Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/rl0Fb9XvvdnNHyHGX0YHbM6_Sx4.roa
File: rl0Fb9XvvdnNHyHGX0YHbM6_Sx4.roa (raw, json)
Hash identifier: pwDvGNgIKAEy/IYwBQgVUXmGCvz+ShqzHTyDdSjTdCc=
Subject key identifier: AE:5D:05:6F:D5:EF:BD:D9:CD:1F:21:C6:5F:46:07:6C:CE:BF:4B:1E
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 018DA76EA19A8491EC7AD04ED9E57B7BEC99
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/rl0Fb9XvvdnNHyHGX0YHbM6_Sx4.roa
Signing time: Wed 14 Feb 2024 11:44:21 +0000
ROA not before: Wed 14 Feb 2024 11:44:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41435
IP address blocks: 2a0d:9880::/32 maxlen: 32
2a0d:9881::/32 maxlen: 32
2a0d:9882::/32 maxlen: 32
2a0d:9883::/32 maxlen: 32
2a0d:9884::/32 maxlen: 32
2a0d:9885::/32 maxlen: 32
2a0d:9886::/32 maxlen: 32
2a0d:9887::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:6e:a1:9a:84:91:ec:7a:d0:4e:d9:e5:7b:7b:ec:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Feb 14 11:44:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae5d056fd5efbdd9cd1f21c65f46076ccebf4b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ee:b8:02:02:a8:66:ea:e4:c5:00:bf:79:d1:
50:fa:90:19:85:85:45:c9:f5:a9:38:0a:d6:7e:d3:
bd:c7:e4:64:0c:6e:20:b6:77:ad:bc:53:47:d2:e0:
de:36:4f:59:d5:ed:43:71:c9:61:fb:9b:14:9b:6f:
e4:d6:ec:f2:79:f3:e1:87:0b:bc:0c:a0:cf:27:ca:
2e:35:f6:8f:88:5c:7f:c1:c7:f7:39:d2:88:6e:f7:
82:69:98:60:94:1e:f6:28:66:30:5a:a1:c3:ed:8b:
db:cd:cf:ef:f4:9f:fd:66:79:90:f6:e2:74:a0:62:
de:ef:d0:3f:0c:dc:68:71:1a:15:6b:30:a1:18:43:
c1:bb:1a:1e:12:36:b0:14:f7:c2:1d:74:9f:64:ed:
09:f2:42:10:d2:7e:7c:a1:86:5e:0e:e9:93:2b:f0:
6c:83:db:03:f2:19:f9:b8:95:5c:c9:33:7d:23:1f:
60:e3:26:07:24:1f:2a:a1:17:2d:cb:34:49:2e:4b:
ad:3f:52:7b:96:36:22:f2:62:e9:fe:74:ad:12:a3:
b3:32:79:a8:44:89:df:e5:54:d6:1e:a7:5f:39:df:
7c:8e:f4:6b:de:26:cf:54:70:ed:6e:c1:45:a6:2f:
cf:d1:f1:e1:9a:77:05:f0:54:5b:d8:90:e9:2e:53:
1c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:5D:05:6F:D5:EF:BD:D9:CD:1F:21:C6:5F:46:07:6C:CE:BF:4B:1E
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/rl0Fb9XvvdnNHyHGX0YHbM6_Sx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:9880::/29
Signature Algorithm: sha256WithRSAEncryption
54:f6:f2:ba:7c:89:3e:bd:ed:3a:c8:7b:e4:6b:c5:16:7d:a4:
b7:6b:df:4f:45:e5:4c:8d:43:40:c0:43:d8:80:73:fc:b0:6f:
48:d8:8c:59:7c:94:f1:8b:9d:86:2e:7a:8e:c0:2d:70:45:16:
21:81:d1:53:26:e3:b3:46:07:7f:62:7f:ab:70:f9:cb:ca:75:
62:34:82:fc:6c:90:b6:9e:61:1f:9c:c9:bf:8b:4d:36:4f:c5:
9e:4d:e4:b7:65:fa:3d:60:6d:a5:3c:39:7a:4c:82:09:4a:75:
4f:46:c5:a1:02:1d:48:91:a8:1b:98:82:73:d8:61:80:51:4f:
33:f5:5d:a0:21:99:1c:d0:96:4d:d0:96:d7:bc:d0:4e:c9:9f:
be:52:41:00:3a:2b:6a:52:a0:37:8a:79:81:bc:34:ec:55:63:
1f:be:7c:7c:07:52:a8:73:f5:c8:16:5e:5f:b8:c5:dc:12:26:
4a:93:e7:41:9a:64:84:29:31:0b:82:22:f4:0a:b3:70:85:a7:
8b:f7:d0:4c:ac:59:81:47:36:03:5e:c0:42:90:c7:70:f1:a0:
53:7b:26:29:ca:3c:6a:cf:d4:2c:81:f5:72:79:f2:9b:95:e1:
fa:f4:14:65:5f:de:39:dd:2c:0c:8f:bb:aa:03:97:ca:4c:52:
a7:cb:07:68
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY2nbqGahJHsetBO2eV7e+yZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjQwMjE0MTE0NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTVkMDU2ZmQ1ZWZiZGQ5Y2QxZjIxYzY1ZjQ2MDc2Y2NlYmY0YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse64AgKoZurkxQC/edFQ+pAZhYVF
yfWpOArWftO9x+RkDG4gtnetvFNH0uDeNk9Z1e1Dcclh+5sUm2/k1uzyefPhhwu8
DKDPJ8ouNfaPiFx/wcf3OdKIbveCaZhglB72KGYwWqHD7Yvbzc/v9J/9ZnmQ9uJ0
oGLe79A/DNxocRoVazChGEPBuxoeEjawFPfCHXSfZO0J8kIQ0n58oYZeDumTK/Bs
g9sD8hn5uJVcyTN9Ix9g4yYHJB8qoRctyzRJLkutP1J7ljYi8mLp/nStEqOzMnmo
RInf5VTWHqdfOd98jvRr3ibPVHDtbsFFpi/P0fHhmncF8FRb2JDpLlMcIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK5dBW/V773ZzR8hxl9GB2zOv0seMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvcmwwRmI5WHZ2ZG5OSHlIR1gwWUhiTTZfU3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg2YgDAN
BgkqhkiG9w0BAQsFAAOCAQEAVPbyunyJPr3tOsh75GvFFn2kt2vfT0XlTI1DQMBD
2IBz/LBvSNiMWXyU8Yudhi56jsAtcEUWIYHRUybjs0YHf2J/q3D5y8p1YjSC/GyQ
tp5hH5zJv4tNNk/Fnk3kt2X6PWBtpTw5ekyCCUp1T0bFoQIdSJGoG5iCc9hhgFFP
M/VdoCGZHNCWTdCW17zQTsmfvlJBADoralKgN4p5gbw07FVjH758fAdSqHP1yBZe
X7jF3BImSpPnQZpkhCkxC4Ii9AqzcIWni/fQTKxZgUc2A17AQpDHcPGgU3smKco8
as/ULIH1cnnym5Xh+vQUZV/eOd0sDI+7qgOXykxSp8sHaA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:39:46 2024 by rpki-client on console-ams.rpki-client.org