Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/C2LAA30TNncHCtg4hVhXAHosClg.roa
File: C2LAA30TNncHCtg4hVhXAHosClg.roa (raw, json)
Hash identifier: eAZTqX+VautVAwSgFYH1WGt052pt8gUiKMk2Yhx00R0=
Subject key identifier: 0B:62:C0:03:7D:13:36:77:07:0A:D8:38:85:58:57:00:7A:2C:0A:58
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0190C55D74552DC723356585DDBF61D76F33
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/C2LAA30TNncHCtg4hVhXAHosClg.roa
Signing time: Thu 18 Jul 2024 10:22:34 +0000
ROA not before: Thu 18 Jul 2024 10:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48752
IP address blocks: 2a07:2486:e00::/44 maxlen: 44
2a07:2486:e10::/44 maxlen: 44
2a07:2486:e20::/44 maxlen: 44
2a07:2486:e30::/44 maxlen: 44
2a07:2486:e40::/44 maxlen: 44
2a07:2486:ec0::/44 maxlen: 44
2a07:2486:ee0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:5d:74:55:2d:c7:23:35:65:85:dd:bf:61:d7:6f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Jul 18 10:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b62c0037d133677070ad838855857007a2c0a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ba:9c:c0:9c:a0:25:dc:9d:2f:c3:87:b9:b7:
e3:fd:58:49:d8:42:6a:ad:99:ca:3b:e3:83:b2:52:
56:db:54:a3:aa:8d:b3:61:36:40:1b:25:0d:25:a5:
34:fa:b1:4a:ea:f1:92:ce:07:dc:c6:47:99:30:5d:
39:34:d5:4b:65:89:86:f0:52:9a:c0:da:24:4a:5a:
bd:e4:29:01:66:58:a0:c3:0b:c5:8e:aa:d4:6b:40:
21:e3:42:47:65:bb:e0:7f:31:ac:58:2a:24:e2:0a:
ed:bc:a4:e3:30:96:a3:4a:07:9c:90:f1:48:c5:f6:
48:4f:83:d1:f8:41:94:c8:6a:81:1c:46:eb:c7:da:
10:b7:a6:98:6d:64:f8:bd:00:93:f8:2f:e0:2d:e9:
c9:e2:05:ff:6e:54:46:bb:05:63:11:52:11:01:be:
73:13:45:6d:33:a3:7d:24:fe:44:a2:3a:5a:df:2e:
45:40:62:a2:60:60:1c:cd:81:3c:94:13:22:92:23:
f9:f7:42:54:21:30:92:4c:a0:56:32:55:00:60:e5:
ba:68:7b:6b:ab:2d:ef:7a:8c:83:46:6d:fa:53:f3:
a1:cd:27:6c:cb:f9:0c:55:f1:c5:3a:f0:5b:a6:d9:
f8:99:2b:73:bf:f0:01:50:36:73:1e:c7:d0:6e:1e:
64:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:62:C0:03:7D:13:36:77:07:0A:D8:38:85:58:57:00:7A:2C:0A:58
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/C2LAA30TNncHCtg4hVhXAHosClg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486:e00::-2a07:2486:e4f:ffff:ffff:ffff:ffff:ffff
2a07:2486:ec0::/44
2a07:2486:ee0::/44
Signature Algorithm: sha256WithRSAEncryption
7e:f1:54:09:86:d7:53:7c:f6:dd:c3:d8:01:e2:5e:de:2f:27:
8c:75:e3:5a:62:7d:97:b2:54:a5:5f:38:93:aa:94:e0:8a:f9:
39:cd:00:64:7b:20:0c:8f:f7:03:d0:05:c5:e9:94:ca:96:5d:
08:f4:b3:72:e2:4a:10:60:24:9e:7f:22:b3:c6:3d:b3:fe:b5:
bd:2e:97:2b:25:a8:79:bb:91:04:cb:e0:8d:91:d7:3b:9a:66:
8b:00:eb:57:70:85:37:45:40:45:83:ed:1f:88:82:3f:24:ea:
04:0a:e1:9c:f5:2a:e3:55:93:9a:5b:2e:f0:7e:d3:7f:a9:d3:
53:65:ac:b3:8a:22:b1:8e:b6:d1:4e:50:2e:33:5b:6f:17:cd:
39:df:84:bd:f0:f1:c4:fa:42:98:4b:77:b9:f1:51:97:55:50:
96:0a:6f:cd:a5:1e:e5:c2:1c:5c:52:25:0e:ab:46:a6:1a:9e:
68:b5:27:48:0d:22:d6:a6:81:87:1b:a7:f4:53:29:5d:8f:94:
e4:40:6c:4d:c1:92:85:9d:a1:6f:f6:36:0a:ce:ca:f1:27:75:
86:10:9d:a6:2a:3b:da:98:be:23:5a:ef:6d:ca:2d:88:6f:21:
64:b9:4c:4e:10:28:69:13:9c:3f:60:fa:23:85:44:92:47:c7:
52:44:01:7a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZDFXXRVLccjNWWF3b9h128zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQwNzE4MTAyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYyYzAwMzdkMTMzNjc3MDcwYWQ4Mzg4NTU4NTcwMDdhMmMwYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLqcwJygJdydL8OHubfj/VhJ2EJq
rZnKO+ODslJW21Sjqo2zYTZAGyUNJaU0+rFK6vGSzgfcxkeZMF05NNVLZYmG8FKa
wNokSlq95CkBZligwwvFjqrUa0Ah40JHZbvgfzGsWCok4grtvKTjMJajSgeckPFI
xfZIT4PR+EGUyGqBHEbrx9oQt6aYbWT4vQCT+C/gLenJ4gX/blRGuwVjEVIRAb5z
E0VtM6N9JP5Eojpa3y5FQGKiYGAczYE8lBMikiP590JUITCSTKBWMlUAYOW6aHtr
qy3veoyDRm36U/OhzSdsy/kMVfHFOvBbptn4mStzv/ABUDZzHsfQbh5kvwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFAtiwAN9EzZ3BwrYOIVYVwB6LApYMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvQzJMQUEzMFRObmNIQ3RnNGhWaFhBSG9zQ2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlMBEDBgEqBySG
DgMHBCoHJIYOQAMHBCoHJIYOwAMHBCoHJIYO4DANBgkqhkiG9w0BAQsFAAOCAQEA
fvFUCYbXU3z23cPYAeJe3i8njHXjWmJ9l7JUpV84k6qU4Ir5Oc0AZHsgDI/3A9AF
xemUypZdCPSzcuJKEGAknn8is8Y9s/61vS6XKyWoebuRBMvgjZHXO5pmiwDrV3CF
N0VARYPtH4iCPyTqBArhnPUq41WTmlsu8H7Tf6nTU2Wss4oisY620U5QLjNbbxfN
Od+EvfDxxPpCmEt3ufFRl1VQlgpvzaUe5cIcXFIlDqtGphqeaLUnSA0i1qaBhxun
9FMpXY+U5EBsTcGShZ2hb/Y2Cs7K8Sd1hhCdpio72pi+I1rvbcotiG8hZLlMThAo
aROcP2D6I4VEkkfHUkQBeg==
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:43:06 2024 by rpki-client on console-fra.rpki-client.org