Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aLk-GxpFdp2hMRQGY3A24Fa98NU.roa
File: aLk-GxpFdp2hMRQGY3A24Fa98NU.roa (raw, json)
Hash identifier: w4BturblmfEH/ZK977JsjKOhS6rOpS1UZwdruu5nEj8=
Subject key identifier: 68:B9:3E:1B:1A:45:76:9D:A1:31:14:06:63:70:36:E0:56:BD:F0:D5
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86F9E0BA13E21606896AB8E0A922AD0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aLk-GxpFdp2hMRQGY3A24Fa98NU.roa
Signing time: Tue 02 Jan 2024 04:30:07 +0000
ROA not before: Tue 02 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4785
IP address blocks: 2a07:e340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:9e:0b:a1:3e:21:60:68:96:ab:8e:0a:92:2a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b93e1b1a45769da1311406637036e056bdf0d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d8:cd:8b:ad:7d:e6:95:3b:ce:eb:93:d1:26:
75:40:51:f9:c7:f7:eb:b9:86:e8:15:86:ca:cc:ac:
07:e1:ec:59:59:dc:83:3d:d0:e3:80:53:33:1f:d9:
0a:ca:45:ae:8d:07:6a:54:08:bf:b3:77:3c:4e:22:
c0:95:5f:90:60:2f:76:5a:74:84:4d:40:ed:ca:50:
10:b9:24:ff:28:9e:17:77:f1:8c:d8:bc:b4:44:36:
74:ba:58:e9:1a:46:88:67:59:51:a2:d6:8e:b7:c6:
a4:38:20:16:47:f6:d9:57:30:d4:24:d1:f7:1e:2b:
7e:f6:a8:45:7f:c3:26:cc:ff:b5:98:41:69:bc:0b:
41:ce:63:f5:ae:a8:98:46:78:15:3e:97:b7:06:49:
a6:f5:33:29:de:a2:0a:cd:2c:d7:7d:33:d3:29:94:
ee:f9:63:9c:9a:53:84:08:0c:89:86:59:28:73:51:
64:85:74:15:b0:42:12:f2:1e:08:3e:3f:28:4e:51:
37:bb:e2:e9:39:03:3e:da:f5:13:ff:2e:81:a6:85:
70:cf:a2:08:bf:24:cd:ea:8e:1a:c3:4f:a1:db:ec:
82:7c:c4:c0:69:f3:a3:28:e2:ce:a0:d7:3b:b1:b5:
72:f3:7f:a7:2a:e3:e6:33:c2:6e:c7:1f:42:32:38:
b8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B9:3E:1B:1A:45:76:9D:A1:31:14:06:63:70:36:E0:56:BD:F0:D5
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aLk-GxpFdp2hMRQGY3A24Fa98NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:e340::/32
Signature Algorithm: sha256WithRSAEncryption
1a:4b:34:22:f3:72:90:68:b5:6b:33:d6:26:6b:24:af:e4:e4:
f4:bc:6b:6d:31:d8:2a:f3:2c:6a:48:c6:ef:bb:99:58:14:23:
3a:72:2c:47:3e:ca:97:a9:ca:18:37:6f:43:5f:a1:1e:a1:39:
34:b2:d0:94:3d:3e:4e:e9:9c:63:1a:8b:84:e5:d3:2c:26:fc:
ee:06:08:bf:25:e0:c9:56:4a:75:9a:0c:d0:ae:d8:c0:c6:c7:
96:28:61:e8:37:35:13:c2:e9:87:91:62:94:46:b6:02:19:86:
dd:8e:2d:bf:5b:90:a0:70:8c:3a:4e:ae:c7:fa:07:2a:4a:b1:
98:53:a7:aa:f3:60:69:b5:18:0a:36:59:53:04:58:cc:87:65:
a1:c8:2c:4a:67:ac:c5:f3:4f:e4:b4:7e:88:f8:58:fa:96:ba:
01:b2:28:db:9b:9a:2a:16:48:90:4b:03:f2:a8:72:cc:af:01:
a4:a3:83:8d:6f:f8:d9:1c:d6:26:61:a5:47:cf:5c:80:09:c5:
ae:83:be:61:02:8b:5e:79:40:35:74:d1:ef:6d:a7:0d:14:6f:
e5:1a:c2:76:9f:8f:28:68:32:68:66:9e:fb:0d:0b:75:1c:70:
60:f5:ab:ec:7f:d1:ad:bb:5f:93:7d:a0:58:a9:f1:3e:7c:d5:
d5:30:e2:13
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIb54LoT4hYGiWq44KkirQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI5M2UxYjFhNDU3NjlkYTEzMTE0MDY2MzcwMzZlMDU2YmRmMGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNjNi6195pU7zuuT0SZ1QFH5x/fr
uYboFYbKzKwH4exZWdyDPdDjgFMzH9kKykWujQdqVAi/s3c8TiLAlV+QYC92WnSE
TUDtylAQuST/KJ4Xd/GM2Ly0RDZ0uljpGkaIZ1lRotaOt8akOCAWR/bZVzDUJNH3
Hit+9qhFf8MmzP+1mEFpvAtBzmP1rqiYRngVPpe3Bkmm9TMp3qIKzSzXfTPTKZTu
+WOcmlOECAyJhlkoc1FkhXQVsEIS8h4IPj8oTlE3u+LpOQM+2vUT/y6BpoVwz6II
vyTN6o4aw0+h2+yCfMTAafOjKOLOoNc7sbVy83+nKuPmM8Juxx9CMji4DwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGi5PhsaRXadoTEUBmNwNuBWvfDVMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYUxrLUd4cEZkcDJoTVJRR1kzQTI0RmE5OE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgfjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAGks0IvNykGi1azPWJmskr+Tk9LxrbTHYKvMsakjG
77uZWBQjOnIsRz7Kl6nKGDdvQ1+hHqE5NLLQlD0+TumcYxqLhOXTLCb87gYIvyXg
yVZKdZoM0K7YwMbHlihh6Dc1E8Lph5FilEa2AhmG3Y4tv1uQoHCMOk6ux/oHKkqx
mFOnqvNgabUYCjZZUwRYzIdlocgsSmesxfNP5LR+iPhY+pa6AbIo25uaKhZIkEsD
8qhyzK8BpKODjW/42RzWJmGlR89cgAnFroO+YQKLXnlANXTR722nDRRv5RrCdp+P
KGgyaGae+w0LdRxwYPWr7H/Rrbtfk32gWKnxPnzV1TDiEw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:53:48 2024 by rpki-client on console-fra.rpki-client.org