Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/BC7ieHX3m3Iq4RDiDoxABauAeYM.roa
File: BC7ieHX3m3Iq4RDiDoxABauAeYM.roa (raw, json)
Hash identifier: rXMakeJzPeg+BdMd3XpJ7NxiNHjzLU2EOibO7UjmOvw=
Subject key identifier: 04:2E:E2:78:75:F7:9B:72:2A:E1:10:E2:0E:8C:40:05:AB:80:79:83
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018CC5007421AE230B5C2B30B453F8A6C37D
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/BC7ieHX3m3Iq4RDiDoxABauAeYM.roa
Signing time: Mon 01 Jan 2024 12:29:50 +0000
ROA not before: Mon 01 Jan 2024 12:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210712
IP address blocks: 2a02:17a0::/30 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:74:21:ae:23:0b:5c:2b:30:b4:53:f8:a6:c3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 12:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=042ee27875f79b722ae110e20e8c4005ab807983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:69:c8:97:30:32:14:be:63:71:42:d2:ff:3e:
90:a3:06:3d:13:1c:72:1d:7a:0d:4e:d1:7a:8c:53:
a3:3f:69:e6:24:f4:5c:4e:ea:ac:9a:ef:63:c8:1c:
db:26:d3:88:0f:83:f7:16:47:79:18:b9:ed:e0:db:
a0:33:4d:33:ae:80:14:4f:a8:56:01:7d:4c:fe:1e:
b4:18:03:ce:79:1a:a9:ce:6c:aa:f7:fd:8a:7f:70:
71:1e:bb:ae:aa:2a:2e:eb:70:cb:39:90:cf:65:8a:
1c:8f:5c:4c:4c:8e:3d:b9:55:1e:0d:11:42:b8:30:
cf:4f:2f:a8:32:4b:4e:9b:2f:b6:88:02:c3:c0:0c:
20:74:d1:3c:cd:4c:74:c0:01:dc:6e:d8:61:33:73:
fb:6e:b7:e6:e8:85:24:3a:b5:a3:af:d4:d5:97:97:
8e:29:ae:12:59:a4:49:92:e4:4f:bb:bf:41:69:b3:
9e:ad:e0:13:11:69:3d:6d:33:1d:c4:e5:38:a1:f6:
2c:05:4a:98:bd:0d:fa:8a:a6:6d:8b:46:17:a3:08:
cc:5f:99:d5:22:88:e6:87:6a:ec:e4:ce:3d:2e:36:
74:34:24:2d:6d:9f:ad:46:19:56:66:f5:c6:14:2d:
c1:e8:2c:e4:79:c8:c7:e8:eb:2b:c3:66:21:f3:c6:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2E:E2:78:75:F7:9B:72:2A:E1:10:E2:0E:8C:40:05:AB:80:79:83
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/BC7ieHX3m3Iq4RDiDoxABauAeYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:17a0::/30
Signature Algorithm: sha256WithRSAEncryption
c4:bd:2f:7d:15:1d:c1:bc:a1:35:74:d4:4d:d4:39:bf:96:26:
a4:41:e7:e2:5c:9c:a9:fa:d2:69:b8:e3:31:16:0e:75:7b:fa:
06:52:c0:39:2c:a7:96:47:bd:38:02:e7:f9:3d:89:94:4c:34:
27:26:19:16:4c:ce:21:07:3b:1b:66:94:ce:65:0e:ec:8c:dd:
86:e2:ae:d8:05:d3:f8:6e:c4:aa:19:1d:97:35:6b:c1:44:23:
6a:b4:a2:43:39:19:6a:22:a0:72:19:e2:07:8a:15:d0:95:49:
35:48:39:6e:01:7e:43:31:ec:1f:29:b5:58:fb:2d:36:76:67:
0b:e2:59:52:4a:3e:90:e4:d5:d5:1c:7f:11:ef:3d:e5:dd:16:
8d:1c:50:ed:37:b2:59:63:12:9c:b8:6d:9d:99:5d:cd:1f:01:
a5:42:1d:cb:8d:aa:15:eb:a5:d5:d9:26:03:b0:f0:ef:74:4d:
cf:e5:26:dc:64:6e:ae:c5:80:74:2b:9e:b5:a8:2d:3c:bf:d9:
27:ee:8f:22:a4:45:4d:98:70:47:4d:42:6a:c9:4f:fa:9d:17:
af:74:4f:16:85:29:a1:b5:90:c0:ff:8b:c4:55:89:1e:49:54:
6e:42:2e:78:48:7a:e6:78:8b:d2:84:88:a8:ce:e7:13:2c:65:
49:cb:bb:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAHQhriMLXCswtFP4psN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMTAxMTIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDJlZTI3ODc1Zjc5YjcyMmFlMTEwZTIwZThjNDAwNWFiODA3OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGnIlzAyFL5jcULS/z6QowY9Exxy
HXoNTtF6jFOjP2nmJPRcTuqsmu9jyBzbJtOID4P3Fkd5GLnt4NugM00zroAUT6hW
AX1M/h60GAPOeRqpzmyq9/2Kf3BxHruuqiou63DLOZDPZYocj1xMTI49uVUeDRFC
uDDPTy+oMktOmy+2iALDwAwgdNE8zUx0wAHcbthhM3P7brfm6IUkOrWjr9TVl5eO
Ka4SWaRJkuRPu79BabOereATEWk9bTMdxOU4ofYsBUqYvQ36iqZti0YXowjMX5nV
Iojmh2rs5M49LjZ0NCQtbZ+tRhlWZvXGFC3B6CzkecjH6Osrw2Yh88YHWwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAQu4nh195tyKuEQ4g6MQAWrgHmDMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvQkM3aWVIWDNtM0lxNFJEaURveEFCYXVBZVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgIXoDAN
BgkqhkiG9w0BAQsFAAOCAQEAxL0vfRUdwbyhNXTUTdQ5v5YmpEHn4lycqfrSabjj
MRYOdXv6BlLAOSynlke9OALn+T2JlEw0JyYZFkzOIQc7G2aUzmUO7IzdhuKu2AXT
+G7EqhkdlzVrwUQjarSiQzkZaiKgchniB4oV0JVJNUg5bgF+QzHsHym1WPstNnZn
C+JZUko+kOTV1Rx/Ee895d0WjRxQ7TeyWWMSnLhtnZldzR8BpUIdy42qFeul1dkm
A7Dw73RNz+Um3GRursWAdCuetagtPL/ZJ+6PIqRFTZhwR01CaslP+p0Xr3RPFoUp
obWQwP+LxFWJHklUbkIueEh65niL0oSIqM7nEyxlScu7ww==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:40 2024 by rpki-client on console-ams.rpki-client.org