Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/9JnkhZXHsfjthjdweCpxwNfBEgg.roa
File: 9JnkhZXHsfjthjdweCpxwNfBEgg.roa (raw, json)
Hash identifier: Xaj12VE15dniDk/1WkMadAaw0E9u4jjWH0zGdV/zfXU=
Subject key identifier: F4:99:E4:85:95:C7:B1:F8:ED:86:37:70:78:2A:71:C0:D7:C1:12:08
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018F8C77AE29D56EC817E22E68D4E50B2551
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/9JnkhZXHsfjthjdweCpxwNfBEgg.roa
Signing time: Sat 18 May 2024 16:10:04 +0000
ROA not before: Sat 18 May 2024 16:10:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 2a0e:aa06:504::/48 maxlen: 48
2a0e:aa06:505::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8c:77:ae:29:d5:6e:c8:17:e2:2e:68:d4:e5:0b:25:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: May 18 16:10:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f499e48595c7b1f8ed863770782a71c0d7c11208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6d:6f:fd:16:51:f8:5b:ee:24:c7:3a:de:13:
40:e0:b6:4c:ec:29:92:2e:17:84:26:fa:ec:c1:79:
81:ba:36:00:f2:21:37:b3:56:4b:33:dc:57:d9:fd:
6d:cc:97:3e:35:4b:99:33:68:21:75:81:b6:51:1c:
12:9c:de:62:a9:fb:1b:5f:f8:01:ca:5d:5a:13:5a:
e1:54:15:49:a0:4e:b2:41:be:a3:ed:d9:ac:82:76:
55:17:ea:7c:00:63:67:42:8a:41:a5:0e:d7:35:44:
28:c4:c4:98:94:29:88:a5:ae:f6:10:ef:1d:7f:8e:
54:29:f6:57:68:9a:89:69:df:cb:e2:9a:29:6c:26:
f7:ea:40:fb:c8:02:3f:84:32:5b:64:11:9a:2a:55:
80:8f:c5:bd:1f:a5:81:d3:3c:f2:e9:c3:80:8b:6f:
3a:4a:ac:69:0d:20:10:cb:df:00:de:90:0e:c7:d9:
96:b6:a3:5a:06:e8:c9:c2:2e:f4:e5:9a:ba:41:80:
e7:1c:06:15:cc:a6:7d:4f:76:3d:57:f2:dd:24:68:
84:e0:34:4f:29:b0:6a:f5:ec:90:4d:e4:2f:a5:5c:
65:14:38:2f:d0:6a:8f:b1:21:3c:73:c5:d9:5d:17:
b1:3a:51:94:1b:e2:ee:91:2c:b9:73:21:20:a4:72:
07:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:99:E4:85:95:C7:B1:F8:ED:86:37:70:78:2A:71:C0:D7:C1:12:08
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/9JnkhZXHsfjthjdweCpxwNfBEgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa06:504::/47
Signature Algorithm: sha256WithRSAEncryption
b1:ce:d7:46:c6:b1:04:46:9a:9b:f1:d2:e4:fa:8a:d2:03:2e:
45:ed:57:79:03:37:f2:46:2e:ab:eb:af:a8:13:0e:89:59:50:
3c:fd:dd:57:db:59:bc:f9:64:55:d9:0d:b4:4e:cc:ca:4d:02:
f2:c6:c5:3d:d9:fa:12:43:94:e2:8c:b3:31:9b:96:3b:2a:7e:
b4:28:84:ca:10:9e:2c:5f:d2:31:d8:d9:94:b1:0a:24:65:e5:
46:3f:6d:d8:f9:cc:09:62:3a:c2:d3:61:14:62:e8:00:7a:b0:
f2:85:66:ae:49:fb:05:42:41:b9:c4:2d:ec:4e:f8:f3:73:8f:
35:0f:e5:bd:5b:e8:46:25:8a:20:54:a2:29:19:05:07:54:50:
5f:b6:61:a5:1b:5f:11:0f:4c:dc:29:81:d6:d2:31:f5:a9:55:
fa:57:7d:a7:51:db:6e:d0:ff:f4:21:5d:2e:d5:bd:4a:9a:38:
d5:19:0b:18:75:a6:ff:ef:74:83:bb:1f:47:7c:7b:2d:76:b8:
c1:5b:0d:7b:ec:6a:bf:0f:dc:99:00:89:c4:37:04:54:75:21:
c3:40:8b:39:80:a7:d1:78:3c:90:7b:e5:cb:e2:b0:d2:a2:08:
54:ad:f1:94:f1:45:4c:77:78:da:ac:ce:af:d5:b1:c2:0f:d0:
dd:ea:57:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY+Md64p1W7IF+IuaNTlCyVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwNTE4MTYxMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk5ZTQ4NTk1YzdiMWY4ZWQ4NjM3NzA3ODJhNzFjMGQ3YzExMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG1v/RZR+FvuJMc63hNA4LZM7CmS
LheEJvrswXmBujYA8iE3s1ZLM9xX2f1tzJc+NUuZM2ghdYG2URwSnN5iqfsbX/gB
yl1aE1rhVBVJoE6yQb6j7dmsgnZVF+p8AGNnQopBpQ7XNUQoxMSYlCmIpa72EO8d
f45UKfZXaJqJad/L4popbCb36kD7yAI/hDJbZBGaKlWAj8W9H6WB0zzy6cOAi286
SqxpDSAQy98A3pAOx9mWtqNaBujJwi705Zq6QYDnHAYVzKZ9T3Y9V/LdJGiE4DRP
KbBq9eyQTeQvpVxlFDgv0GqPsSE8c8XZXRexOlGUG+LukSy5cyEgpHIHowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPSZ5IWVx7H47YY3cHgqccDXwRIIMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvOUpua2haWEhzZmp0aGpkd2VDcHh3TmZCRWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6qBgUE
MA0GCSqGSIb3DQEBCwUAA4IBAQCxztdGxrEERpqb8dLk+orSAy5F7Vd5AzfyRi6r
66+oEw6JWVA8/d1X21m8+WRV2Q20TszKTQLyxsU92foSQ5TijLMxm5Y7Kn60KITK
EJ4sX9Ix2NmUsQokZeVGP23Y+cwJYjrC02EUYugAerDyhWauSfsFQkG5xC3sTvjz
c481D+W9W+hGJYogVKIpGQUHVFBftmGlG18RD0zcKYHW0jH1qVX6V32nUdtu0P/0
IV0u1b1KmjjVGQsYdab/73SDux9HfHstdrjBWw177Gq/D9yZAInENwRUdSHDQIs5
gKfReDyQe+XL4rDSoghUrfGU8UVMd3jarM6v1bHCD9Dd6lei
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:16:29 2024 by rpki-client on console-ams.rpki-client.org