Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/2LZZF7DWh0XpB7CGcQDHIW8RPDY.roa
File: 2LZZF7DWh0XpB7CGcQDHIW8RPDY.roa (raw, json)
Hash identifier: +kgDs1VpeceVH23uM8Toe4vxBCBe3CZcWx4gOQ/roDA=
Subject key identifier: D8:B6:59:17:B0:D6:87:45:E9:07:B0:86:71:00:C7:21:6F:11:3C:36
Certificate issuer: /CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Certificate serial: 0193555C42C11E4E4D78A66098F5F3E33A54
Authority key identifier: 9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/2LZZF7DWh0XpB7CGcQDHIW8RPDY.roa
Signing time: Fri 22 Nov 2024 19:32:09 +0000
ROA not before: Fri 22 Nov 2024 19:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215434
IP address blocks: 2a01:efc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.mft
rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:5c:42:c1:1e:4e:4d:78:a6:60:98:f5:f3:e3:3a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Validity
Not Before: Nov 22 19:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8b65917b0d68745e907b0867100c7216f113c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:07:a7:12:17:db:e5:a6:66:b5:c3:56:75:57:
d9:37:5d:07:5e:f3:3f:0d:de:d5:dd:42:97:81:ab:
9e:fa:73:66:36:61:ba:85:63:6a:4b:5f:39:23:12:
51:1b:96:a1:b1:ae:4a:3b:19:03:82:5b:8d:e1:6b:
2a:bc:bc:87:01:f8:51:3a:7f:e9:6b:a9:ba:9e:77:
7c:87:81:98:2b:23:f4:ef:9e:26:04:5e:5d:07:c9:
77:fe:d7:29:df:86:54:fb:94:53:e5:b7:3c:84:b6:
10:41:ad:13:70:79:d0:1c:39:34:46:e6:5b:af:19:
16:60:d3:21:bc:c0:f8:0e:20:52:f4:b0:39:c5:03:
36:e0:17:d2:50:80:6d:d8:2a:25:62:91:2f:53:3d:
ad:70:a8:a4:de:28:a2:1b:2f:67:73:64:3b:c1:87:
53:7f:bc:35:8a:e2:73:b0:f4:9c:4d:8e:95:e0:c9:
c3:e1:2c:d7:a9:b2:c3:03:dd:cf:25:ed:8f:81:6e:
e6:ca:aa:42:c2:28:61:81:72:15:08:57:88:7a:dd:
cd:57:5b:60:5c:9c:b6:d6:93:57:fb:ff:2e:5a:e9:
e1:b4:41:05:43:d7:33:54:58:a1:2b:c8:38:50:1a:
f3:31:5a:70:96:6f:2e:24:ad:7f:30:4b:ce:90:d6:
99:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B6:59:17:B0:D6:87:45:E9:07:B0:86:71:00:C7:21:6F:11:3C:36
X509v3 Authority Key Identifier:
keyid:9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/2LZZF7DWh0XpB7CGcQDHIW8RPDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:efc0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:d2:bf:42:b9:d3:87:46:16:93:ad:e5:2b:8c:6b:dc:42:18:
d5:1f:8f:53:b6:90:3b:ef:85:0e:9f:31:67:60:40:41:d5:b8:
df:c2:02:86:6b:1d:f8:c2:f4:fb:d2:89:ba:46:01:30:86:cf:
e4:9e:d0:52:bf:7f:6f:0e:8a:f0:b7:01:ff:04:1e:ad:98:21:
4c:e5:63:b1:57:7e:c3:a0:2f:7e:88:9f:d8:53:28:5c:55:b8:
2a:c2:64:48:0e:ee:e1:43:19:3f:9b:a0:a3:05:2e:65:84:ba:
c6:3a:0a:84:90:44:9c:e8:c2:d9:21:b0:46:93:7d:c6:b1:da:
aa:ff:c2:fe:5f:7c:e0:e5:c1:75:21:be:e7:34:d4:d3:82:5f:
98:35:4a:15:c4:c6:57:ce:c1:54:23:50:d1:c4:5d:a4:8f:01:
47:06:74:9a:70:de:5d:d6:b6:f0:4b:3b:cd:5f:70:c6:04:bd:
09:52:b9:37:7b:5c:82:bf:97:68:a1:e3:4a:5f:23:00:a5:e9:
54:c7:08:66:7f:aa:0f:2d:bb:1e:bb:61:9f:01:c2:8e:8a:ee:
20:f5:60:d1:17:81:c4:92:18:af:61:8a:8a:07:75:26:5b:02:
5a:60:d0:19:a1:e7:b2:fa:ab:ac:47:bf:2a:0f:98:b4:9d:d9:
e8:a1:61:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNVXELBHk5NeKZgmPXz4zpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2VjMjFlMTBmMzY0NmU0ZGMwZTIzZjVmN2VjNDQ1MDE1
NjBkZTMwHhcNMjQxMTIyMTkzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI2NTkxN2IwZDY4NzQ1ZTkwN2IwODY3MTAwYzcyMTZmMTEzYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAenEhfb5aZmtcNWdVfZN10HXvM/
Dd7V3UKXgaue+nNmNmG6hWNqS185IxJRG5ahsa5KOxkDgluN4WsqvLyHAfhROn/p
a6m6nnd8h4GYKyP0754mBF5dB8l3/tcp34ZU+5RT5bc8hLYQQa0TcHnQHDk0RuZb
rxkWYNMhvMD4DiBS9LA5xQM24BfSUIBt2ColYpEvUz2tcKik3iiiGy9nc2Q7wYdT
f7w1iuJzsPScTY6V4MnD4SzXqbLDA93PJe2PgW7myqpCwihhgXIVCFeIet3NV1tg
XJy21pNX+/8uWunhtEEFQ9czVFihK8g4UBrzMVpwlm8uJK1/MEvOkNaZoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNi2WRew1odF6QewhnEAxyFvETw2MB8GA1UdIwQY
MBaAFJ8+wh4Q82RuTcDiP19+xEUBVg3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUt
N2JhMjVkNTU5NWZhLzEvMkxaWkY3RFdoMFhwQjdDR2NRREhJVzhSUERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUtN2JhMjVkNTU5NWZh
LzEvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHvwDAN
BgkqhkiG9w0BAQsFAAOCAQEAqtK/QrnTh0YWk63lK4xr3EIY1R+PU7aQO++FDp8x
Z2BAQdW438IChmsd+ML0+9KJukYBMIbP5J7QUr9/bw6K8LcB/wQerZghTOVjsVd+
w6Avfoif2FMoXFW4KsJkSA7u4UMZP5ugowUuZYS6xjoKhJBEnOjC2SGwRpN9xrHa
qv/C/l984OXBdSG+5zTU04JfmDVKFcTGV87BVCNQ0cRdpI8BRwZ0mnDeXda28Es7
zV9wxgS9CVK5N3tcgr+XaKHjSl8jAKXpVMcIZn+qDy27HrthnwHCjoruIPVg0ReB
xJIYr2GKigd1JlsCWmDQGaHnsvqrrEe/Kg+YtJ3Z6KFhGg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:22 2024 by rpki-client on console-fra.rpki-client.org