Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/RFIlnaIAoX8ADOUQ_PMaVk9YysM.roa
File: RFIlnaIAoX8ADOUQ_PMaVk9YysM.roa (raw, json)
Hash identifier: ZWYE5ZKufhyUNHCp3iG71LvrMlK1BYn3eDEnfzE3MoI=
Subject key identifier: 44:52:25:9D:A2:00:A1:7F:00:0C:E5:10:FC:F3:1A:56:4F:58:CA:C3
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D21D8C0F27F0BAB096967E4F5EBA5
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/RFIlnaIAoX8ADOUQ_PMaVk9YysM.roa
Signing time: Mon 01 Jan 2024 00:29:41 +0000
ROA not before: Mon 01 Jan 2024 00:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24239
IP address blocks: 2a0e:aa06:490::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 09:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:21:d8:c0:f2:7f:0b:ab:09:69:67:e4:f5:eb:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4452259da200a17f000ce510fcf31a564f58cac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:15:dc:bc:a2:5d:a1:3f:12:3a:97:cd:1c:ac:
fd:20:bf:84:98:f6:85:ce:06:7d:a9:2c:1c:01:10:
40:c7:90:42:44:7b:29:26:5a:68:8e:58:cf:22:9b:
0f:6c:74:3f:93:d9:1d:37:21:01:f9:3e:09:e4:8a:
29:1c:0b:2c:b0:c0:ab:dd:e5:6b:c7:95:8e:f4:ab:
1b:f6:34:c9:ad:ba:5e:97:9d:f2:4b:79:9c:f3:6e:
57:e6:58:af:c0:72:df:77:23:31:cc:93:6f:4f:b6:
c2:f2:a3:2b:98:b2:65:92:24:5b:a9:8b:8b:8e:3d:
59:51:c5:10:09:60:54:26:31:fa:a0:a1:80:52:4b:
8b:49:1c:e1:f6:0f:8e:6f:2f:d0:39:ae:d8:ed:54:
35:84:8b:29:df:41:f5:86:cb:dd:dc:b3:91:35:33:
cd:d9:e5:05:b8:2e:d8:99:6c:4a:6e:b1:1a:28:64:
1e:07:37:b6:57:10:e0:b6:90:75:0c:41:b9:12:9f:
5e:26:d4:1f:b2:ba:62:9a:02:0e:c3:1e:50:c0:07:
fe:b4:bf:de:c4:d5:ab:20:e1:55:d2:fa:56:ba:ce:
12:bf:79:84:07:4f:1b:0d:f0:40:9e:7c:47:2b:16:
87:0c:6f:90:3e:99:0f:8b:d4:3e:43:24:bc:af:de:
5b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:52:25:9D:A2:00:A1:7F:00:0C:E5:10:FC:F3:1A:56:4F:58:CA:C3
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/RFIlnaIAoX8ADOUQ_PMaVk9YysM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa06:490::/44
Signature Algorithm: sha256WithRSAEncryption
2a:57:9a:d3:74:14:f5:91:91:5f:64:e3:8b:df:c3:3f:68:4c:
a4:d0:8c:06:f2:fc:ef:3e:e2:42:0c:3d:7d:9d:c6:aa:ca:ec:
14:1c:ce:1d:32:3c:4e:a6:6a:86:9d:04:c8:b5:ed:8f:c9:5f:
76:c0:eb:3f:ec:fc:3f:a3:7f:d0:16:6f:04:3d:47:26:6b:5a:
2f:03:5c:a1:70:b4:eb:18:c6:de:d1:e4:43:ac:0c:20:12:7a:
50:fb:69:52:23:3c:49:79:0f:c9:7a:c0:d6:fc:60:72:51:3e:
d0:a4:94:6f:33:f9:0f:19:8d:7b:9b:22:6d:ca:1c:74:c9:f8:
a3:cd:62:52:e1:5b:70:dc:7f:0a:7f:e4:33:4f:91:65:be:65:
8d:af:2a:39:81:fd:a9:51:ac:ab:d0:30:d8:1b:35:51:6d:ef:
d0:d2:b1:8f:62:a5:96:bb:f5:02:7f:67:78:2c:e6:be:f4:b7:
db:69:1a:4a:93:08:82:f3:07:e4:ad:a4:db:12:c8:b8:1a:65:
0e:76:68:ed:b4:a9:0e:69:89:d4:5f:27:5b:78:17:b2:18:07:
6d:a0:9a:4c:a0:0e:a4:81:b7:38:ea:29:48:d0:09:f8:dd:4a:
4f:4d:e1:53:6d:5f:5d:37:5b:97:31:fc:82:9c:75:07:93:b0:
a4:cd:5f:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbSHYwPJ/C6sJaWfk9eulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDUyMjU5ZGEyMDBhMTdmMDAwY2U1MTBmY2YzMWE1NjRmNThjYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBXcvKJdoT8SOpfNHKz9IL+EmPaF
zgZ9qSwcARBAx5BCRHspJlpojljPIpsPbHQ/k9kdNyEB+T4J5IopHAsssMCr3eVr
x5WO9Ksb9jTJrbpel53yS3mc825X5livwHLfdyMxzJNvT7bC8qMrmLJlkiRbqYuL
jj1ZUcUQCWBUJjH6oKGAUkuLSRzh9g+Oby/QOa7Y7VQ1hIsp30H1hsvd3LORNTPN
2eUFuC7YmWxKbrEaKGQeBze2VxDgtpB1DEG5Ep9eJtQfsrpimgIOwx5QwAf+tL/e
xNWrIOFV0vpWus4Sv3mEB08bDfBAnnxHKxaHDG+QPpkPi9Q+QyS8r95b3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFERSJZ2iAKF/AAzlEPzzGlZPWMrDMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvUkZJbG5hSUFvWDhBRE9VUV9QTWFWazlZeXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qBgSQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAqV5rTdBT1kZFfZOOL38M/aEyk0IwG8vzvPuJC
DD19ncaqyuwUHM4dMjxOpmqGnQTIte2PyV92wOs/7Pw/o3/QFm8EPUcma1ovA1yh
cLTrGMbe0eRDrAwgEnpQ+2lSIzxJeQ/JesDW/GByUT7QpJRvM/kPGY17myJtyhx0
yfijzWJS4Vtw3H8Kf+QzT5FlvmWNryo5gf2pUayr0DDYGzVRbe/Q0rGPYqWWu/UC
f2d4LOa+9LfbaRpKkwiC8wfkraTbEsi4GmUOdmjttKkOaYnUXydbeBeyGAdtoJpM
oA6kgbc46ilI0An43UpPTeFTbV9dN1uXMfyCnHUHk7CkzV/M
-----END CERTIFICATE-----
Generated at Fri May 3 12:52:13 2024 by rpki-client on console-fra.rpki-client.org