Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/hA9L7j0YS-PHrPXD0LNha-D3lm0.roa
File: hA9L7j0YS-PHrPXD0LNha-D3lm0.roa (raw, json)
Hash identifier: TKPkw83/sspgXhwyMDzD3lFTdrbyzeY35lDe71HiecQ=
Subject key identifier: 84:0F:4B:EE:3D:18:4B:E3:C7:AC:F5:C3:D0:B3:61:6B:E0:F7:96:6D
Certificate issuer: /CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Certificate serial: 018CC79538A5D678551949D3F5A23DF17C9D
Authority key identifier: 4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/hA9L7j0YS-PHrPXD0LNha-D3lm0.roa
Signing time: Tue 02 Jan 2024 00:31:34 +0000
ROA not before: Tue 02 Jan 2024 00:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204084
IP address blocks: 2a13:3301::/32 maxlen: 32
2a13:3302::/32 maxlen: 32
2a13:3300::/32 maxlen: 32
2a13:3303::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.mft
rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:38:a5:d6:78:55:19:49:d3:f5:a2:3d:f1:7c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Validity
Not Before: Jan 2 00:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=840f4bee3d184be3c7acf5c3d0b3616be0f7966d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7e:f8:d0:df:60:64:b8:88:88:e6:7b:c6:44:
65:b6:17:a9:75:f5:e8:6e:3e:b8:17:fc:88:1a:3b:
9f:7f:19:ce:9e:13:10:36:28:43:8f:49:97:6f:45:
5b:e7:70:bb:f8:6f:56:53:99:84:b6:0b:88:72:bb:
08:ed:35:96:3e:e8:8d:44:a5:92:76:4c:80:f0:b3:
bc:11:02:15:3b:ba:d8:97:7d:90:d7:2e:50:13:0a:
99:ea:fa:bb:ae:32:da:ca:cf:75:05:d0:f9:2d:46:
43:65:0b:45:b1:e7:8a:30:bd:97:d5:61:af:32:7d:
d0:a0:44:89:f1:11:8d:fa:2a:51:38:99:6d:28:e3:
95:8a:01:03:6d:1a:9a:09:dd:ba:7a:17:70:3e:60:
e1:89:95:30:ee:59:c8:19:c8:26:06:a7:8f:61:d7:
f6:35:ad:42:3a:cd:13:39:7e:05:83:e4:10:0b:cf:
eb:1e:ff:a3:fb:8f:50:cf:47:c4:53:67:31:b4:a2:
c6:eb:49:3f:6f:5a:c1:93:77:6d:59:34:98:e8:d7:
85:ac:f9:e8:b8:18:55:4e:88:82:e5:ab:50:c9:ad:
fe:b7:f1:ba:f0:a5:e8:f7:21:13:84:70:8b:26:78:
59:74:79:8a:7e:5a:d1:3d:41:27:da:7f:a2:65:51:
6d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0F:4B:EE:3D:18:4B:E3:C7:AC:F5:C3:D0:B3:61:6B:E0:F7:96:6D
X509v3 Authority Key Identifier:
keyid:4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/hA9L7j0YS-PHrPXD0LNha-D3lm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3300::/30
Signature Algorithm: sha256WithRSAEncryption
16:c7:2f:88:97:1f:16:67:ae:ad:f3:ee:81:1d:1e:2d:9c:41:
15:94:9a:2a:41:c7:ad:b6:4a:f1:e9:10:24:2c:9f:9e:27:ff:
76:e7:5a:a3:ee:e3:fd:ab:a9:fd:a1:0a:55:56:b5:02:d1:c9:
62:23:ea:3e:d2:cf:a4:77:d9:8b:7a:d1:b0:4e:1a:b3:af:70:
da:aa:bd:1a:54:e4:86:57:60:bb:10:58:53:fd:81:0c:d6:ec:
00:c9:d5:9c:09:ec:a1:ed:02:8b:7a:99:92:ba:07:50:25:3a:
ee:2d:b3:34:98:27:18:b2:8e:30:94:d0:19:45:fe:41:1a:ee:
fb:bd:e8:5a:f1:4e:a4:e3:0f:05:7d:53:48:ea:63:ca:d8:10:
7d:4d:06:c9:91:f5:f7:95:da:00:e8:eb:03:35:02:99:37:1c:
9f:c4:d6:02:ba:9e:49:9a:6e:5c:41:5e:2a:a0:b7:87:bd:7f:
71:49:35:e5:f4:6a:fc:1c:27:a3:f2:7f:17:31:dd:19:ee:b9:
65:66:f4:15:69:c7:30:1b:e6:86:ba:82:1f:72:14:2b:9f:c9:
f9:f9:11:c5:11:ec:7e:8f:df:0c:d3:89:ae:ad:56:73:f2:0a:
6b:ea:10:4c:50:85:24:b1:22:0b:5a:b8:9b:81:34:e7:5a:26:
65:70:ee:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHlTil1nhVGUnT9aI98XydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTFiYmJlNTQwMDc5ZDJiN2YyNzBiOTJjZWFmM2IyYTgx
NmU4ZmEwHhcNMjQwMTAyMDAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBmNGJlZTNkMTg0YmUzYzdhY2Y1YzNkMGIzNjE2YmUwZjc5NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX740N9gZLiIiOZ7xkRlthepdfXo
bj64F/yIGjuffxnOnhMQNihDj0mXb0Vb53C7+G9WU5mEtguIcrsI7TWWPuiNRKWS
dkyA8LO8EQIVO7rYl32Q1y5QEwqZ6vq7rjLays91BdD5LUZDZQtFseeKML2X1WGv
Mn3QoESJ8RGN+ipROJltKOOVigEDbRqaCd26ehdwPmDhiZUw7lnIGcgmBqePYdf2
Na1COs0TOX4Fg+QQC8/rHv+j+49Qz0fEU2cxtKLG60k/b1rBk3dtWTSY6NeFrPno
uBhVToiC5atQya3+t/G68KXo9yEThHCLJnhZdHmKflrRPUEn2n+iZVFtcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIQPS+49GEvjx6z1w9CzYWvg95ZtMB8GA1UdIwQY
MBaAFEvhu75UAHnSt/JwuSzq87KoFuj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMt
MWVmMWNlZTY2MWNhLzEvaEE5TDdqMFlTLVBIclBYRDBMTmhhLUQzbG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMtMWVmMWNlZTY2MWNh
LzEvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhMzADAN
BgkqhkiG9w0BAQsFAAOCAQEAFscviJcfFmeurfPugR0eLZxBFZSaKkHHrbZK8ekQ
JCyfnif/dudao+7j/aup/aEKVVa1AtHJYiPqPtLPpHfZi3rRsE4as69w2qq9GlTk
hldguxBYU/2BDNbsAMnVnAnsoe0Ci3qZkroHUCU67i2zNJgnGLKOMJTQGUX+QRru
+73oWvFOpOMPBX1TSOpjytgQfU0GyZH195XaAOjrAzUCmTccn8TWArqeSZpuXEFe
KqC3h71/cUk15fRq/Bwno/J/FzHdGe65ZWb0FWnHMBvmhrqCH3IUK5/J+fkRxRHs
fo/fDNOJrq1Wc/IKa+oQTFCFJLEiC1q4m4E051omZXDuQQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:00:34 2024 by rpki-client on console-fra.rpki-client.org