Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/4v09e-PzNG7MsMP0keLchq9rawU.roa
File: 4v09e-PzNG7MsMP0keLchq9rawU.roa (raw, json)
Hash identifier: sOsgwLntiBACBFTp+eZqqpMaRlAxRG0FXKNSl1d3tmw=
Subject key identifier: E2:FD:3D:7B:E3:F3:34:6E:CC:B0:C3:F4:91:E2:DC:86:AF:6B:6B:05
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D2E33072CE23E6EFC94FD122B7BA8
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/4v09e-PzNG7MsMP0keLchq9rawU.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203804
IP address blocks: 2a0e:aa07:e043::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2e:33:07:2c:e2:3e:6e:fc:94:fd:12:2b:7b:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2fd3d7be3f3346eccb0c3f491e2dc86af6b6b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fd:ac:03:cc:9b:9d:ac:5d:e2:b9:c6:a1:11:
0e:bf:05:bc:95:d1:fe:08:49:a3:e4:2b:de:7e:8d:
8e:98:23:28:9c:aa:01:bb:a4:bd:a4:86:01:32:b5:
08:99:93:e0:34:ae:df:94:e9:0e:9d:cc:e4:fd:f5:
f9:65:27:2a:5b:0e:cb:ea:58:ec:67:1e:53:8b:99:
70:38:f3:15:0f:e9:7b:fb:02:88:ff:80:d1:6f:22:
47:ec:42:ba:b6:20:f1:c0:86:bf:d8:a5:5c:cb:6c:
cb:23:9d:52:cb:d2:8d:8d:a9:78:0f:76:c3:93:dd:
39:f3:9a:5b:3d:0b:34:d5:57:eb:75:81:eb:03:2b:
7e:ef:78:e2:d3:18:02:80:30:b1:d8:3c:92:78:11:
86:13:c9:4c:9f:d9:01:9a:40:97:b3:92:24:eb:7e:
cf:be:4d:7b:e3:c8:7d:88:b9:5e:9d:b9:3b:c8:79:
99:d9:39:3d:25:4c:08:ef:7c:b3:55:8a:9d:a4:b9:
20:38:c5:62:d6:b0:14:63:6f:78:5e:2b:66:58:ef:
03:6b:cb:b6:05:54:68:df:9b:58:78:45:43:38:a3:
2e:f9:36:90:de:37:4a:ec:7f:51:a2:7d:0d:ed:10:
88:28:86:67:da:c5:0f:51:ac:ca:3f:d9:3f:4a:38:
57:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:FD:3D:7B:E3:F3:34:6E:CC:B0:C3:F4:91:E2:DC:86:AF:6B:6B:05
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/4v09e-PzNG7MsMP0keLchq9rawU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e043::/48
Signature Algorithm: sha256WithRSAEncryption
88:f0:cc:77:56:76:04:c3:9a:1b:48:fa:5a:9b:4a:36:78:93:
7b:13:ac:2d:35:e9:71:bd:fb:af:f3:94:58:22:47:fb:6a:83:
89:eb:5c:95:8f:ea:cc:21:a4:2e:60:2f:cd:c4:54:3a:77:8c:
cb:29:ed:a2:c9:27:77:fe:28:5a:5f:f8:71:d4:ca:b1:97:47:
6f:00:0d:f5:ed:71:1a:0c:d3:df:e0:2c:b5:a2:b1:00:f0:02:
60:6e:44:9a:c3:13:f0:38:ab:da:8b:5c:01:36:5c:42:53:b2:
bf:79:6f:76:19:ef:b9:2c:fb:69:58:de:a4:25:b9:27:13:ba:
d3:71:f8:2d:ec:18:3b:0f:67:35:1f:62:c2:36:29:14:75:34:
d7:cc:c1:48:5b:62:92:c0:ff:e4:22:7b:a1:63:97:19:c1:bc:
f0:ee:d7:29:d5:3a:e4:ae:bb:8d:b5:c9:0f:8e:70:83:6c:f2:
e1:cd:0d:8f:15:73:f3:01:a3:8f:57:74:e4:25:49:2b:12:0a:
2c:b0:f7:6e:68:28:33:26:81:ee:8f:e6:2e:eb:c5:89:ab:79:
2a:41:d5:a0:2f:0f:72:51:10:11:e6:9f:04:16:d3:14:c1:b4:
a1:99:44:1e:c4:8e:f8:5a:4d:0a:94:12:99:22:3b:66:f9:7f:
fb:67:5c:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbS4zByziPm78lP0SK3uoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmZkM2Q3YmUzZjMzNDZlY2NiMGMzZjQ5MWUyZGM4NmFmNmI2YjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP2sA8ybnaxd4rnGoREOvwW8ldH+
CEmj5Cvefo2OmCMonKoBu6S9pIYBMrUImZPgNK7flOkOnczk/fX5ZScqWw7L6ljs
Zx5Ti5lwOPMVD+l7+wKI/4DRbyJH7EK6tiDxwIa/2KVcy2zLI51Sy9KNjal4D3bD
k90585pbPQs01VfrdYHrAyt+73ji0xgCgDCx2DySeBGGE8lMn9kBmkCXs5Ik637P
vk1748h9iLlenbk7yHmZ2Tk9JUwI73yzVYqdpLkgOMVi1rAUY294XitmWO8Da8u2
BVRo35tYeEVDOKMu+TaQ3jdK7H9Ron0N7RCIKIZn2sUPUazKP9k/SjhXLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOL9PXvj8zRuzLDD9JHi3Iava2sFMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvNHYwOWUtUHpORzdNc01QMGtlTGNocTlyYXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BD
MA0GCSqGSIb3DQEBCwUAA4IBAQCI8Mx3VnYEw5obSPpam0o2eJN7E6wtNelxvfuv
85RYIkf7aoOJ61yVj+rMIaQuYC/NxFQ6d4zLKe2iySd3/ihaX/hx1Mqxl0dvAA31
7XEaDNPf4Cy1orEA8AJgbkSawxPwOKvai1wBNlxCU7K/eW92Ge+5LPtpWN6kJbkn
E7rTcfgt7Bg7D2c1H2LCNikUdTTXzMFIW2KSwP/kInuhY5cZwbzw7tcp1TrkrruN
tckPjnCDbPLhzQ2PFXPzAaOPV3TkJUkrEgossPduaCgzJoHuj+Yu68WJq3kqQdWg
Lw9yURAR5p8EFtMUwbShmUQexI74Wk0KlBKZIjtm+X/7Z1wk
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:39 2024 by rpki-client on console-fra.rpki-client.org