Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/xwa1mRdLuNxSXNiqQEBQP-iH0KI.roa
File: xwa1mRdLuNxSXNiqQEBQP-iH0KI.roa (raw, json)
Hash identifier: tP4NVLYugBSaeVcV4ono2LFuwUR/pdi3aQX19EWq1Ls=
Subject key identifier: C7:06:B5:99:17:4B:B8:DC:52:5C:D8:AA:40:40:50:3F:E8:87:D0:A2
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018FB58599FC73DD9B7C37E8C467B5D17679
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/xwa1mRdLuNxSXNiqQEBQP-iH0KI.roa
Signing time: Sun 26 May 2024 15:29:42 +0000
ROA not before: Sun 26 May 2024 15:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:aa02::/40 maxlen: 40
2a0e:aa06:502::/48 maxlen: 48
2a0e:aa06:503::/48 maxlen: 48
2a0e:aa06:52a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b5:85:99:fc:73:dd:9b:7c:37:e8:c4:67:b5:d1:76:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: May 26 15:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c706b599174bb8dc525cd8aa4040503fe887d0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0a:93:7f:04:02:3e:eb:25:a5:0c:68:d6:c3:
72:57:50:e0:31:12:f0:08:19:a8:93:08:e5:70:c7:
1c:d2:e4:a0:79:f2:84:a7:71:7d:17:bc:77:af:fd:
54:53:5a:d0:fa:57:ba:a6:d4:ff:78:e1:7d:cf:57:
83:cf:18:3f:50:bc:56:7e:aa:42:0c:80:86:e6:17:
d3:9b:5e:ec:e5:b3:9d:9a:b8:0c:da:05:73:05:3d:
20:31:02:01:e6:16:ef:8d:10:0c:5a:5c:bc:c3:0a:
68:95:c3:e9:6c:91:b6:48:b8:dc:cc:f7:b1:54:d2:
31:bc:66:cb:3f:af:e4:e7:6c:6f:83:0f:9d:e3:84:
ad:e9:27:94:cd:06:e3:59:63:ec:25:50:87:4c:39:
77:dc:f6:0d:b4:da:6d:86:dc:20:ed:81:24:ee:0a:
5c:f8:09:62:51:74:05:48:8e:e6:52:60:a8:6c:f0:
9b:0c:9f:7d:86:bd:53:b3:18:fb:20:9a:03:6d:be:
68:36:52:5d:03:5a:fe:5a:d2:5a:4a:94:99:88:68:
66:69:05:bf:81:bf:37:32:55:f7:6f:17:3a:fe:38:
54:19:d6:5e:27:65:80:f1:6b:b2:84:23:62:9e:79:
1a:18:3e:41:5b:23:ce:47:23:10:e7:3f:2b:47:0f:
1d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:06:B5:99:17:4B:B8:DC:52:5C:D8:AA:40:40:50:3F:E8:87:D0:A2
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/xwa1mRdLuNxSXNiqQEBQP-iH0KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa02::/40
2a0e:aa06:502::/47
2a0e:aa06:52a::/48
Signature Algorithm: sha256WithRSAEncryption
86:56:f4:09:fb:c3:6a:5e:af:9a:01:5a:35:dc:fb:e0:45:99:
6b:d1:ec:62:90:a7:06:c8:74:92:3b:ad:c4:f2:b6:f5:f4:67:
e7:51:d3:7f:29:1e:0a:8e:46:40:1b:85:dc:17:43:30:c9:ee:
eb:bf:58:80:92:43:01:43:a2:cf:b8:c7:9f:05:1a:4e:32:86:
38:6b:6f:c8:2a:81:78:f0:ef:97:a8:08:fe:48:85:5c:ca:f5:
77:f0:a1:97:df:a5:4c:17:8a:b0:81:97:66:66:7a:8b:6d:67:
cf:0f:34:db:70:5a:6b:19:6d:75:a7:8b:45:93:9f:f1:0c:f1:
e3:dc:e5:0c:6c:eb:e6:8c:d7:02:89:11:1b:35:c6:c2:6e:a7:
85:84:d5:ac:49:1f:42:1e:9f:76:a1:c3:33:d6:f6:57:fb:98:
38:4c:c4:1b:4a:1c:bc:89:55:5a:ea:91:86:aa:81:d7:c2:fb:
a5:df:1f:7e:17:a5:7b:87:32:59:3c:c3:00:5d:18:d9:69:fd:
5c:01:68:88:bc:10:74:06:d2:f4:e2:c4:4c:0b:aa:24:b3:91:
8a:6a:c2:84:46:79:6e:64:2a:28:2a:cd:71:60:55:9d:37:bf:
d1:d8:8e:fa:71:55:22:5a:c6:76:a2:7f:06:6c:5d:52:97:c0:
4f:18:e8:ab
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY+1hZn8c92bfDfoxGe10XZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwNTI2MTUyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzA2YjU5OTE3NGJiOGRjNTI1Y2Q4YWE0MDQwNTAzZmU4ODdkMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wqTfwQCPuslpQxo1sNyV1DgMRLw
CBmokwjlcMcc0uSgefKEp3F9F7x3r/1UU1rQ+le6ptT/eOF9z1eDzxg/ULxWfqpC
DICG5hfTm17s5bOdmrgM2gVzBT0gMQIB5hbvjRAMWly8wwpolcPpbJG2SLjczPex
VNIxvGbLP6/k52xvgw+d44St6SeUzQbjWWPsJVCHTDl33PYNtNpthtwg7YEk7gpc
+AliUXQFSI7mUmCobPCbDJ99hr1Tsxj7IJoDbb5oNlJdA1r+WtJaSpSZiGhmaQW/
gb83MlX3bxc6/jhUGdZeJ2WA8WuyhCNinnkaGD5BWyPORyMQ5z8rRw8dOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMcGtZkXS7jcUlzYqkBAUD/oh9CiMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEveHdhMW1SZEx1TnhTWE5pcVFFQlFQLWlIMEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYAKg6qAgAD
BwEqDqoGBQIDBwAqDqoGBSowDQYJKoZIhvcNAQELBQADggEBAIZW9An7w2per5oB
WjXc++BFmWvR7GKQpwbIdJI7rcTytvX0Z+dR038pHgqORkAbhdwXQzDJ7uu/WICS
QwFDos+4x58FGk4yhjhrb8gqgXjw75eoCP5IhVzK9XfwoZffpUwXirCBl2Zmeott
Z88PNNtwWmsZbXWni0WTn/EM8ePc5Qxs6+aM1wKJERs1xsJup4WE1axJH0Ien3ah
wzPW9lf7mDhMxBtKHLyJVVrqkYaqgdfC+6XfH34XpXuHMlk8wwBdGNlp/VwBaIi8
EHQG0vTixEwLqiSzkYpqwoRGeW5kKigqzXFgVZ03v9HYjvpxVSJaxnaifwZsXVKX
wE8Y6Ks=
-----END CERTIFICATE-----
Generated at Sat Sep 7 20:56:43 2024 by rpki-client on console-fra.rpki-client.org