Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Iee_xFpk5VrRyq8JMBI9YBeXy5k.roa
File: Iee_xFpk5VrRyq8JMBI9YBeXy5k.roa (raw, json)
Hash identifier: r4Dz9se6lsG8LicyRbz250d61E9/mZNw7MplBLZeg/U=
Subject key identifier: 21:E7:BF:C4:5A:64:E5:5A:D1:CA:AF:09:30:12:3D:60:17:97:CB:99
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D477DE99360C67C0A5C51C70D8E45
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Iee_xFpk5VrRyq8JMBI9YBeXy5k.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216405
IP address blocks: 2a0e:aa07:e120::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:47:7d:e9:93:60:c6:7c:0a:5c:51:c7:0d:8e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21e7bfc45a64e55ad1caaf0930123d601797cb99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1f:b3:04:3e:87:d8:b7:80:b4:10:24:72:7c:
5a:e7:c9:1c:06:12:59:6e:1e:cd:b3:65:d8:2e:36:
59:25:3d:96:ee:fa:87:21:33:55:2e:34:4a:5b:73:
7c:a2:55:0f:fb:5e:73:b8:26:a6:ec:96:23:9d:7c:
22:9b:31:c4:c8:92:17:88:56:f4:71:56:c7:72:98:
ea:12:62:c4:d3:90:56:95:23:a4:7b:a9:9d:ed:f2:
c1:76:b4:be:b5:94:a1:a4:01:c9:87:bd:d7:79:78:
a0:1c:1b:9d:3f:60:cd:e9:41:f2:d2:ca:ba:2e:7b:
4c:6c:bb:45:5f:37:65:be:5f:e8:78:2d:25:8f:3e:
32:b3:30:81:40:57:e0:1c:e5:0f:3b:09:ca:a3:98:
af:f6:39:64:e4:47:6c:84:1c:e0:63:28:1c:a6:21:
0d:af:07:43:5d:c7:2f:96:67:f9:bd:c2:03:eb:8d:
82:a4:fa:01:b7:8e:73:c6:82:65:cc:92:da:d7:fb:
98:f6:f6:13:aa:7c:3c:e7:4a:83:54:90:9e:7d:8f:
bf:86:d2:1b:63:ec:94:19:90:12:d4:8e:26:48:01:
8d:fe:0d:26:16:4d:0a:95:7a:e8:bf:65:8c:03:3b:
5e:9b:81:f0:e4:62:26:b9:ec:f4:fd:65:64:2a:92:
28:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E7:BF:C4:5A:64:E5:5A:D1:CA:AF:09:30:12:3D:60:17:97:CB:99
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/Iee_xFpk5VrRyq8JMBI9YBeXy5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e120::/44
Signature Algorithm: sha256WithRSAEncryption
2d:c0:a7:0f:2f:d9:2b:3c:2b:1b:2f:e2:2d:7d:7c:0a:eb:fb:
2c:b0:6c:a0:94:ac:12:f7:4d:67:ea:57:90:3a:83:e9:39:a9:
fe:38:a5:bf:f8:a5:b0:2d:38:4e:1d:9e:96:83:5a:af:20:2a:
7f:e0:ef:6d:51:1d:e7:40:16:dc:b6:7e:a3:b1:f0:c8:5d:69:
38:4f:0c:b8:d2:85:5e:db:fe:c5:f5:02:f2:95:f2:ac:14:36:
e1:43:54:9a:d6:f2:7c:48:da:8f:1c:22:0a:da:43:43:40:f4:
7c:c4:df:4b:d4:15:e3:ed:67:3d:ab:2f:34:8f:c7:b1:dc:f6:
37:f5:00:18:6a:52:14:9c:71:67:90:85:f7:50:6d:b5:55:1d:
76:03:a4:06:6d:25:fd:63:0b:f4:34:0d:c5:4a:4d:d2:8e:d6:
dd:77:b0:65:40:38:b9:4c:38:49:ff:f7:10:1d:b1:b2:b3:51:
15:bb:3d:b2:90:83:21:d5:83:58:f8:88:fb:52:a1:ef:4a:21:
df:93:1a:8b:b0:16:46:a8:eb:36:d5:5e:09:3a:ba:72:64:49:
5a:b8:60:33:c7:65:d9:09:3b:04:55:bf:a1:d7:ab:f1:e7:50:
c7:78:8c:c1:ad:d3:00:66:70:9b:52:76:70:76:06:45:5a:7b:
b7:c6:e5:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbUd96ZNgxnwKXFHHDY5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWU3YmZjNDVhNjRlNTVhZDFjYWFmMDkzMDEyM2Q2MDE3OTdjYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB+zBD6H2LeAtBAkcnxa58kcBhJZ
bh7Ns2XYLjZZJT2W7vqHITNVLjRKW3N8olUP+15zuCam7JYjnXwimzHEyJIXiFb0
cVbHcpjqEmLE05BWlSOke6md7fLBdrS+tZShpAHJh73XeXigHBudP2DN6UHy0sq6
LntMbLtFXzdlvl/oeC0ljz4yszCBQFfgHOUPOwnKo5iv9jlk5EdshBzgYygcpiEN
rwdDXccvlmf5vcID642CpPoBt45zxoJlzJLa1/uY9vYTqnw850qDVJCefY+/htIb
Y+yUGZAS1I4mSAGN/g0mFk0KlXrov2WMAztem4Hw5GImuez0/WVkKpIowwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCHnv8RaZOVa0cqvCTASPWAXl8uZMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvSWVlX3hGcGs1VnJSeXE4Sk1CSTlZQmVYeTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+Eg
MA0GCSqGSIb3DQEBCwUAA4IBAQAtwKcPL9krPCsbL+ItfXwK6/sssGyglKwS901n
6leQOoPpOan+OKW/+KWwLThOHZ6Wg1qvICp/4O9tUR3nQBbctn6jsfDIXWk4Twy4
0oVe2/7F9QLylfKsFDbhQ1Sa1vJ8SNqPHCIK2kNDQPR8xN9L1BXj7Wc9qy80j8ex
3PY39QAYalIUnHFnkIX3UG21VR12A6QGbSX9Ywv0NA3FSk3Sjtbdd7BlQDi5TDhJ
//cQHbGys1EVuz2ykIMh1YNY+Ij7UqHvSiHfkxqLsBZGqOs21V4JOrpyZElauGAz
x2XZCTsEVb+h16vx51DHeIzBrdMAZnCbUnZwdgZFWnu3xuVr
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:16:41 2024 by rpki-client on console-fra.rpki-client.org