Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/1ZUApkpoA4JxbENM9fdLq9RCw6s.roa
File: 1ZUApkpoA4JxbENM9fdLq9RCw6s.roa (raw, json)
Hash identifier: ENqCY5S+xeW/zqIKhj0aOu8TaP/f2U9kHEfTysqP98M=
Subject key identifier: D5:95:00:A6:4A:68:03:82:71:6C:43:4C:F5:F7:4B:AB:D4:42:C3:AB
Certificate issuer: /CN=97bcbee44f4cef091985e546a6854f9ccb2ada8a
Certificate serial: 018CC5013232AAB9C709D79CC4A22247A90A
Authority key identifier: 97:BC:BE:E4:4F:4C:EF:09:19:85:E5:46:A6:85:4F:9C:CB:2A:DA:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l7y-5E9M7wkZheVGpoVPnMsq2oo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/1ZUApkpoA4JxbENM9fdLq9RCw6s.roa
Signing time: Mon 01 Jan 2024 12:30:39 +0000
ROA not before: Mon 01 Jan 2024 12:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41179
IP address blocks: 2a05:a944::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/l7y-5E9M7wkZheVGpoVPnMsq2oo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/l7y-5E9M7wkZheVGpoVPnMsq2oo.mft
rsync://rpki.ripe.net/repository/DEFAULT/l7y-5E9M7wkZheVGpoVPnMsq2oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:32:32:aa:b9:c7:09:d7:9c:c4:a2:22:47:a9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bcbee44f4cef091985e546a6854f9ccb2ada8a
Validity
Not Before: Jan 1 12:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d59500a64a680382716c434cf5f74babd442c3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d5:ba:3e:4c:3b:00:fc:2b:6d:7e:ee:ca:b7:
d1:b9:dd:3f:c1:1f:cc:b2:56:cc:01:62:ac:de:65:
af:be:8d:61:03:8f:88:3d:11:38:a1:6e:b4:c4:a2:
dc:80:e8:af:60:ff:c4:89:14:ee:80:a7:08:94:67:
cc:dc:5b:9f:e4:33:ed:8f:7c:44:5f:8e:dc:88:16:
20:23:55:e5:a2:cf:a8:d6:d3:e5:d1:36:d8:58:ce:
8a:70:f1:7f:02:5b:d9:f2:98:a0:9a:f6:8b:5f:3e:
17:da:09:ea:21:c2:94:c1:1b:0c:57:2f:d7:e1:e1:
15:98:ba:a1:c6:e2:02:5c:db:29:5d:c4:5e:d5:48:
cf:7b:00:27:ed:c6:f7:91:e9:10:ab:7f:db:5d:36:
39:24:c6:b7:1e:39:f8:92:cd:df:a5:63:ea:bf:a5:
83:f9:c1:12:d6:e7:45:0d:ea:44:09:9e:99:8d:bf:
be:6f:e7:57:75:7c:db:0d:f8:d6:31:57:7c:96:6e:
18:13:2e:0b:fd:48:45:ef:7d:38:39:20:41:4b:f1:
62:60:a5:53:81:4d:39:a9:65:2c:30:e7:67:f0:93:
54:29:a7:89:9d:5a:e3:d8:cd:e8:52:9f:ef:0a:30:
94:f0:a7:9b:20:f6:cb:47:ed:06:ce:cc:29:43:10:
be:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:95:00:A6:4A:68:03:82:71:6C:43:4C:F5:F7:4B:AB:D4:42:C3:AB
X509v3 Authority Key Identifier:
keyid:97:BC:BE:E4:4F:4C:EF:09:19:85:E5:46:A6:85:4F:9C:CB:2A:DA:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l7y-5E9M7wkZheVGpoVPnMsq2oo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/1ZUApkpoA4JxbENM9fdLq9RCw6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0b2eef-75e9-43b2-9088-8303ad1371dd/1/l7y-5E9M7wkZheVGpoVPnMsq2oo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:a944::/48
Signature Algorithm: sha256WithRSAEncryption
95:19:22:3c:ce:c9:29:c7:1a:30:6c:32:9f:d3:96:fc:c4:27:
80:c9:4b:09:58:bb:8d:38:4a:1f:0c:f7:d3:aa:a2:23:66:9d:
16:74:44:2c:e8:d3:c1:73:a7:c2:d4:83:18:3f:3e:61:50:de:
4c:e1:3a:66:c5:ec:62:4a:7d:50:11:36:90:b5:b5:e6:95:16:
7a:6e:43:23:2a:e6:f4:c2:26:37:aa:da:b0:78:0e:72:67:ef:
d2:47:be:cc:e2:9a:bb:20:45:9b:a6:1a:d7:7a:0a:88:93:1c:
73:15:98:ff:d7:d3:e5:f6:b0:d4:cd:87:77:da:8a:06:25:ed:
04:94:41:a0:0d:97:e3:57:f4:6e:01:72:55:25:d6:aa:16:c9:
f3:00:ac:ad:99:36:a2:8f:40:c8:63:82:40:a4:d5:9a:ae:e3:
9a:99:0e:93:70:47:e1:5e:cb:e9:9f:11:81:f7:e5:84:ed:d9:
92:90:43:28:4e:b9:a2:6d:7c:08:7f:2b:f5:17:b5:af:68:c5:
39:a3:91:0b:17:2f:5f:b5:18:6f:b5:7f:8e:40:0c:ec:9e:67:
78:2d:e7:93:6c:ae:52:8f:04:ec:5d:44:7a:61:0a:89:e6:df:
af:67:eb:26:68:4d:cc:6d:f9:aa:4e:98:89:ec:4c:ba:56:ba:
a1:24:46:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFATIyqrnHCdecxKIiR6kKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmNiZWU0NGY0Y2VmMDkxOTg1ZTU0NmE2ODU0ZjljY2Iy
YWRhOGEwHhcNMjQwMTAxMTIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk1MDBhNjRhNjgwMzgyNzE2YzQzNGNmNWY3NGJhYmQ0NDJjM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktW6Pkw7APwrbX7uyrfRud0/wR/M
slbMAWKs3mWvvo1hA4+IPRE4oW60xKLcgOivYP/EiRTugKcIlGfM3Fuf5DPtj3xE
X47ciBYgI1Xlos+o1tPl0TbYWM6KcPF/AlvZ8pigmvaLXz4X2gnqIcKUwRsMVy/X
4eEVmLqhxuICXNspXcRe1UjPewAn7cb3kekQq3/bXTY5JMa3Hjn4ks3fpWPqv6WD
+cES1udFDepECZ6Zjb++b+dXdXzbDfjWMVd8lm4YEy4L/UhF7304OSBBS/FiYKVT
gU05qWUsMOdn8JNUKaeJnVrj2M3oUp/vCjCU8KebIPbLR+0GzswpQxC+YwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNWVAKZKaAOCcWxDTPX3S6vUQsOrMB8GA1UdIwQY
MBaAFJe8vuRPTO8JGYXlRqaFT5zLKtqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDd5LTVFOU03d2taaGVWR3BvVlBuTXNxMm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wYjJlZWYtNzVlOS00M2IyLTkwODgt
ODMwM2FkMTM3MWRkLzEvMVpVQXBrcG9BNEp4YkVOTTlmZExxOVJDdzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wYjJlZWYtNzVlOS00M2IyLTkwODgtODMwM2FkMTM3MWRk
LzEvbDd5LTVFOU03d2taaGVWR3BvVlBuTXNxMm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWpRAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVGSI8zskpxxowbDKf05b8xCeAyUsJWLuNOEof
DPfTqqIjZp0WdEQs6NPBc6fC1IMYPz5hUN5M4TpmxexiSn1QETaQtbXmlRZ6bkMj
Kub0wiY3qtqweA5yZ+/SR77M4pq7IEWbphrXegqIkxxzFZj/19Pl9rDUzYd32ooG
Je0ElEGgDZfjV/RuAXJVJdaqFsnzAKytmTaij0DIY4JApNWaruOamQ6TcEfhXsvp
nxGB9+WE7dmSkEMoTrmibXwIfyv1F7WvaMU5o5ELFy9ftRhvtX+OQAzsnmd4LeeT
bK5SjwTsXUR6YQqJ5t+vZ+smaE3MbfmqTpiJ7Ey6VrqhJEYA
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:15:52 2024 by rpki-client on console-fra.rpki-client.org