhkiG9w0BAQsFAAOCAQEAKCy7If1h7ivqkIG/9rxLzYmREiiF2/niFbITwH8/
PbWrZAyB04Yb49zXMmKqC7cUuAcegPzsxQuM9Jmz8470T4RX2VShFiaR7Ss9ITbm
oMXhWZti23X3Krb97GSBJW8gZpCgkBNr8tHlGAn0wKEYazR9oTk8WibXXFd5XuKM
fHe6TJzqlDVdoeaiuZMm39lZKBugzUP93OJwaFYC9HxCDSz0OQiFyXwP5MTYe23e
R8ZjpnYaXAw9ZI1xGU62Ukl6YhBe9tFhVxo6unlWpLecZjzChOV41Qkckzq4sLg9
8tzxizWW6wKVcoUOuENcTqwPrc5HN1Wipg70AyVYe1OVmg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:56 2024 by rpki-client on console-ams.rpki-client.org