Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/sLQ_XES23byYFxDEEzIvLlNFiio.roa
File: sLQ_XES23byYFxDEEzIvLlNFiio.roa (raw, json)
Hash identifier: RgXc8vNCDlJL1HbpABcof74pfCOl/f3szTGz4Z3Q1vY=
Subject key identifier: B0:B4:3F:5C:44:B6:DD:BC:98:17:10:C4:13:32:2F:2E:53:45:8A:2A
Certificate issuer: /CN=9d4f9bf87aff00fd5db21585781b46f36f9e3626
Certificate serial: 0193454F5FB55B7A9C5969FAC35C5D11C7A9
Authority key identifier: 9D:4F:9B:F8:7A:FF:00:FD:5D:B2:15:85:78:1B:46:F3:6F:9E:36:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nU-b-Hr_AP1dshWFeBtG82-eNiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/sLQ_XES23byYFxDEEzIvLlNFiio.roa
Signing time: Tue 19 Nov 2024 16:44:09 +0000
ROA not before: Tue 19 Nov 2024 16:44:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198178
IP address blocks: 2a13:7e40:1::/48 maxlen: 48
2a13:7e40:2::/48 maxlen: 48
2a13:7e40:3::/48 maxlen: 48
2a13:7e40:4::/48 maxlen: 48
2a13:7e40:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/nU-b-Hr_AP1dshWFeBtG82-eNiY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/nU-b-Hr_AP1dshWFeBtG82-eNiY.mft
rsync://rpki.ripe.net/repository/DEFAULT/nU-b-Hr_AP1dshWFeBtG82-eNiY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:45:4f:5f:b5:5b:7a:9c:59:69:fa:c3:5c:5d:11:c7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d4f9bf87aff00fd5db21585781b46f36f9e3626
Validity
Not Before: Nov 19 16:44:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0b43f5c44b6ddbc981710c413322f2e53458a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:3e:2c:b5:ec:72:ed:dc:68:3d:90:e7:f2:5d:
c7:70:09:49:05:b2:34:9e:eb:91:c8:b0:b2:ec:40:
52:4c:e7:57:70:52:a3:d3:8b:36:b5:58:bd:c6:b8:
45:0a:e4:b7:95:60:80:8a:de:a7:f2:89:ca:53:ed:
10:08:1f:3a:4c:58:2d:7a:43:b9:ad:94:17:c5:ef:
7b:19:f3:a3:51:5b:35:27:5d:9e:5e:e9:a3:5f:be:
25:33:27:8b:ec:98:84:9e:99:fe:8e:7b:a1:2a:7e:
c0:1f:29:b8:e7:06:97:86:90:f0:48:0c:91:0f:b6:
71:0b:1a:ab:a5:86:f0:f0:9d:ad:b0:9e:2c:77:2d:
a7:9d:b3:32:f1:1e:25:01:1e:14:a6:ea:c4:39:1f:
ab:64:51:d0:2e:c4:fa:d0:91:7b:9b:dc:62:16:2b:
5e:af:52:39:3a:4a:96:43:0a:4f:a2:5c:f1:32:9c:
cc:7f:c6:50:06:e2:26:0c:98:6f:22:67:fa:53:fa:
ad:52:90:83:be:82:56:f0:20:63:63:e3:73:06:8c:
4b:54:4f:a4:cc:9c:1e:b2:16:a7:d2:a1:e7:66:04:
ba:6f:5a:52:41:b9:93:9c:29:62:50:9a:2a:df:bc:
08:fa:94:0a:d7:fb:21:31:91:93:a2:db:77:9d:40:
24:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B4:3F:5C:44:B6:DD:BC:98:17:10:C4:13:32:2F:2E:53:45:8A:2A
X509v3 Authority Key Identifier:
keyid:9D:4F:9B:F8:7A:FF:00:FD:5D:B2:15:85:78:1B:46:F3:6F:9E:36:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nU-b-Hr_AP1dshWFeBtG82-eNiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/sLQ_XES23byYFxDEEzIvLlNFiio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/741872-a425-4367-9ac2-dcd937fd07a7/1/nU-b-Hr_AP1dshWFeBtG82-eNiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7e40:1::-2a13:7e40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:01:6d:a4:9a:84:7c:e5:bd:ae:17:7c:72:51:1a:96:cf:bb:
14:e2:9e:5b:54:7c:b8:e8:e7:0f:2c:4a:ce:df:a5:43:a5:fd:
15:c4:61:dd:a9:f4:f6:62:18:2d:42:0b:0e:fb:cb:69:e4:c3:
48:f7:90:cc:68:59:7b:b9:df:95:c8:47:bd:66:c5:a9:f5:d6:
aa:da:19:2c:22:8b:a2:e3:cc:28:0e:72:ea:2a:ce:9a:1c:70:
ee:68:4d:cc:28:ce:7a:3e:b1:38:62:d4:a2:43:05:98:75:b2:
77:57:e7:69:fa:0e:a4:48:c1:34:34:93:ef:05:9b:3a:16:4a:
a0:dd:90:06:5d:26:42:9b:db:26:66:21:b7:c6:da:96:6a:95:
c9:dc:f2:db:b7:ac:44:04:ac:ee:90:fa:19:a6:a2:a7:2b:6d:
cb:9c:fb:c4:ff:18:a6:04:26:61:93:48:b0:08:46:e9:2a:e5:
50:5a:43:d3:4c:6f:37:11:65:0f:15:e7:26:e3:4f:43:6d:14:
5a:d9:bc:dc:a1:79:21:3b:18:29:44:4f:ff:62:6b:05:51:64:
2d:0f:53:b4:58:1a:a9:ce:60:c3:cf:26:a2:62:cc:69:02:26:
03:06:a7:ec:45:60:a2:bb:c8:13:77:c6:53:62:98:9a:73:12:
d8:11:71:59
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZNFT1+1W3qcWWn6w1xdEcepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNGY5YmY4N2FmZjAwZmQ1ZGIyMTU4NTc4MWI0NmYzNmY5
ZTM2MjYwHhcNMjQxMTE5MTY0NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI0M2Y1YzQ0YjZkZGJjOTgxNzEwYzQxMzMyMmYyZTUzNDU4YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/D4stexy7dxoPZDn8l3HcAlJBbI0
nuuRyLCy7EBSTOdXcFKj04s2tVi9xrhFCuS3lWCAit6n8onKU+0QCB86TFgtekO5
rZQXxe97GfOjUVs1J12eXumjX74lMyeL7JiEnpn+jnuhKn7AHym45waXhpDwSAyR
D7ZxCxqrpYbw8J2tsJ4sdy2nnbMy8R4lAR4UpurEOR+rZFHQLsT60JF7m9xiFite
r1I5OkqWQwpPolzxMpzMf8ZQBuImDJhvImf6U/qtUpCDvoJW8CBjY+NzBoxLVE+k
zJweshan0qHnZgS6b1pSQbmTnCliUJoq37wI+pQK1/shMZGTott3nUAkxQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLC0P1xEtt28mBcQxBMyLy5TRYoqMB8GA1UdIwQY
MBaAFJ1Pm/h6/wD9XbIVhXgbRvNvnjYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblUtYi1Icl9BUDFkc2hXRmVCdEc4Mi1lTmlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83NDE4NzItYTQyNS00MzY3LTlhYzIt
ZGNkOTM3ZmQwN2E3LzEvc0xRX1hFUzIzYnlZRnhERUV6SXZMbE5GaWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS83NDE4NzItYTQyNS00MzY3LTlhYzItZGNkOTM3ZmQwN2E3
LzEvblUtYi1Icl9BUDFkc2hXRmVCdEc4Mi1lTmlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqE35A
AAEDBwEqE35AAAQwDQYJKoZIhvcNAQELBQADggEBAEABbaSahHzlva4XfHJRGpbP
uxTinltUfLjo5w8sSs7fpUOl/RXEYd2p9PZiGC1CCw77y2nkw0j3kMxoWXu535XI
R71mxan11qraGSwii6LjzCgOcuoqzpoccO5oTcwozno+sThi1KJDBZh1sndX52n6
DqRIwTQ0k+8FmzoWSqDdkAZdJkKb2yZmIbfG2pZqlcnc8tu3rEQErO6Q+hmmoqcr
bcuc+8T/GKYEJmGTSLAIRukq5VBaQ9NMbzcRZQ8V5ybjT0NtFFrZvNyheSE7GClE
T/9iawVRZC0PU7RYGqnOYMPPJqJizGkCJgMGp+xFYKK7yBN3xlNimJpzEtgRcVk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:12:14 2024 by rpki-client on console-ams.rpki-client.org