Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ra9LDKfHxZhP9Ccq4PeQ0RFFBuY.roa
File: ra9LDKfHxZhP9Ccq4PeQ0RFFBuY.roa (raw, json)
Hash identifier: COzU7zKQ73gzjJw/3uNpZRxfqgSUTcYhcKZQCFAv3vQ=
Subject key identifier: AD:AF:4B:0C:A7:C7:C5:98:4F:F4:27:2A:E0:F7:90:D1:11:45:06:E6
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018F4D881D34EF0E49773E52F58DF5CA67BA
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ra9LDKfHxZhP9Ccq4PeQ0RFFBuY.roa
Signing time: Mon 06 May 2024 10:51:56 +0000
ROA not before: Mon 06 May 2024 10:51:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211027
IP address blocks: 2a09:3d00::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a0d:5ec0::/29 maxlen: 36
2a0f:c582::/32 maxlen: 32
2a10:c340:7000::/36 maxlen: 36
2a11:200:2000::/36 maxlen: 36
2a11:780::/29 maxlen: 36
2a11:b80::/29 maxlen: 36
2a11:af00::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:88:1d:34:ef:0e:49:77:3e:52:f5:8d:f5:ca:67:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: May 6 10:51:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adaf4b0ca7c7c5984ff4272ae0f790d1114506e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:27:49:c8:0b:d5:6e:69:78:83:10:22:47:87:
8e:50:39:68:ff:4b:90:9e:81:ce:8b:2a:48:75:3d:
e1:45:c9:b4:5a:97:0e:3b:38:a4:cd:4b:55:ad:49:
8e:a9:86:9d:0a:dd:fa:4f:ef:f5:f5:c9:77:f5:cd:
c8:5a:ea:a0:1f:80:f7:b7:5b:88:af:d3:d7:b3:0f:
64:02:49:7f:52:e4:cf:42:c9:3b:e6:2c:a5:2c:95:
80:46:ae:d0:8f:85:6a:6a:1d:94:33:39:ae:bc:06:
5d:ac:88:eb:35:9c:7e:61:06:dd:5c:6a:db:c9:46:
91:10:29:56:44:83:66:65:6b:b2:fe:9b:94:0a:7c:
fd:9d:10:a3:fd:8f:32:ab:dc:5b:0a:d4:fd:14:c7:
50:b8:69:c5:ce:0e:dc:d8:79:34:b5:6f:e1:f2:ca:
66:62:2f:b9:1f:91:90:a2:f9:4a:df:3f:88:73:21:
97:02:63:b0:96:74:a2:64:8e:aa:bf:6f:f7:7c:ed:
f2:74:38:de:18:18:35:ae:a7:83:19:16:2e:0c:1d:
56:8f:6e:98:ce:2e:0a:a3:3d:0a:ab:3e:e0:b2:06:
18:44:d0:af:a0:8f:88:2c:c1:e2:01:0c:61:0a:51:
a3:31:31:29:0d:82:97:77:3d:1b:9c:48:44:53:95:
71:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:4B:0C:A7:C7:C5:98:4F:F4:27:2A:E0:F7:90:D1:11:45:06:E6
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ra9LDKfHxZhP9Ccq4PeQ0RFFBuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3d00::/29
2a09:b680::/29
2a0d:5ec0::/29
2a0f:c582::/32
2a10:c340:7000::/36
2a11:200:2000::/36
2a11:780::/29
2a11:b80::/29
2a11:af00::/29
Signature Algorithm: sha256WithRSAEncryption
03:30:71:dc:a0:ab:57:81:1f:62:de:6e:e2:0b:58:51:a9:83:
dc:75:2f:33:75:aa:6c:8d:21:df:e6:0c:10:80:0b:1d:d2:24:
3e:5a:b9:b3:a9:e8:f2:af:8b:da:ad:26:68:7c:0a:91:2d:22:
f9:8c:90:7c:a4:9d:9d:62:b4:d6:ed:52:4d:9c:b6:79:8b:77:
aa:d2:2d:27:76:9e:a6:f0:1d:c2:d9:67:81:ce:09:ae:16:13:
e0:aa:d2:28:0e:b5:b1:46:f4:4f:12:2f:03:38:83:df:3c:17:
ca:f1:2f:bb:45:5e:c7:aa:32:dd:fc:fa:bb:96:a1:18:69:c4:
a0:e9:dd:43:9d:85:6b:76:cf:5f:bf:e0:a6:a8:fb:22:37:eb:
4e:26:e0:49:39:21:65:88:ac:ff:96:1a:67:ba:9b:b6:6f:9f:
b2:51:62:32:b9:e4:74:19:91:75:1a:a1:36:a0:f4:ec:da:7c:
e8:29:4f:28:e5:a9:fd:9f:38:3b:fe:0b:7d:d9:14:95:30:22:
87:a3:d7:20:cc:be:a4:dd:a4:94:10:3f:71:e9:11:36:77:75:
d0:58:97:1d:39:b0:ea:e3:4f:2f:1e:4e:aa:db:13:b5:57:a3:
9a:d5:d1:65:45:7d:6f:b4:14:4a:1d:5e:f4:d2:a0:27:94:e9:
76:96:41:99
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY9NiB007w5Jdz5S9Y31yme6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwNTA2MTA1MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFmNGIwY2E3YzdjNTk4NGZmNDI3MmFlMGY3OTBkMTExNDUwNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CdJyAvVbml4gxAiR4eOUDlo/0uQ
noHOiypIdT3hRcm0WpcOOzikzUtVrUmOqYadCt36T+/19cl39c3IWuqgH4D3t1uI
r9PXsw9kAkl/UuTPQsk75iylLJWARq7Qj4Vqah2UMzmuvAZdrIjrNZx+YQbdXGrb
yUaREClWRINmZWuy/puUCnz9nRCj/Y8yq9xbCtT9FMdQuGnFzg7c2Hk0tW/h8spm
Yi+5H5GQovlK3z+IcyGXAmOwlnSiZI6qv2/3fO3ydDjeGBg1rqeDGRYuDB1Wj26Y
zi4Koz0Kqz7gsgYYRNCvoI+ILMHiAQxhClGjMTEpDYKXdz0bnEhEU5Vx+QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFK2vSwynx8WYT/QnKuD3kNERRQbmMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvcmE5TERLZkh4WmhQOUNjcTRQZVEwUkZGQnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwUDKgk9AAMF
AyoJtoADBQMqDV7AAwUAKg/FggMGBCoQw0BwAwYEKhECACADBQMqEQeAAwUDKhEL
gAMFAyoRrwAwDQYJKoZIhvcNAQELBQADggEBAAMwcdygq1eBH2LebuILWFGpg9x1
LzN1qmyNId/mDBCACx3SJD5aubOp6PKvi9qtJmh8CpEtIvmMkHyknZ1itNbtUk2c
tnmLd6rSLSd2nqbwHcLZZ4HOCa4WE+Cq0igOtbFG9E8SLwM4g988F8rxL7tFXseq
Mt38+ruWoRhpxKDp3UOdhWt2z1+/4Kao+yI3604m4Ek5IWWIrP+WGme6m7Zvn7JR
YjK55HQZkXUaoTag9OzafOgpTyjlqf2fODv+C33ZFJUwIoej1yDMvqTdpJQQP3Hp
ETZ3ddBYlx05sOrjTy8eTqrbE7VXo5rV0WVFfW+0FEodXvTSoCeU6XaWQZk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:16:24 2024 by rpki-client on console-fra.rpki-client.org