Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ejWH4iT9TYDB3UnuUWGwJbXsUAY.roa
File: ejWH4iT9TYDB3UnuUWGwJbXsUAY.roa (raw, json)
Hash identifier: +V6+giU+e6EOsha6IIH5grqfOccHWjYoPzMkKcL5dZc=
Subject key identifier: 7A:35:87:E2:24:FD:4D:80:C1:DD:49:EE:51:61:B0:25:B5:EC:50:06
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0193251FA2376B0B68901C477C3B003698C4
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ejWH4iT9TYDB3UnuUWGwJbXsUAY.roa
Signing time: Wed 13 Nov 2024 10:44:10 +0000
ROA not before: Wed 13 Nov 2024 10:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:5385::/32 maxlen: 32
2a0e:5387::/32 maxlen: 32
2a0e:5900::/32 maxlen: 32
2a0e:5906::/32 maxlen: 32
2a0e:8082::/32 maxlen: 32
2a0e:ccc0::/32 maxlen: 32
2a0f:6fc1::/32 maxlen: 32
2a0f:6fc7::/32 maxlen: 32
2a0f:b4c1::/32 maxlen: 32
2a0f:b4c6::/32 maxlen: 32
2a0f:c081::/32 maxlen: 32
2a0f:c087::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:1f:a2:37:6b:0b:68:90:1c:47:7c:3b:00:36:98:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Nov 13 10:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a3587e224fd4d80c1dd49ee5161b025b5ec5006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d0:57:5a:0b:db:ca:88:d1:b8:6e:9b:24:39:
14:26:6a:dd:0b:49:1d:67:19:1f:02:a1:63:a7:ba:
83:a9:44:2b:fd:c7:d3:6a:fd:7f:13:4f:53:d2:25:
a0:45:ca:9f:67:15:2c:36:c3:4b:98:9c:79:71:bf:
b2:d9:32:78:c6:7e:ca:ad:64:50:27:d5:ba:2b:b8:
88:9e:83:69:d1:ba:b8:7c:b1:d5:22:9c:4a:10:08:
7d:7a:8d:ae:ec:4e:f4:9e:1f:f9:54:a7:fa:b4:f3:
87:44:d9:4b:60:33:23:27:77:cc:92:57:31:d8:bb:
a4:32:31:f5:d2:0e:c0:95:4f:28:61:0a:4c:ed:94:
26:db:2a:3c:88:12:05:90:65:c6:ae:51:3e:e6:41:
44:d9:d3:4f:e7:83:2d:82:bf:fe:b1:6d:c4:38:fc:
84:d0:1f:09:21:b8:30:9f:9c:9d:40:4e:99:6f:23:
b4:9a:c6:64:30:49:02:cd:09:92:47:ac:fc:48:c7:
29:f8:35:28:a0:41:57:a7:e7:ab:9f:40:8f:69:61:
64:2d:58:f9:4a:90:3b:94:ab:14:6d:49:d6:23:3b:
0f:58:1f:7e:68:38:e9:ee:02:5b:43:95:4f:fa:51:
f2:d1:f7:cc:ee:57:57:1b:77:ec:db:33:69:cd:41:
e8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:35:87:E2:24:FD:4D:80:C1:DD:49:EE:51:61:B0:25:B5:EC:50:06
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/ejWH4iT9TYDB3UnuUWGwJbXsUAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5385::/32
2a0e:5387::/32
2a0e:5900::/32
2a0e:5906::/32
2a0e:8082::/32
2a0e:ccc0::/32
2a0f:6fc1::/32
2a0f:6fc7::/32
2a0f:b4c1::/32
2a0f:b4c6::/32
2a0f:c081::/32
2a0f:c087::/32
Signature Algorithm: sha256WithRSAEncryption
b0:b4:c2:90:a1:1f:02:8f:64:25:ce:05:e6:78:7e:58:ff:7a:
05:e2:e9:bc:34:06:ef:05:65:27:6b:30:f6:08:a2:69:8a:cd:
95:51:d5:14:2a:c5:85:29:f4:58:87:99:68:52:28:76:d3:28:
22:98:b5:71:52:56:f8:47:b8:c9:0b:a5:4c:ce:b8:78:58:fb:
d0:37:e8:02:ba:2b:07:e8:a5:0c:30:28:11:d8:4c:87:c5:14:
0c:8f:52:cd:4a:b5:64:23:9d:7f:75:8b:bf:2d:bd:f3:ba:4a:
f1:23:ec:8c:db:1a:5b:f2:d4:1f:41:a4:57:ec:db:89:a3:2b:
8e:89:3f:3b:21:c6:3b:a2:0f:df:13:b5:51:16:96:af:be:f8:
4d:ab:0f:8b:91:6b:b5:ad:d7:57:91:7f:de:02:09:ce:98:81:
c8:6a:a0:83:e2:5d:00:c2:99:30:de:16:e3:0a:ad:c1:d2:c4:
81:ee:ab:0e:98:68:52:c1:fb:32:15:6b:ed:60:61:6d:d6:cf:
db:93:32:b7:62:3b:e5:54:e0:b4:71:04:30:56:5c:93:bf:67:
06:18:57:70:0c:31:b6:6b:f7:ca:92:d2:fa:5f:97:db:69:55:
03:72:bc:8f:21:59:a4:9c:d3:46:2c:7e:24:54:c3:9c:c8:90:
8f:8b:96:ed
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZMlH6I3awtokBxHfDsANpjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQxMTEzMTA0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM1ODdlMjI0ZmQ0ZDgwYzFkZDQ5ZWU1MTYxYjAyNWI1ZWM1MDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNBXWgvbyojRuG6bJDkUJmrdC0kd
ZxkfAqFjp7qDqUQr/cfTav1/E09T0iWgRcqfZxUsNsNLmJx5cb+y2TJ4xn7KrWRQ
J9W6K7iInoNp0bq4fLHVIpxKEAh9eo2u7E70nh/5VKf6tPOHRNlLYDMjJ3fMklcx
2LukMjH10g7AlU8oYQpM7ZQm2yo8iBIFkGXGrlE+5kFE2dNP54Mtgr/+sW3EOPyE
0B8JIbgwn5ydQE6ZbyO0msZkMEkCzQmSR6z8SMcp+DUooEFXp+ern0CPaWFkLVj5
SpA7lKsUbUnWIzsPWB9+aDjp7gJbQ5VP+lHy0ffM7ldXG3fs2zNpzUHo1wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHo1h+Ik/U2Awd1J7lFhsCW17FAGMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvZWpXSDRpVDlUWURCM1VudVVXR3dKYlhzVUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUAKg5ThQMF
ACoOU4cDBQAqDlkAAwUAKg5ZBgMFACoOgIIDBQAqDszAAwUAKg9vwQMFACoPb8cD
BQAqD7TBAwUAKg+0xgMFACoPwIEDBQAqD8CHMA0GCSqGSIb3DQEBCwUAA4IBAQCw
tMKQoR8Cj2QlzgXmeH5Y/3oF4um8NAbvBWUnazD2CKJpis2VUdUUKsWFKfRYh5lo
Uih20ygimLVxUlb4R7jJC6VMzrh4WPvQN+gCuisH6KUMMCgR2EyHxRQMj1LNSrVk
I51/dYu/Lb3zukrxI+yM2xpb8tQfQaRX7NuJoyuOiT87IcY7og/fE7VRFpavvvhN
qw+LkWu1rddXkX/eAgnOmIHIaqCD4l0Awpkw3hbjCq3B0sSB7qsOmGhSwfsyFWvt
YGFt1s/bkzK3YjvlVOC0cQQwVlyTv2cGGFdwDDG2a/fKktL6X5fbaVUDcryPIVmk
nNNGLH4kVMOcyJCPi5bt
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:44:37 2024 by rpki-client on console-ams.rpki-client.org