Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/l_PoOXMK2S_xlBDJFcCZU5JZSqM.roa
File: l_PoOXMK2S_xlBDJFcCZU5JZSqM.roa (raw, json)
Hash identifier: nU5NLNQR8KUD3uCMiOKYb0TUFVHhYaH3xHbbsg8PEoo=
Subject key identifier: 97:F3:E8:39:73:0A:D9:2F:F1:94:10:C9:15:C0:99:53:92:59:4A:A3
Certificate issuer: /CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
Certificate serial: 018CC86EEE4AC08AC8B1D33EE290450B4238
Authority key identifier: EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/l_PoOXMK2S_xlBDJFcCZU5JZSqM.roa
Signing time: Tue 02 Jan 2024 04:29:22 +0000
ROA not before: Tue 02 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18178
IP address blocks: 2a13:2200::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:ee:4a:c0:8a:c8:b1:d3:3e:e2:90:45:0b:42:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
Validity
Not Before: Jan 2 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97f3e839730ad92ff19410c915c0995392594aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2a:d3:75:2f:05:4e:35:70:11:8a:50:3b:16:
33:5d:d1:04:b2:e3:ce:91:b6:c6:34:65:97:3a:a8:
cd:7e:22:37:c7:00:45:14:ed:ba:ff:14:0c:bc:ec:
0f:6b:ef:a6:37:7f:35:2f:4d:9e:e7:2c:55:43:d3:
22:d3:3d:70:1a:a1:35:bd:e7:bd:c7:ae:47:20:39:
5e:cc:b4:1c:80:84:ba:5e:5c:e4:05:1e:cc:d0:33:
19:80:c2:bd:36:c9:66:d8:2a:d4:a7:b1:5b:65:ad:
66:2c:49:d6:cd:21:c2:ea:52:5d:04:ba:a2:63:27:
5f:60:f7:67:1b:ff:56:73:86:34:b2:ca:86:38:e8:
c3:6a:dc:66:64:3c:f8:50:14:cc:aa:c0:c5:7b:3f:
25:51:e8:97:e8:53:31:ca:e6:09:89:1e:30:c8:59:
28:c5:45:e5:60:13:3c:ee:45:19:c7:bd:05:b8:d9:
9c:0f:b7:11:36:93:53:8f:7e:c0:3a:a1:9f:fe:f4:
b5:bd:d5:40:26:ca:6f:e7:6d:38:62:1f:a8:3a:fb:
13:4a:e7:14:8c:06:b5:38:eb:4a:2a:6c:11:a2:db:
27:df:7b:29:a0:9b:70:9e:1e:dc:f0:7f:61:00:a5:
b5:64:7b:da:55:db:f7:3f:d9:77:26:7c:84:e7:14:
38:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F3:E8:39:73:0A:D9:2F:F1:94:10:C9:15:C0:99:53:92:59:4A:A3
X509v3 Authority Key Identifier:
keyid:EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/l_PoOXMK2S_xlBDJFcCZU5JZSqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2200::/47
Signature Algorithm: sha256WithRSAEncryption
01:0c:07:00:d2:44:90:1d:b5:75:d0:c2:65:d1:ff:28:54:a1:
4b:ef:16:85:35:40:95:d8:bc:b0:18:e7:2d:ae:e2:3d:1e:8f:
8d:1d:9f:ab:df:8e:ae:27:9c:c8:a5:b9:52:0d:a2:8f:1d:77:
f4:ae:9d:66:e7:92:18:9c:49:d7:29:f3:35:1e:c6:c0:0a:7b:
54:17:cf:56:7f:0b:7c:50:8b:d7:50:77:74:35:42:a5:a8:11:
8f:2b:3d:85:8b:d8:ef:1b:f3:3a:b0:e2:ae:1b:75:2d:bd:43:
46:9b:2f:9f:65:aa:ce:64:23:9c:94:8c:b1:0c:04:2c:a1:ac:
ac:41:7a:56:90:3b:19:5c:64:db:79:c5:fc:a0:bf:4e:46:9b:
8a:02:c6:20:7f:12:34:11:bf:c5:9d:20:43:ab:7f:c7:01:7d:
1b:78:90:8f:a9:0a:d3:9a:bf:5f:04:48:a7:73:08:fb:79:82:
be:e5:7e:e4:94:fd:6a:9c:1b:2a:90:79:87:32:29:da:fd:98:
a3:70:e3:c4:18:88:88:50:7a:43:fd:c8:52:f6:15:99:ab:9c:
55:25:52:9e:1d:1e:d1:fc:2c:2b:de:ac:4b:b1:65:82:d9:1c:
71:f9:66:00:74:ea:73:24:e2:24:f9:8e:5b:b6:ac:f0:e6:4e:
8f:17:80:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIbu5KwIrIsdM+4pBFC0I4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMmQxMDJiNjExMmIwZDlhOGI4ZWViYWM0Yjk3YzgxOWY5
N2M2MDYwHhcNMjQwMTAyMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2YzZTgzOTczMGFkOTJmZjE5NDEwYzkxNWMwOTk1MzkyNTk0YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApirTdS8FTjVwEYpQOxYzXdEEsuPO
kbbGNGWXOqjNfiI3xwBFFO26/xQMvOwPa++mN381L02e5yxVQ9Mi0z1wGqE1vee9
x65HIDlezLQcgIS6XlzkBR7M0DMZgMK9Nslm2CrUp7FbZa1mLEnWzSHC6lJdBLqi
YydfYPdnG/9Wc4Y0ssqGOOjDatxmZDz4UBTMqsDFez8lUeiX6FMxyuYJiR4wyFko
xUXlYBM87kUZx70FuNmcD7cRNpNTj37AOqGf/vS1vdVAJspv5204Yh+oOvsTSucU
jAa1OOtKKmwRotsn33spoJtwnh7c8H9hAKW1ZHvaVdv3P9l3JnyE5xQ4mwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJfz6DlzCtkv8ZQQyRXAmVOSWUqjMB8GA1UdIwQY
MBaAFOotECthErDZqLjuusS5fIGfl8YGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmkwUUsyRVNzTm1vdU82NnhMbDhnWi1YeGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80Y2RlZmEtNWVlMi00NzE5LWE3ZTEt
YjgyOWNjNDAxMDMxLzEvbF9Qb09YTUsyU194bEJESkZjQ1pVNUpaU3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80Y2RlZmEtNWVlMi00NzE5LWE3ZTEtYjgyOWNjNDAxMDMx
LzEvNmkwUUsyRVNzTm1vdU82NnhMbDhnWi1YeGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhMiAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQABDAcA0kSQHbV10MJl0f8oVKFL7xaFNUCV2Lyw
GOctruI9Ho+NHZ+r346uJ5zIpblSDaKPHXf0rp1m55IYnEnXKfM1HsbACntUF89W
fwt8UIvXUHd0NUKlqBGPKz2Fi9jvG/M6sOKuG3UtvUNGmy+fZarOZCOclIyxDAQs
oaysQXpWkDsZXGTbecX8oL9ORpuKAsYgfxI0Eb/FnSBDq3/HAX0beJCPqQrTmr9f
BEincwj7eYK+5X7klP1qnBsqkHmHMina/ZijcOPEGIiIUHpD/chS9hWZq5xVJVKe
HR7R/Cwr3qxLsWWC2Rxx+WYAdOpzJOIk+Y5btqzw5k6PF4A5
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:48:45 2024 by rpki-client on console-ams.rpki-client.org