Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/2UMLwzKM2W-T7ofXE54FF3ZCvVU.roa
File: 2UMLwzKM2W-T7ofXE54FF3ZCvVU.roa (raw, json)
Hash identifier: u6bIEOuVnd7QBp1Y5cMrxN7p48reYsMrFcyn/QdxIoY=
Subject key identifier: D9:43:0B:C3:32:8C:D9:6F:93:EE:87:D7:13:9E:05:17:76:42:BD:55
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 0190CD43EBDC4103DF26F31882987C941032
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/2UMLwzKM2W-T7ofXE54FF3ZCvVU.roa
Signing time: Fri 19 Jul 2024 23:11:38 +0000
ROA not before: Fri 19 Jul 2024 23:11:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54203
IP address blocks: 2a03:efc0:200::/40 maxlen: 40
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:1300::/40 maxlen: 40
2a03:efc0:1900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cd:43:eb:dc:41:03:df:26:f3:18:82:98:7c:94:10:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jul 19 23:11:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9430bc3328cd96f93ee87d7139e05177642bd55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a5:a9:37:d6:63:46:dc:ca:29:66:d3:0f:be:
2b:73:dc:7c:79:40:33:89:3f:03:5d:66:0f:d9:72:
a9:a0:8c:c8:7b:d4:02:db:72:ab:f6:ff:be:65:06:
94:df:3c:37:dd:11:a8:5c:51:e3:24:90:2f:99:a0:
90:e1:be:bd:81:83:d3:87:bc:5f:50:88:43:5b:f8:
4e:9c:80:73:a7:6c:34:1c:b9:33:6e:bc:d7:26:3c:
cc:f0:de:29:81:02:60:32:32:dc:c6:3d:ce:6e:8b:
2e:c1:89:08:24:fa:22:c2:29:7e:25:6f:85:7f:69:
e8:42:9d:27:e6:16:2e:92:88:08:e0:89:7d:1a:a9:
78:75:d1:98:e4:93:9d:0f:07:e7:85:13:0d:4e:6c:
38:4e:46:40:e1:4f:1d:d0:e7:0d:8f:66:c3:b4:56:
d3:88:d3:8b:a5:76:63:13:de:dd:b0:49:f8:c1:28:
c6:4b:00:50:b3:0b:62:e6:68:a3:80:8b:07:8a:90:
aa:4b:22:56:13:89:12:bf:9b:31:60:dc:a6:86:0d:
4a:f7:0f:7c:63:f2:9a:17:a2:63:78:98:ac:e8:50:
e3:78:22:1b:32:3f:0f:7e:39:f1:90:33:24:0a:45:
7b:67:1e:91:0f:97:84:5b:fe:2a:78:e4:01:18:b4:
b3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:43:0B:C3:32:8C:D9:6F:93:EE:87:D7:13:9E:05:17:76:42:BD:55
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/2UMLwzKM2W-T7ofXE54FF3ZCvVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:200::/40
2a03:efc0:500::/40
2a03:efc0:1300::/40
2a03:efc0:1900::/40
Signature Algorithm: sha256WithRSAEncryption
a2:ce:53:a2:bd:91:ca:d2:63:56:27:ea:30:11:68:ce:ac:ff:
0b:37:02:5b:08:8a:88:df:29:dd:83:82:ea:dc:7a:c1:20:31:
e7:05:28:bb:02:48:43:f5:b8:34:ca:4d:b0:84:44:0a:aa:c5:
75:0f:4c:73:c3:86:af:77:7d:e4:1a:54:53:ab:88:50:58:cb:
28:4f:a8:16:df:22:f5:fd:3c:ac:6f:16:1a:ac:17:07:f3:24:
e9:59:50:e6:c9:53:a6:53:29:b4:c2:ca:a2:80:d5:36:d3:9b:
6b:52:c5:d6:99:b8:ef:d8:86:96:db:89:9a:33:de:05:c0:e8:
66:52:12:03:24:02:ea:c4:25:d1:1f:94:db:15:13:ca:20:db:
ed:66:05:14:6f:df:99:8b:f4:49:08:96:7c:d7:9b:b5:38:b5:
25:ef:55:ec:16:ad:9c:de:d7:3a:53:22:19:82:0f:09:e4:cf:
32:69:83:64:c5:03:d5:04:a6:7c:69:48:3e:bb:bb:98:74:d8:
c4:d6:c7:74:72:a9:7b:be:16:4b:3e:bb:39:12:89:fc:16:57:
81:c7:a0:f7:de:5e:24:ac:51:b7:43:dc:91:27:63:92:ca:16:
2f:5b:c1:2e:9f:1a:ad:99:f5:4e:b3:9d:7f:70:3a:6e:8d:6b:
7b:59:bf:ec
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZDNQ+vcQQPfJvMYgph8lBAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwNzE5MjMxMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQzMGJjMzMyOGNkOTZmOTNlZTg3ZDcxMzllMDUxNzc2NDJiZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KWpN9ZjRtzKKWbTD74rc9x8eUAz
iT8DXWYP2XKpoIzIe9QC23Kr9v++ZQaU3zw33RGoXFHjJJAvmaCQ4b69gYPTh7xf
UIhDW/hOnIBzp2w0HLkzbrzXJjzM8N4pgQJgMjLcxj3ObosuwYkIJPoiwil+JW+F
f2noQp0n5hYukogI4Il9Gql4ddGY5JOdDwfnhRMNTmw4TkZA4U8d0OcNj2bDtFbT
iNOLpXZjE97dsEn4wSjGSwBQswti5mijgIsHipCqSyJWE4kSv5sxYNymhg1K9w98
Y/KaF6JjeJis6FDjeCIbMj8PfjnxkDMkCkV7Zx6RD5eEW/4qeOQBGLSz6QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNlDC8MyjNlvk+6H1xOeBRd2Qr1VMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvMlVNTHd6S00yVy1UN29mWEU1NEZGM1pDdlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwYAKgPvwAID
BgAqA+/ABQMGACoD78ATAwYAKgPvwBkwDQYJKoZIhvcNAQELBQADggEBAKLOU6K9
kcrSY1Yn6jARaM6s/ws3AlsIiojfKd2DgurcesEgMecFKLsCSEP1uDTKTbCERAqq
xXUPTHPDhq93feQaVFOriFBYyyhPqBbfIvX9PKxvFhqsFwfzJOlZUObJU6ZTKbTC
yqKA1TbTm2tSxdaZuO/YhpbbiZoz3gXA6GZSEgMkAurEJdEflNsVE8og2+1mBRRv
35mL9EkIlnzXm7U4tSXvVewWrZze1zpTIhmCDwnkzzJpg2TFA9UEpnxpSD67u5h0
2MTWx3RyqXu+Fks+uzkSifwWV4HHoPfeXiSsUbdD3JEnY5LKFi9bwS6fGq2Z9U6z
nX9wOm6Na3tZv+w=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:31:04 2024 by rpki-client on console-fra.rpki-client.org