Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/THKURjFV66iyCPQFnbyVQoN_yHI.roa
File: THKURjFV66iyCPQFnbyVQoN_yHI.roa (raw, json)
Hash identifier: Fa+KT+1+76/wuefuCR1zWK4BkB/mc1OmEcRZ9AoonjY=
Subject key identifier: 4C:72:94:46:31:55:EB:A8:B2:08:F4:05:9D:BC:95:42:83:7F:C8:72
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 0191C1A9E59AB9D60A370B7FE5CB596495EC
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/THKURjFV66iyCPQFnbyVQoN_yHI.roa
Signing time: Thu 05 Sep 2024 10:10:22 +0000
ROA not before: Thu 05 Sep 2024 10:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395747
IP address blocks: 2a06:98c0:1c00::/48 maxlen: 48
2a06:98c0:1c01::/48 maxlen: 48
2a06:98c0:1c0b::/48 maxlen: 48
2a06:98c0:1c4a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:a9:e5:9a:b9:d6:0a:37:0b:7f:e5:cb:59:64:95:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Sep 5 10:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c7294463155eba8b208f4059dbc9542837fc872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:7b:34:76:aa:c1:48:c2:c5:07:94:c3:92:
a2:ac:20:91:53:42:a6:2f:93:55:b1:69:78:52:1b:
76:d3:3f:ce:23:19:9a:fd:fe:b3:da:88:e1:c3:f6:
00:55:50:d4:b5:9e:19:2a:ad:31:8b:6f:c5:1f:72:
7c:ad:ef:02:d0:10:ba:9e:93:4d:a3:ef:a9:d5:dd:
21:c6:80:90:3b:d6:8a:d7:5d:aa:1f:0a:0c:57:52:
da:64:61:73:2a:1e:a0:5f:38:ab:e6:cc:4a:b3:93:
fd:7e:62:2c:de:2b:ab:06:9b:a0:4d:71:ce:b2:1e:
05:b6:52:bc:dc:b7:50:76:18:2c:18:87:25:e0:57:
4d:be:c7:5f:98:30:3e:27:4b:4d:0a:2c:d0:85:d7:
34:31:ed:d3:f1:14:b8:62:1a:8c:5a:93:a7:5f:09:
29:c3:1d:66:bc:c0:73:33:3b:c3:db:ef:83:88:19:
75:4e:3e:57:15:62:39:97:2c:c5:0b:03:93:58:54:
82:e0:3f:09:91:eb:5b:3c:8d:77:11:33:06:f3:ff:
4e:6e:73:a5:1e:a1:dd:04:65:a3:a4:91:5d:c2:f6:
25:c3:e2:1d:cf:7b:1f:8a:3d:2a:c5:98:e3:22:4e:
98:5d:2a:49:43:8a:f7:7a:ab:10:bf:94:8e:81:79:
72:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:72:94:46:31:55:EB:A8:B2:08:F4:05:9D:BC:95:42:83:7F:C8:72
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/THKURjFV66iyCPQFnbyVQoN_yHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:98c0:1c00::/47
2a06:98c0:1c0b::/48
2a06:98c0:1c4a::/48
Signature Algorithm: sha256WithRSAEncryption
67:17:d9:4a:2c:0e:d2:82:82:aa:2c:e2:70:15:4e:2c:0f:a9:
26:ec:ff:31:f7:83:92:3c:08:96:32:6c:23:41:ea:ba:47:dd:
c5:bc:ad:4b:20:8f:e3:cc:34:2f:28:f6:8b:03:64:1f:eb:ce:
82:69:38:ed:7e:8f:87:a7:20:18:50:d5:cf:ef:2e:88:c7:38:
ad:e5:b7:d8:f5:d7:a0:99:c7:b7:06:3f:25:e3:98:72:38:27:
72:01:35:f5:0d:0c:eb:b6:ae:3f:44:7d:1e:a6:9f:7b:f3:cd:
03:8a:fe:0b:7d:57:52:54:09:5c:8f:28:66:7b:b8:38:fb:d4:
34:aa:98:a1:bc:07:91:65:17:35:d5:99:eb:53:04:da:1a:39:
78:4e:0f:92:84:17:47:1c:af:33:33:77:ca:0c:2e:25:bb:de:
2c:29:f4:c8:1e:5a:84:87:83:c8:ed:d6:14:c1:53:85:1f:8b:
f1:9d:19:18:b0:2d:6e:b2:6d:70:94:66:4c:a5:da:ce:11:51:
28:a8:bc:48:69:40:26:99:3b:66:0e:94:dc:be:88:96:da:25:
16:3c:6f:4f:64:dc:23:c7:a9:1f:50:83:5d:73:2c:db:37:1d:
23:bf:83:f5:56:65:ac:d5:ee:14:37:68:aa:48:52:fe:1a:03:
a4:bb:12:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZHBqeWaudYKNwt/5ctZZJXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjQwOTA1MTAxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzcyOTQ0NjMxNTVlYmE4YjIwOGY0MDU5ZGJjOTU0MjgzN2ZjODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTl7NHaqwUjCxQeUw5KirCCRU0Km
L5NVsWl4Uht20z/OIxma/f6z2ojhw/YAVVDUtZ4ZKq0xi2/FH3J8re8C0BC6npNN
o++p1d0hxoCQO9aK112qHwoMV1LaZGFzKh6gXzir5sxKs5P9fmIs3iurBpugTXHO
sh4FtlK83LdQdhgsGIcl4FdNvsdfmDA+J0tNCizQhdc0Me3T8RS4YhqMWpOnXwkp
wx1mvMBzMzvD2++DiBl1Tj5XFWI5lyzFCwOTWFSC4D8JketbPI13ETMG8/9ObnOl
HqHdBGWjpJFdwvYlw+Idz3sfij0qxZjjIk6YXSpJQ4r3eqsQv5SOgXly0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFExylEYxVeuosgj0BZ28lUKDf8hyMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvVEhLVVJqRlY2Nml5Q1BRRm5ieVZRb05feUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKgaYwBwA
AwcAKgaYwBwLAwcAKgaYwBxKMA0GCSqGSIb3DQEBCwUAA4IBAQBnF9lKLA7SgoKq
LOJwFU4sD6km7P8x94OSPAiWMmwjQeq6R93FvK1LII/jzDQvKPaLA2Qf686CaTjt
fo+HpyAYUNXP7y6Ixzit5bfY9degmce3Bj8l45hyOCdyATX1DQzrtq4/RH0epp97
880Div4LfVdSVAlcjyhme7g4+9Q0qpihvAeRZRc11ZnrUwTaGjl4Tg+ShBdHHK8z
M3fKDC4lu94sKfTIHlqEh4PI7dYUwVOFH4vxnRkYsC1usm1wlGZMpdrOEVEoqLxI
aUAmmTtmDpTcvoiW2iUWPG9PZNwjx6kfUINdcyzbNx0jv4P1VmWs1e4UN2iqSFL+
GgOkuxIr
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:35:00 2024 by rpki-client on console-fra.rpki-client.org