Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/QmXN46-Hyc8UZilqfO_910Sr1JQ.roa
File: QmXN46-Hyc8UZilqfO_910Sr1JQ.roa (raw, json)
Hash identifier: pmNF1AQ/4XP1VHxNl4h7eUSHW3I+v/v6M/Q5S6SPnpc=
Subject key identifier: 42:65:CD:E3:AF:87:C9:CF:14:66:29:6A:7C:EF:FD:D7:44:AB:D4:94
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 018CC34935439120A47B80709C13AD674DCA
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/QmXN46-Hyc8UZilqfO_910Sr1JQ.roa
Signing time: Mon 01 Jan 2024 04:30:04 +0000
ROA not before: Mon 01 Jan 2024 04:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21416
IP address blocks: 2a0e:eac0:1106::/48 maxlen: 48
2a0e:eac0:1001::/48 maxlen: 48
2a0e:eac0:1104::/48 maxlen: 48
2a0e:eac0:1107::/48 maxlen: 48
2a0e:eac0:1112::/48 maxlen: 48
2a0e:eac0:1002::/48 maxlen: 48
2a0e:eac0:1115::/48 maxlen: 48
2a0e:eac0:1105::/48 maxlen: 48
2a0e:eac0:1108::/48 maxlen: 48
2a0e:eac0:1000::/48 maxlen: 48
2a0e:eac0:1113::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:35:43:91:20:a4:7b:80:70:9c:13:ad:67:4d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Jan 1 04:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4265cde3af87c9cf1466296a7ceffdd744abd494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:57:92:35:02:f0:a3:d1:97:2e:28:26:2a:8a:
d4:a3:c1:35:3e:1f:e7:ed:99:a5:b9:a7:3e:25:ca:
98:c9:d0:84:20:51:38:8a:bb:d1:00:f4:59:e0:7e:
05:43:70:78:3b:16:8e:3e:d2:bf:83:41:73:7d:ff:
41:d7:6f:ef:06:b4:2b:df:9e:38:45:3f:e3:ce:5e:
9a:f5:29:31:34:6b:8d:b6:ff:9c:c7:3c:d0:f6:e3:
c4:25:08:9f:63:c5:0e:70:86:47:90:82:9b:7c:b5:
f1:c7:6a:39:63:03:28:3d:86:8d:45:77:c6:c6:00:
a8:59:ac:f8:67:9a:30:12:0e:15:43:d5:77:0b:95:
b8:03:04:e3:1c:79:84:a2:09:18:8e:8f:ae:7f:de:
88:91:be:df:9a:27:a2:da:e0:44:36:0b:ff:f5:ad:
f9:20:38:02:5c:a5:9a:40:d2:f6:aa:7c:91:ff:9b:
97:37:1c:12:76:22:88:e4:ce:68:aa:74:cf:95:a7:
d1:0a:89:b3:a4:d1:c1:b9:80:1a:77:10:70:32:8c:
52:08:3c:01:02:e8:19:cd:fc:00:bb:c6:63:65:12:
e0:ec:40:d8:6e:ae:c1:fe:42:45:5e:ed:da:cc:d5:
1b:59:5c:b2:2d:d2:f4:24:ac:a6:94:4b:a8:ac:93:
f6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:65:CD:E3:AF:87:C9:CF:14:66:29:6A:7C:EF:FD:D7:44:AB:D4:94
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/QmXN46-Hyc8UZilqfO_910Sr1JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:eac0:1000::-2a0e:eac0:1002:ffff:ffff:ffff:ffff:ffff
2a0e:eac0:1104::-2a0e:eac0:1108:ffff:ffff:ffff:ffff:ffff
2a0e:eac0:1112::/47
2a0e:eac0:1115::/48
Signature Algorithm: sha256WithRSAEncryption
08:3e:03:f8:8a:6c:7f:73:f5:33:7b:39:be:c3:78:20:ad:83:
d2:6d:32:e7:cc:84:90:3d:ed:7c:4a:d6:9d:13:cc:7e:04:f6:
88:d4:7c:70:f7:f6:42:12:da:61:cf:64:84:9b:ad:c4:e3:75:
e5:57:a5:bb:d7:c8:a3:e6:e4:3f:da:d6:be:2a:75:d7:1e:b4:
9a:01:09:83:c3:2a:3e:90:4d:44:b5:c1:f0:23:ad:8c:a6:6a:
e6:d2:28:d6:d6:ee:d0:c1:0d:72:78:ec:82:38:77:87:38:42:
00:5f:ed:7b:9e:30:d2:cf:fc:14:07:8b:bd:65:7b:4b:9c:03:
ae:9d:d6:0d:1d:dd:30:97:a0:25:05:e3:2a:85:d9:2a:b1:65:
e4:01:88:af:d0:a3:67:21:8a:c6:a9:b2:be:72:09:6e:4b:e7:
4b:b9:b5:6a:41:13:b1:b3:28:55:f0:a2:5c:e4:ba:05:f7:3a:
f9:c5:93:2c:89:6f:52:15:78:98:d0:6f:26:b8:81:8a:3a:8b:
d8:fd:ae:25:9a:d8:c0:58:3c:83:b0:a2:94:9a:28:40:a1:9e:
55:b3:df:e8:24:54:6f:64:c7:03:93:f6:b0:2c:b1:c5:80:90:
6d:ab:da:0c:b7:60:25:33:9f:dc:ca:ea:4b:7f:17:f7:3a:3b:
85:c8:2d:9f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzDSTVDkSCke4BwnBOtZ03KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjQwMTAxMDQzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY1Y2RlM2FmODdjOWNmMTQ2NjI5NmE3Y2VmZmRkNzQ0YWJkNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgleSNQLwo9GXLigmKorUo8E1Ph/n
7Zmluac+JcqYydCEIFE4irvRAPRZ4H4FQ3B4OxaOPtK/g0Fzff9B12/vBrQr3544
RT/jzl6a9SkxNGuNtv+cxzzQ9uPEJQifY8UOcIZHkIKbfLXxx2o5YwMoPYaNRXfG
xgCoWaz4Z5owEg4VQ9V3C5W4AwTjHHmEogkYjo+uf96Ikb7fmiei2uBENgv/9a35
IDgCXKWaQNL2qnyR/5uXNxwSdiKI5M5oqnTPlafRComzpNHBuYAadxBwMoxSCDwB
AugZzfwAu8ZjZRLg7EDYbq7B/kJFXu3azNUbWVyyLdL0JKymlEuorJP2wwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEJlzeOvh8nPFGYpanzv/ddEq9SUMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvUW1YTjQ2LUh5YzhVWmlscWZPXzkxMFNyMUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIAAjA5MBEDBgQqDurA
EAMHACoO6sAQAjASAwcCKg7qwBEEAwcAKg7qwBEIAwcBKg7qwBESAwcAKg7qwBEV
MA0GCSqGSIb3DQEBCwUAA4IBAQAIPgP4imx/c/Uzezm+w3ggrYPSbTLnzISQPe18
StadE8x+BPaI1Hxw9/ZCEtphz2SEm63E43XlV6W718ij5uQ/2ta+KnXXHrSaAQmD
wyo+kE1EtcHwI62Mpmrm0ijW1u7QwQ1yeOyCOHeHOEIAX+17njDSz/wUB4u9ZXtL
nAOundYNHd0wl6AlBeMqhdkqsWXkAYiv0KNnIYrGqbK+cgluS+dLubVqQROxsyhV
8KJc5LoF9zr5xZMsiW9SFXiY0G8muIGKOovY/a4lmtjAWDyDsKKUmihAoZ5Vs9/o
JFRvZMcDk/awLLHFgJBtq9oMt2AlM5/cyupLfxf3OjuFyC2f
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:38:22 2024 by rpki-client on console-ams.rpki-client.org