Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/AU321EV3OOprPP8c6QqwyjQN8GI.roa
File: AU321EV3OOprPP8c6QqwyjQN8GI.roa (raw, json)
Hash identifier: XWPwfamAUbG+8vyB9dTuuUGtde0ONJnEhHXd8TnWxnU=
Subject key identifier: 01:4D:F6:D4:45:77:38:EA:6B:3C:FF:1C:E9:0A:B0:CA:34:0D:F0:62
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 0191BBEC7AB827AE5A445CB40A90E1705998
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/AU321EV3OOprPP8c6QqwyjQN8GI.roa
Signing time: Wed 04 Sep 2024 07:25:22 +0000
ROA not before: Wed 04 Sep 2024 07:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a02:3040:43:ff00::/56 maxlen: 56
2a02:3040:4d::/48 maxlen: 48
2a02:3040:4e::/48 maxlen: 48
2a02:3040:4f::/50 maxlen: 50
2a02:3040:4f:8000::/50 maxlen: 50
2a02:3040:4f:c000::/50 maxlen: 50
2a02:3040:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:ec:7a:b8:27:ae:5a:44:5c:b4:0a:90:e1:70:59:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Sep 4 07:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=014df6d4457738ea6b3cff1ce90ab0ca340df062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:24:ee:94:e4:75:c6:d9:33:23:0e:e5:95:9b:
1e:5f:c4:71:61:74:1c:01:d1:d2:a4:48:49:15:02:
f9:98:81:17:62:08:2f:02:79:70:6b:15:4b:dd:c1:
e4:35:ae:b1:a2:b7:1c:a0:60:5b:db:4e:c2:e4:37:
45:bc:57:d3:a7:79:4e:0b:d1:38:6f:53:b4:58:a4:
08:f8:c4:36:ab:c2:bc:9b:b2:62:43:c9:04:4e:a6:
ca:38:fc:d0:2d:80:7b:78:2b:0e:63:76:a6:b5:d3:
37:a9:48:3a:d1:35:f8:7c:67:7b:d0:c0:21:1d:09:
7e:78:69:d3:83:9f:c5:ef:4d:9a:f9:8a:0f:7a:30:
9a:25:cb:c4:66:63:be:dc:57:0b:5e:6b:14:1b:89:
80:fb:cc:e9:d5:84:47:4d:21:7c:9e:f9:8c:2e:fa:
ae:b3:e0:c2:c9:ad:ad:2f:84:47:53:b0:9f:45:60:
23:6b:39:0b:f2:75:ac:8a:e1:c2:88:fb:07:d5:d8:
3b:b0:e0:eb:51:f1:2f:ae:66:3e:9d:46:7d:2f:38:
b2:26:d7:84:e2:7b:34:09:9f:e5:c4:4e:be:22:39:
b1:9b:16:07:d0:8a:8d:55:67:c5:0d:35:b5:e3:d5:
4b:4d:d5:f1:92:26:d5:a9:5c:98:1a:d4:4c:88:92:
53:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:4D:F6:D4:45:77:38:EA:6B:3C:FF:1C:E9:0A:B0:CA:34:0D:F0:62
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/AU321EV3OOprPP8c6QqwyjQN8GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:3040:43:ff00::/56
2a02:3040:4d::-2a02:3040:4f:3fff:ffff:ffff:ffff:ffff
2a02:3040:4f:8000::-2a02:3040:50:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5a:83:92:99:90:fa:67:da:ae:fc:e0:eb:55:28:02:7a:ba:50:
c9:45:75:fe:86:d4:57:c0:dc:d3:b2:3d:91:ed:c7:33:fa:bc:
8f:23:5d:8e:db:e5:e6:ac:14:28:be:7c:2e:d1:3b:b8:37:a0:
a7:83:0c:49:93:bd:9f:78:1c:27:8b:b3:64:ed:ce:78:69:f8:
cd:f6:ed:57:99:fb:e0:23:af:f5:15:bd:ae:24:49:86:c4:17:
13:17:13:30:fa:a1:e2:43:82:5b:f7:8d:a9:ba:53:cf:06:30:
28:64:7c:07:5e:46:55:70:5a:c8:20:67:20:51:bb:47:10:ff:
42:fd:8a:66:82:53:81:9a:e6:0d:fa:4b:b6:a7:8e:0c:0a:de:
06:31:13:fa:b4:4b:95:81:aa:c0:9f:dd:39:a6:42:11:9f:af:
57:64:98:b9:f7:d5:35:d6:db:02:14:19:e2:f4:44:e3:9f:79:
bf:65:7a:57:34:c7:d6:4c:84:57:e0:dc:38:f0:c1:24:4c:b6:
a5:9c:c1:6b:cd:c7:fd:2f:cf:e5:cf:e3:16:cb:ec:c7:b7:b2:
17:11:ba:59:eb:97:81:2f:46:fb:84:3d:68:73:e7:88:5f:5d:
54:81:bd:e9:bd:8a:b1:df:69:29:66:cf:1a:65:97:e9:dd:77:
d5:0e:02:6d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZG77Hq4J65aRFy0CpDhcFmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjQwOTA0MDcyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTRkZjZkNDQ1NzczOGVhNmIzY2ZmMWNlOTBhYjBjYTM0MGRmMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0STulOR1xtkzIw7llZseX8RxYXQc
AdHSpEhJFQL5mIEXYggvAnlwaxVL3cHkNa6xorccoGBb207C5DdFvFfTp3lOC9E4
b1O0WKQI+MQ2q8K8m7JiQ8kETqbKOPzQLYB7eCsOY3amtdM3qUg60TX4fGd70MAh
HQl+eGnTg5/F702a+YoPejCaJcvEZmO+3FcLXmsUG4mA+8zp1YRHTSF8nvmMLvqu
s+DCya2tL4RHU7CfRWAjazkL8nWsiuHCiPsH1dg7sODrUfEvrmY+nUZ9LziyJteE
4ns0CZ/lxE6+IjmxmxYH0IqNVWfFDTW149VLTdXxkibVqVyYGtRMiJJTlwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAFN9tRFdzjqazz/HOkKsMo0DfBiMB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvQVUzMjFFVjNPT3ByUFA4YzZRcXd5alFOOEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAAjA0AwgAKgIwQABD
/zATAwcAKgIwQABNAwgGKgIwQABPADATAwgHKgIwQABPgAMHACoCMEAAUDANBgkq
hkiG9w0BAQsFAAOCAQEAWoOSmZD6Z9qu/ODrVSgCerpQyUV1/obUV8Dc07I9ke3H
M/q8jyNdjtvl5qwUKL58LtE7uDegp4MMSZO9n3gcJ4uzZO3OeGn4zfbtV5n74COv
9RW9riRJhsQXExcTMPqh4kOCW/eNqbpTzwYwKGR8B15GVXBayCBnIFG7RxD/Qv2K
ZoJTgZrmDfpLtqeODAreBjET+rRLlYGqwJ/dOaZCEZ+vV2SYuffVNdbbAhQZ4vRE
4595v2V6VzTH1kyEV+DcOPDBJEy2pZzBa83H/S/P5c/jFsvsx7eyFxG6WeuXgS9G
+4Q9aHPniF9dVIG96b2Ksd9pKWbPGmWX6d131Q4CbQ==
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:08:53 2024 by rpki-client on console-ams.rpki-client.org