Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/epzWTh5FM5gke40MBT0XAH0amuY.roa
File: epzWTh5FM5gke40MBT0XAH0amuY.roa (raw, json)
Hash identifier: RUc8kcjdXBmDb4AsfAvimX/JcfmVc6SMjt0uyu+jKKw=
Subject key identifier: 7A:9C:D6:4E:1E:45:33:98:24:7B:8D:0C:05:3D:17:00:7D:1A:9A:E6
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018CC727584E7168D1931CC6109115A47774
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/epzWTh5FM5gke40MBT0XAH0amuY.roa
Signing time: Mon 01 Jan 2024 22:31:33 +0000
ROA not before: Mon 01 Jan 2024 22:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212232
IP address blocks: 2a0b:6b86:d00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:58:4e:71:68:d1:93:1c:c6:10:91:15:a4:77:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 22:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a9cd64e1e453398247b8d0c053d17007d1a9ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4c:82:30:f7:ee:c3:8f:09:38:61:5a:cd:86:
2f:c1:53:79:b5:cd:b7:34:61:09:19:0e:66:a0:f4:
c5:76:ce:1a:e8:45:98:c6:8d:f1:f8:d1:20:3d:c3:
69:65:a0:35:ba:db:da:8a:ab:0f:b6:7f:c0:0f:2a:
6d:eb:16:df:de:18:13:c3:c9:55:73:ef:72:cf:f3:
41:f3:f0:af:99:dc:ab:cf:e6:e4:c5:90:f1:0c:15:
2c:aa:6c:6c:a6:5f:ae:0b:3a:47:e9:21:5b:8b:83:
43:b2:b2:57:ef:4b:cd:78:51:27:b8:09:1a:5a:ab:
37:08:b0:06:47:2e:81:f6:04:09:51:72:84:22:b2:
31:ee:82:fc:aa:30:17:fa:79:f1:b9:1b:a8:71:f6:
93:cd:2c:73:b2:d5:93:22:8b:20:22:62:5c:c0:4e:
0a:c3:c3:9d:bf:72:d2:e3:06:ad:d6:60:21:79:8d:
bb:15:d0:8d:6d:77:16:e5:06:5d:00:ed:04:8d:2c:
15:23:71:3d:ab:be:28:87:26:af:f8:49:1e:4d:7a:
1b:54:58:99:09:d1:b3:5a:94:3d:65:b1:bd:cc:6e:
32:1e:8a:b0:18:45:60:bf:1b:5a:c7:92:f0:77:4f:
fe:c8:73:50:9c:a1:11:67:fd:b1:d1:ab:0d:52:18:
cc:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9C:D6:4E:1E:45:33:98:24:7B:8D:0C:05:3D:17:00:7D:1A:9A:E6
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/epzWTh5FM5gke40MBT0XAH0amuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:d00::/40
Signature Algorithm: sha256WithRSAEncryption
b1:61:db:bd:24:f2:01:a2:3b:6f:c9:57:3e:ca:9b:f0:51:14:
a5:54:0b:cd:a9:d1:22:39:1c:75:f7:0d:c4:b9:06:a8:42:cc:
86:6c:d3:d5:ea:4f:6d:49:81:86:da:2d:ea:0e:50:35:cf:1f:
43:2c:8f:80:92:3d:9f:46:8a:26:6b:f2:51:10:4a:57:72:2e:
61:06:e9:6b:3a:0c:dc:e2:37:5d:19:62:1c:5e:b3:f0:0e:d0:
f2:fd:9e:90:47:a1:ef:b2:7f:c0:9e:20:8f:bc:ad:5b:3b:bb:
38:ae:36:58:98:de:eb:64:3a:8a:32:15:f3:7d:31:eb:a8:8c:
00:52:52:51:d0:3c:a3:1f:3e:3e:1e:e7:c5:6a:12:2d:86:80:
5a:56:52:3a:9c:fa:6d:3e:61:39:2c:57:0a:bf:cb:3e:ce:74:
0d:b4:a1:e6:df:1a:ee:bb:53:ca:bf:7e:2b:09:74:c4:0f:69:
5a:67:ae:5b:53:1b:9d:23:f1:a9:03:7e:99:f0:33:26:14:cc:
ad:de:12:bf:e5:ab:18:23:f6:a8:36:16:89:fe:3a:30:43:0e:
8b:ce:28:84:5c:26:d3:69:d4:cb:bf:65:7a:89:01:e6:9a:a4:
87:22:e5:dc:c1:01:78:71:74:63:3e:cd:58:80:09:c4:f6:8f:
c9:9d:7a:e9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHJ1hOcWjRkxzGEJEVpHd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjQwMTAxMjIzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTljZDY0ZTFlNDUzMzk4MjQ3YjhkMGMwNTNkMTcwMDdkMWE5YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0yCMPfuw48JOGFazYYvwVN5tc23
NGEJGQ5moPTFds4a6EWYxo3x+NEgPcNpZaA1utvaiqsPtn/ADypt6xbf3hgTw8lV
c+9yz/NB8/Cvmdyrz+bkxZDxDBUsqmxspl+uCzpH6SFbi4NDsrJX70vNeFEnuAka
Wqs3CLAGRy6B9gQJUXKEIrIx7oL8qjAX+nnxuRuocfaTzSxzstWTIosgImJcwE4K
w8Odv3LS4wat1mAheY27FdCNbXcW5QZdAO0EjSwVI3E9q74ohyav+EkeTXobVFiZ
CdGzWpQ9ZbG9zG4yHoqwGEVgvxtax5Lwd0/+yHNQnKERZ/2x0asNUhjM4wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHqc1k4eRTOYJHuNDAU9FwB9GprmMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvZXB6V1RoNUZNNWdrZTQwTUJUMFhBSDBhbXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhg0w
DQYJKoZIhvcNAQELBQADggEBALFh270k8gGiO2/JVz7Km/BRFKVUC82p0SI5HHX3
DcS5BqhCzIZs09XqT21JgYbaLeoOUDXPH0Msj4CSPZ9GiiZr8lEQSldyLmEG6Ws6
DNziN10ZYhxes/AO0PL9npBHoe+yf8CeII+8rVs7uziuNliY3utkOooyFfN9Meuo
jABSUlHQPKMfPj4e58VqEi2GgFpWUjqc+m0+YTksVwq/yz7OdA20oebfGu67U8q/
fisJdMQPaVpnrltTG50j8akDfpnwMyYUzK3eEr/lqxgj9qg2Fon+OjBDDovOKIRc
JtNp1Mu/ZXqJAeaapIci5dzBAXhxdGM+zViACcT2j8mdeuk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:43:50 2024 by rpki-client on console-ams.rpki-client.org