Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/qcoxjLDScR-MXOkErDXrkuhYV2Q.roa
File: qcoxjLDScR-MXOkErDXrkuhYV2Q.roa (raw, json)
Hash identifier: 8tk6a38s14tDUgWwR205ybp3X/S5hvW2Q3cK4fDc1Lk=
Subject key identifier: A9:CA:31:8C:B0:D2:71:1F:8C:5C:E9:04:AC:35:EB:92:E8:58:57:64
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 0191E62102BBDE3C98C98097D75984F24785
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/qcoxjLDScR-MXOkErDXrkuhYV2Q.roa
Signing time: Thu 12 Sep 2024 12:06:48 +0000
ROA not before: Thu 12 Sep 2024 12:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199669
IP address blocks: 2a11:2084::/32 maxlen: 32
2a11:c107::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:21:02:bb:de:3c:98:c9:80:97:d7:59:84:f2:47:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Sep 12 12:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9ca318cb0d2711f8c5ce904ac35eb92e8585764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5f:9f:98:36:d1:66:eb:44:87:f2:88:33:6e:
1a:09:ad:bb:f9:39:9d:76:78:2f:cd:7f:06:01:fa:
da:a4:22:a5:7d:83:7e:d3:48:9a:21:15:0a:13:da:
1c:5f:b9:ef:ad:42:de:0b:92:c3:7b:6c:fc:c2:cd:
08:a0:0d:30:96:28:31:2b:20:26:3b:3e:d0:f4:af:
b0:23:44:3d:7a:75:76:04:61:a9:73:98:0d:a9:d9:
b7:39:b0:7d:e7:9e:05:7b:47:af:de:52:c3:63:72:
dc:08:02:7c:7d:54:5f:99:d3:d6:01:9b:cf:91:d7:
d9:03:58:a8:e7:36:46:57:eb:37:13:6a:8c:34:18:
02:a3:3f:4b:a7:d0:97:ff:63:29:9c:1a:ea:6d:a0:
5c:56:c0:8f:f1:33:0b:a3:45:9f:17:c7:cf:56:2d:
ac:94:1f:46:4d:79:86:19:89:c9:22:6b:3f:6a:2c:
1a:dc:08:d6:7d:45:2c:21:71:b3:cc:b1:f3:fd:e4:
d9:38:c0:20:e3:19:c9:00:c8:88:35:fb:3f:53:c4:
63:84:48:d6:b8:cb:ec:53:cc:2c:ed:e4:3e:96:6f:
48:44:5e:12:00:14:4a:f5:1d:2e:00:93:40:3a:3c:
bd:99:d4:2a:b6:23:ee:8b:17:27:73:a8:c1:e4:e7:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CA:31:8C:B0:D2:71:1F:8C:5C:E9:04:AC:35:EB:92:E8:58:57:64
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/qcoxjLDScR-MXOkErDXrkuhYV2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:2084::/32
2a11:c107::/32
Signature Algorithm: sha256WithRSAEncryption
60:6f:89:5e:1c:b0:f8:23:ce:08:45:51:14:aa:33:fb:fc:87:
80:1c:72:53:0d:d2:f7:54:d4:25:60:03:54:2b:57:83:f0:09:
c1:19:2c:fd:62:d9:e9:29:3d:08:ce:2d:ec:17:d1:b3:b8:a5:
af:eb:a6:4f:55:46:96:0c:b0:c5:63:a8:17:52:14:f9:1e:48:
6c:28:7d:94:f3:bb:8d:c7:42:06:6d:35:4a:07:3b:b9:e8:f8:
9a:10:4c:3a:9b:aa:7c:c9:46:97:61:1f:fc:88:20:d6:cd:4c:
29:5a:b9:00:41:52:a8:05:d4:4d:6b:9c:3c:e3:2e:47:e3:1c:
4a:db:1e:16:d9:9a:f8:f1:14:9d:3a:56:1c:a9:51:1a:32:3e:
0d:db:62:dc:15:25:e8:f8:73:bb:0a:e0:59:eb:a3:57:35:76:
3d:d7:61:d8:8a:6f:86:63:4f:98:7a:28:ab:1e:1a:2b:9d:92:
1f:9c:68:83:07:f3:63:72:08:f9:0e:fa:b7:74:c6:22:68:69:
aa:69:88:ad:14:b8:da:0e:ba:03:6c:46:84:5e:e7:eb:12:a1:
3f:26:20:2b:bf:28:a6:ec:8c:4b:0f:56:ed:54:c8:f9:67:e6:
8f:0e:6b:15:b4:d6:71:ab:a4:0e:a4:9a:91:64:c1:ad:dd:e4:
74:7f:f9:c9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZHmIQK73jyYyYCX11mE8keFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjQwOTEyMTIwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWNhMzE4Y2IwZDI3MTFmOGM1Y2U5MDRhYzM1ZWI5MmU4NTg1NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl+fmDbRZutEh/KIM24aCa27+Tmd
dngvzX8GAfrapCKlfYN+00iaIRUKE9ocX7nvrULeC5LDe2z8ws0IoA0wligxKyAm
Oz7Q9K+wI0Q9enV2BGGpc5gNqdm3ObB9554Fe0ev3lLDY3LcCAJ8fVRfmdPWAZvP
kdfZA1io5zZGV+s3E2qMNBgCoz9Lp9CX/2MpnBrqbaBcVsCP8TMLo0WfF8fPVi2s
lB9GTXmGGYnJIms/aiwa3AjWfUUsIXGzzLHz/eTZOMAg4xnJAMiINfs/U8RjhEjW
uMvsU8ws7eQ+lm9IRF4SABRK9R0uAJNAOjy9mdQqtiPuixcnc6jB5OfdhQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKnKMYyw0nEfjFzpBKw165LoWFdkMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvcWNveGpMRFNjUi1NWE9rRXJEWHJrdWhZVjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhEghAMF
ACoRwQcwDQYJKoZIhvcNAQELBQADggEBAGBviV4csPgjzghFURSqM/v8h4AcclMN
0vdU1CVgA1QrV4PwCcEZLP1i2ekpPQjOLewX0bO4pa/rpk9VRpYMsMVjqBdSFPke
SGwofZTzu43HQgZtNUoHO7no+JoQTDqbqnzJRpdhH/yIINbNTClauQBBUqgF1E1r
nDzjLkfjHErbHhbZmvjxFJ06VhypURoyPg3bYtwVJej4c7sK4Fnro1c1dj3XYdiK
b4ZjT5h6KKseGiudkh+caIMH82NyCPkO+rd0xiJoaappiK0UuNoOugNsRoRe5+sS
oT8mICu/KKbsjEsPVu1UyPln5o8OaxW01nGrpA6kmpFkwa3d5HR/+ck=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:59 2024 by rpki-client on console-fra.rpki-client.org