Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/GfyzAEgqDUlwEYFo1gR0_Mxjs2s.roa
File: GfyzAEgqDUlwEYFo1gR0_Mxjs2s.roa (raw, json)
Hash identifier: 7DiPmNfZx2Gegq/yjDVAil7ZfeRU0RiHwXsfi+EPrIc=
Subject key identifier: 19:FC:B3:00:48:2A:0D:49:70:11:81:68:D6:04:74:FC:CC:63:B3:6B
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D28B6EEC509D46C4C30FC3B0FE873
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/GfyzAEgqDUlwEYFo1gR0_Mxjs2s.roa
Signing time: Mon 01 Jan 2024 00:29:42 +0000
ROA not before: Mon 01 Jan 2024 00:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139742
IP address blocks: 2a0e:aa07:f000::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:28:b6:ee:c5:09:d4:6c:4c:30:fc:3b:0f:e8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19fcb300482a0d4970118168d60474fccc63b36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d7:0f:73:ee:6a:cf:a9:94:7c:f6:a0:34:9e:
bf:d2:73:77:fa:a1:38:d0:c0:d0:d2:e2:4b:d9:7b:
55:75:6e:8b:0e:d7:19:fb:33:c0:c3:e0:d3:18:44:
62:29:39:32:ad:05:eb:84:81:cc:c9:8e:f0:e7:a3:
fc:16:fe:91:54:c1:c6:54:a3:2a:48:6c:89:5a:bc:
25:01:e1:84:ff:fd:6a:cf:65:79:82:93:8b:79:17:
95:48:f2:5e:57:eb:f6:d9:66:90:84:02:bb:bd:d5:
dd:69:b7:dc:9d:5c:a4:dd:a1:6a:ed:81:51:1e:c1:
1a:c1:8f:d5:4a:7e:74:03:8e:1b:13:30:e1:b6:1b:
87:9d:e2:26:db:51:9c:1a:ef:c0:18:e6:12:49:56:
cc:ae:bc:fd:bc:0b:bd:8a:a6:65:70:55:33:dc:30:
41:b1:d9:60:7f:ef:88:c5:3d:cb:b9:00:a6:32:f9:
a6:ca:61:33:13:8b:13:58:37:3b:ea:69:90:44:08:
96:b7:ae:c0:a9:56:06:d1:d9:7e:fd:f8:91:29:f2:
62:21:93:08:20:0b:7f:83:94:18:2e:97:8a:9a:f7:
f6:05:bc:9f:8c:40:13:c4:1d:52:13:c6:4d:52:4b:
92:e4:8d:97:f0:aa:00:8a:ba:20:17:af:d6:f3:ab:
d5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FC:B3:00:48:2A:0D:49:70:11:81:68:D6:04:74:FC:CC:63:B3:6B
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/GfyzAEgqDUlwEYFo1gR0_Mxjs2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:f000::/44
Signature Algorithm: sha256WithRSAEncryption
4a:84:ab:37:18:90:d3:3e:07:9f:57:7b:78:1e:b6:40:fe:a6:
9d:8c:c3:f6:01:5b:99:f3:1f:dc:11:f2:66:c8:f3:87:5c:55:
80:a1:97:77:80:d8:1d:d4:32:40:1f:b5:2a:61:19:92:54:45:
b9:6c:d8:81:cf:84:d4:8b:7b:47:d9:a0:77:fb:73:d8:cc:b6:
6f:36:6b:cd:ec:8b:14:ff:2d:ce:ef:26:2a:8e:8e:ca:ad:32:
1b:b0:d3:0f:06:40:3d:d3:1d:28:09:68:5f:a1:73:ce:bf:a8:
c0:a1:5d:91:29:6c:52:8c:4c:46:10:31:13:d2:3b:29:3d:71:
b4:1b:ae:5c:4a:9a:b6:ec:02:04:51:be:6e:aa:7d:09:dd:25:
44:aa:c7:b4:4f:13:ce:d3:e6:f1:52:38:d0:4e:25:b8:22:48:
5d:17:75:24:57:d3:ac:51:ec:ad:c1:73:c3:38:f2:f4:fb:f2:
50:78:32:ca:61:9e:44:f2:e9:07:59:5a:fa:d4:32:81:2b:29:
c2:0c:7d:f4:b2:c6:75:b8:59:80:7a:7b:c9:70:ad:4e:09:c0:
8c:9d:d2:40:fe:9a:ec:5e:c5:5f:56:c5:0e:bb:c9:18:f9:ad:
f2:ce:49:8e:ba:bf:3f:da:40:4e:71:f5:98:bb:f1:47:ea:02:
49:5c:dc:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbSi27sUJ1GxMMPw7D+hzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZjYjMwMDQ4MmEwZDQ5NzAxMTgxNjhkNjA0NzRmY2NjNjNiMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNcPc+5qz6mUfPagNJ6/0nN3+qE4
0MDQ0uJL2XtVdW6LDtcZ+zPAw+DTGERiKTkyrQXrhIHMyY7w56P8Fv6RVMHGVKMq
SGyJWrwlAeGE//1qz2V5gpOLeReVSPJeV+v22WaQhAK7vdXdabfcnVyk3aFq7YFR
HsEawY/VSn50A44bEzDhthuHneIm21GcGu/AGOYSSVbMrrz9vAu9iqZlcFUz3DBB
sdlgf++IxT3LuQCmMvmmymEzE4sTWDc76mmQRAiWt67AqVYG0dl+/fiRKfJiIZMI
IAt/g5QYLpeKmvf2BbyfjEATxB1SE8ZNUkuS5I2X8KoAirogF6/W86vVKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBn8swBIKg1JcBGBaNYEdPzMY7NrMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvR2Z5ekFFZ3FEVWx3RVlGbzFnUjBfTXhqczJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB/AA
MA0GCSqGSIb3DQEBCwUAA4IBAQBKhKs3GJDTPgefV3t4HrZA/qadjMP2AVuZ8x/c
EfJmyPOHXFWAoZd3gNgd1DJAH7UqYRmSVEW5bNiBz4TUi3tH2aB3+3PYzLZvNmvN
7IsU/y3O7yYqjo7KrTIbsNMPBkA90x0oCWhfoXPOv6jAoV2RKWxSjExGEDET0jsp
PXG0G65cSpq27AIEUb5uqn0J3SVEqse0TxPO0+bxUjjQTiW4IkhdF3UkV9OsUeyt
wXPDOPL0+/JQeDLKYZ5E8ukHWVr61DKBKynCDH30ssZ1uFmAenvJcK1OCcCMndJA
/prsXsVfVsUOu8kY+a3yzkmOur8/2kBOcfWYu/FH6gJJXNxV
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:02:32 2024 by rpki-client on console-ams.rpki-client.org