Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hFqANFlBKnAv5eJDOMVTkHzaleM.roa
File: hFqANFlBKnAv5eJDOMVTkHzaleM.roa (raw, json)
Hash identifier: JgRjMVn5qzNmFMik62ArgfblKRUsQ+HK6cD877VsnYs=
Subject key identifier: 84:5A:80:34:59:41:2A:70:2F:E5:E2:43:38:C5:53:90:7C:DA:95:E3
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D3229D70341B1A6673D84147C134A
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hFqANFlBKnAv5eJDOMVTkHzaleM.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207454
IP address blocks: 2a0e:aa07:e00a::/48 maxlen: 48
2a0e:aa06:480::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:32:29:d7:03:41:b1:a6:67:3d:84:14:7c:13:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=845a803459412a702fe5e24338c553907cda95e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b3:5a:6d:46:f4:4e:35:1d:9b:e7:c1:2f:52:
15:77:93:96:dd:0d:97:f9:a3:79:80:d2:44:f9:ce:
69:3d:7e:95:ef:08:8b:2b:64:e6:9b:7d:37:58:7f:
4b:69:4e:42:de:d2:c2:90:e4:0a:8f:07:e4:1c:84:
df:c8:fa:9f:58:ae:e9:e6:84:9b:6e:bf:ef:d7:a4:
d1:a1:62:95:1f:90:26:57:60:ef:bd:13:41:32:25:
33:ab:13:31:af:11:e1:8a:87:94:71:6e:aa:3f:bc:
90:53:b2:d9:94:19:1f:ca:2a:07:33:cc:2d:d7:7b:
53:b0:97:6a:31:91:72:b9:6a:70:bb:9c:69:12:ce:
b1:d9:8c:60:c9:f0:e3:8b:cd:4f:64:38:f2:22:5d:
bb:f3:f4:6e:b7:62:7b:fc:6c:e3:b0:c2:3b:a4:0e:
e5:5e:f1:44:04:72:c2:fc:6d:87:00:b4:90:29:8c:
14:dc:ad:f3:fb:aa:83:47:e9:ba:d1:56:8a:03:cc:
e1:c8:4c:d0:a0:84:65:20:7c:c5:a8:ff:80:48:7c:
52:6b:e2:08:d9:a8:4d:ac:19:2d:78:4b:da:fd:03:
bb:15:a1:d1:c8:92:20:2e:5f:ed:3e:71:ca:2e:08:
e3:8e:49:c6:6d:df:b7:65:b6:90:b6:11:64:fb:11:
af:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5A:80:34:59:41:2A:70:2F:E5:E2:43:38:C5:53:90:7C:DA:95:E3
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/hFqANFlBKnAv5eJDOMVTkHzaleM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa06:480::/44
2a0e:aa07:e00a::/48
Signature Algorithm: sha256WithRSAEncryption
22:44:bc:d2:df:7c:9b:8d:df:8b:28:f1:2b:4b:c6:14:56:01:
4d:08:83:80:3a:fc:cd:08:78:36:e3:aa:fe:22:58:c7:d3:1a:
28:6a:c7:bf:e1:b8:7c:87:08:5b:2b:04:06:b5:3b:8b:b7:5d:
26:fd:2a:00:a7:2c:b7:e9:18:f1:94:92:ad:e4:af:dc:02:21:
96:b1:ec:0a:0d:a1:6b:e7:20:3d:49:55:80:cb:0a:fb:40:38:
6d:b3:de:bb:c3:e1:2e:8d:52:93:67:48:de:74:1e:72:ef:52:
f0:cd:48:d6:78:ad:a2:1b:b6:c2:af:cd:6f:c5:0d:1d:8e:ab:
3c:ad:b3:b2:d4:ca:a9:6d:9f:d6:26:69:5b:76:9d:d4:1c:da:
74:b2:0c:42:cf:9f:ca:08:a4:c5:de:ce:18:6f:ce:7a:28:ce:
b4:fb:2d:a8:8d:36:f6:46:51:16:a4:0b:d5:cf:c7:ae:45:5a:
62:d1:e1:54:78:c2:dc:7e:6c:4a:b3:90:e8:e4:f1:96:ec:02:
82:5c:37:71:42:55:f3:52:c6:7e:0f:40:86:65:c0:11:f2:db:
35:de:e3:fe:e4:e9:99:c1:e4:a0:ef:f0:54:31:4e:f5:9a:a3:
27:8b:c3:b0:a9:d5:ed:86:f5:9b:94:08:cf:0b:92:6b:06:a7:
c9:38:ed:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbTIp1wNBsaZnPYQUfBNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDVhODAzNDU5NDEyYTcwMmZlNWUyNDMzOGM1NTM5MDdjZGE5NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrNabUb0TjUdm+fBL1IVd5OW3Q2X
+aN5gNJE+c5pPX6V7wiLK2Tmm303WH9LaU5C3tLCkOQKjwfkHITfyPqfWK7p5oSb
br/v16TRoWKVH5AmV2DvvRNBMiUzqxMxrxHhioeUcW6qP7yQU7LZlBkfyioHM8wt
13tTsJdqMZFyuWpwu5xpEs6x2YxgyfDji81PZDjyIl278/Rut2J7/GzjsMI7pA7l
XvFEBHLC/G2HALSQKYwU3K3z+6qDR+m60VaKA8zhyEzQoIRlIHzFqP+ASHxSa+II
2ahNrBkteEva/QO7FaHRyJIgLl/tPnHKLgjjjknGbd+3ZbaQthFk+xGv2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIRagDRZQSpwL+XiQzjFU5B82pXjMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvaEZxQU5GbEJLbkF2NWVKRE9NVlRrSHphbGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6qBgSA
AwcAKg6qB+AKMA0GCSqGSIb3DQEBCwUAA4IBAQAiRLzS33ybjd+LKPErS8YUVgFN
CIOAOvzNCHg246r+IljH0xooase/4bh8hwhbKwQGtTuLt10m/SoApyy36RjxlJKt
5K/cAiGWsewKDaFr5yA9SVWAywr7QDhts967w+EujVKTZ0jedB5y71LwzUjWeK2i
G7bCr81vxQ0djqs8rbOy1MqpbZ/WJmlbdp3UHNp0sgxCz5/KCKTF3s4Yb856KM60
+y2ojTb2RlEWpAvVz8euRVpi0eFUeMLcfmxKs5Do5PGW7AKCXDdxQlXzUsZ+D0CG
ZcAR8ts13uP+5OmZweSg7/BUMU71mqMni8OwqdXthvWblAjPC5JrBqfJOO3y
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:39 2024 by rpki-client on console-fra.rpki-client.org