Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/4_1ElJtDQ3FY7IxlFZG4IIXy3Pg.roa
File: 4_1ElJtDQ3FY7IxlFZG4IIXy3Pg.roa (raw, json)
Hash identifier: ZQgjM+e5kyfdW9DS7ZOAd9sZdmcX0NlwHP7webnbwG8=
Subject key identifier: E3:FD:44:94:9B:43:43:71:58:EC:8C:65:15:91:B8:20:85:F2:DC:F8
Certificate issuer: /CN=68c0f2d0776f7e1d349075881c35e9d387463405
Certificate serial: 018CC8DEFC817A9E107844557D7CA9739A20
Authority key identifier: 68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/4_1ElJtDQ3FY7IxlFZG4IIXy3Pg.roa
Signing time: Tue 02 Jan 2024 06:31:45 +0000
ROA not before: Tue 02 Jan 2024 06:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52209
IP address blocks: 2a13:9600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:fc:81:7a:9e:10:78:44:55:7d:7c:a9:73:9a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c0f2d0776f7e1d349075881c35e9d387463405
Validity
Not Before: Jan 2 06:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3fd44949b43437158ec8c651591b82085f2dcf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b0:53:df:87:0a:28:bd:a0:08:63:9d:59:5a:
06:52:6c:03:02:f1:5f:cc:27:f7:dd:e7:3d:c7:0e:
97:55:de:e8:85:12:a3:de:0d:09:81:70:a1:19:85:
26:ac:1c:71:96:8a:ed:d7:5a:14:a9:c1:54:56:22:
f6:2a:44:d9:16:d1:08:16:31:b7:90:fe:da:fb:54:
4b:7c:0a:f6:fb:01:e7:0d:47:42:82:af:ef:a8:2e:
85:ad:2d:bd:82:86:2b:12:f1:54:db:3c:0e:67:85:
de:fd:51:8d:ad:a4:9d:2c:33:32:9a:8d:94:13:65:
22:c2:f0:f4:0e:d1:5a:64:0d:c4:cb:42:12:3e:32:
a9:8c:1b:03:82:17:57:ce:32:f0:99:84:4d:fb:ed:
aa:f6:31:b1:e5:42:49:0e:5b:d2:e2:43:ce:9f:33:
ac:1d:5c:32:4c:42:7d:06:ce:6d:08:db:91:bd:cf:
82:7a:ed:db:28:fa:c3:0c:5b:a3:4f:83:dd:72:01:
d0:e7:f0:84:50:63:ee:d0:4b:8f:25:fb:53:20:5b:
1d:46:b3:bc:c1:f1:c2:a7:f5:24:0f:31:f2:92:ab:
10:3f:9c:57:91:5b:e0:39:b3:2b:81:85:de:68:47:
1c:a2:3c:59:2b:3b:36:56:71:6f:89:46:ce:b5:19:
a0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:FD:44:94:9B:43:43:71:58:EC:8C:65:15:91:B8:20:85:F2:DC:F8
X509v3 Authority Key Identifier:
keyid:68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/4_1ElJtDQ3FY7IxlFZG4IIXy3Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9600::/29
Signature Algorithm: sha256WithRSAEncryption
9e:54:95:89:7f:c0:c7:2d:af:8c:57:47:ae:d2:0a:16:83:41:
17:54:b7:b9:d7:ce:4a:f7:ef:14:9c:15:f9:93:17:9d:01:2b:
88:9a:b3:25:e4:da:c2:0a:2e:45:8d:99:23:55:72:1f:5b:91:
ed:e0:67:e6:66:4a:d4:cf:6c:42:fe:95:7c:4c:80:5f:ed:fb:
92:42:9d:de:66:c9:1c:d7:05:b1:35:b0:59:be:0f:9a:26:af:
7e:e4:65:e1:f9:2e:c1:a8:85:b6:dc:74:25:b4:5a:b2:78:c7:
f3:de:d8:a8:11:30:db:96:e0:4c:08:07:a7:c5:eb:39:cb:83:
e4:48:53:c7:a9:6c:d1:12:be:4f:30:7f:2d:eb:dd:c9:f3:e9:
78:0c:58:57:da:53:79:a0:40:cf:1a:7d:b8:05:23:22:fa:46:
a2:65:2b:10:51:98:fb:41:0a:bd:41:b8:ae:2d:03:89:ac:5c:
1d:da:07:32:b8:0a:9b:85:04:53:6d:26:1a:41:2c:a2:a2:20:
7d:07:82:a6:6f:c1:fd:66:14:8a:27:49:1f:7f:2d:d7:12:bc:
6c:44:bc:38:70:0f:e8:83:a1:30:30:c3:0b:eb:7b:06:27:66:
5f:00:2e:eb:03:6d:f7:6d:a0:cc:bc:d5:32:63:e9:a4:66:64:
6b:a8:18:a6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI3vyBep4QeERVfXypc5ogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzBmMmQwNzc2ZjdlMWQzNDkwNzU4ODFjMzVlOWQzODc0
NjM0MDUwHhcNMjQwMTAyMDYzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ZkNDQ5NDliNDM0MzcxNThlYzhjNjUxNTkxYjgyMDg1ZjJkY2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLBT34cKKL2gCGOdWVoGUmwDAvFf
zCf33ec9xw6XVd7ohRKj3g0JgXChGYUmrBxxlort11oUqcFUViL2KkTZFtEIFjG3
kP7a+1RLfAr2+wHnDUdCgq/vqC6FrS29goYrEvFU2zwOZ4Xe/VGNraSdLDMymo2U
E2UiwvD0DtFaZA3Ey0ISPjKpjBsDghdXzjLwmYRN++2q9jGx5UJJDlvS4kPOnzOs
HVwyTEJ9Bs5tCNuRvc+Ceu3bKPrDDFujT4PdcgHQ5/CEUGPu0EuPJftTIFsdRrO8
wfHCp/UkDzHykqsQP5xXkVvgObMrgYXeaEccojxZKzs2VnFviUbOtRmgTwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOP9RJSbQ0NxWOyMZRWRuCCF8tz4MB8GA1UdIwQY
MBaAFGjA8tB3b34dNJB1iBw16dOHRjQFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgt
ZjlkOWMwM2Q0YjRjLzEvNF8xRWxKdERRM0ZZN0l4bEZaRzRJSVh5M1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgtZjlkOWMwM2Q0YjRj
LzEvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOWADAN
BgkqhkiG9w0BAQsFAAOCAQEAnlSViX/Axy2vjFdHrtIKFoNBF1S3udfOSvfvFJwV
+ZMXnQEriJqzJeTawgouRY2ZI1VyH1uR7eBn5mZK1M9sQv6VfEyAX+37kkKd3mbJ
HNcFsTWwWb4PmiavfuRl4fkuwaiFttx0JbRasnjH897YqBEw25bgTAgHp8XrOcuD
5EhTx6ls0RK+TzB/LevdyfPpeAxYV9pTeaBAzxp9uAUjIvpGomUrEFGY+0EKvUG4
ri0DiaxcHdoHMrgKm4UEU20mGkEsoqIgfQeCpm/B/WYUiidJH38t1xK8bES8OHAP
6IOhMDDDC+t7BidmXwAu6wNt922gzLzVMmPppGZka6gYpg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:32:10 2024 by rpki-client on console-fra.rpki-client.org