Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/4wj9rcW9HrKYfO--LYyJBmCwQ9g.roa
File: 4wj9rcW9HrKYfO--LYyJBmCwQ9g.roa (raw, json)
Hash identifier: dKDvnTU3RxhAM+tu5r5kKKz/v7cH6yhqWbEVrtix5Rg=
Subject key identifier: E3:08:FD:AD:C5:BD:1E:B2:98:7C:EF:BE:2D:8C:89:06:60:B0:43:D8
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3B8E134C197D277B11609670BB543
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/4wj9rcW9HrKYfO--LYyJBmCwQ9g.roa
Signing time: Thu 21 Nov 2024 09:00:38 +0000
ROA not before: Thu 21 Nov 2024 09:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208850
IP address blocks: 2a01:e901:10a::/48 maxlen: 48
2a01:e901:11a::/48 maxlen: 48
2a01:e901:12a::/48 maxlen: 48
2a01:e901:13a::/48 maxlen: 48
2a01:e901:14a::/48 maxlen: 48
2a01:e901:15a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:b8:e1:34:c1:97:d2:77:b1:16:09:67:0b:b5:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e308fdadc5bd1eb2987cefbe2d8c890660b043d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:2b:32:ac:ff:ec:aa:22:37:59:d4:4c:69:
da:f2:c1:41:5d:a3:c2:f0:0d:80:87:38:dd:23:2b:
d3:92:8a:a9:57:a7:c0:a9:df:bd:cb:71:af:28:ed:
c7:26:9a:77:55:b4:bf:a0:58:4c:de:ba:a3:76:26:
fd:c3:1d:28:e2:a5:61:fc:05:dd:6d:96:5e:04:94:
09:e4:ff:f1:67:27:3a:34:aa:4b:46:0c:5d:6a:84:
4c:7d:44:02:57:f0:95:eb:dc:2d:0f:62:fa:4c:c2:
f2:6e:b7:51:d1:7a:3f:08:ca:78:f4:8b:ab:51:c1:
27:02:30:df:a0:7a:1f:82:5b:81:f2:18:34:94:28:
17:08:99:9f:35:a1:6d:b8:99:4a:04:cf:35:55:b8:
20:a9:4a:4e:e9:bd:60:cc:e4:00:9b:46:fd:43:74:
15:fe:a2:02:07:6d:7d:3a:b4:3d:2a:78:c8:13:66:
74:9a:4c:03:b2:cf:75:03:73:e2:dc:05:85:dc:e4:
b1:6b:a2:7d:53:63:65:6d:a2:7b:1e:72:26:cb:b4:
d3:47:55:a9:27:87:ec:61:21:af:4e:21:f0:66:00:
fc:98:84:e0:fa:19:f0:68:49:ae:3b:c3:b7:c4:aa:
30:75:16:2b:4e:1f:25:55:1a:25:c9:3c:6c:48:ab:
ce:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:08:FD:AD:C5:BD:1E:B2:98:7C:EF:BE:2D:8C:89:06:60:B0:43:D8
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/4wj9rcW9HrKYfO--LYyJBmCwQ9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10a::/48
2a01:e901:11a::/48
2a01:e901:12a::/48
2a01:e901:13a::/48
2a01:e901:14a::/48
2a01:e901:15a::/48
Signature Algorithm: sha256WithRSAEncryption
10:54:58:aa:25:59:65:25:6a:f4:d2:86:06:3a:3c:41:47:f9:
da:50:94:db:f8:9b:2e:69:01:88:34:a8:06:65:60:94:d4:ea:
bb:b0:9f:c9:ee:c2:19:86:36:f9:48:36:cb:5f:03:9b:f1:50:
a9:c0:37:1e:1f:92:1d:17:7b:c8:f2:6b:33:d3:95:67:09:22:
a3:6c:be:4b:fd:4a:b3:f2:bb:8f:ef:86:71:5e:63:32:d6:87:
eb:51:2b:f4:44:61:00:c9:0b:2f:f0:03:ed:54:2f:15:a6:1d:
36:4a:d5:3a:73:d2:ca:b0:07:dc:5c:99:41:ca:84:bc:16:18:
62:98:a8:a0:c6:70:e9:7c:17:e9:9f:83:28:68:de:a8:2c:46:
df:55:8d:d4:f3:ad:1b:c7:12:13:91:81:73:42:e0:5e:2b:48:
f7:63:ab:d8:68:42:98:e2:40:ce:f3:3a:6f:e7:bc:b0:a7:89:
f7:d5:ae:43:eb:e7:43:a0:57:67:ed:91:45:27:cf:5d:11:0c:
d1:c5:bf:46:5e:a2:61:9f:08:5d:d6:bd:4b:cd:21:b9:8a:4c:
31:28:1d:07:93:1e:06:b7:70:ae:72:6e:3b:fa:dc:86:7b:8a:
04:96:8f:bd:99:bc:68:68:bb:0e:c1:d8:73:eb:ca:44:e7:c3:
f0:e4:03:26
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87jhNMGX0nexFglnC7VDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA4ZmRhZGM1YmQxZWIyOTg3Y2VmYmUyZDhjODkwNjYwYjA0M2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZsrMqz/7KoiN1nUTGna8sFBXaPC
8A2AhzjdIyvTkoqpV6fAqd+9y3GvKO3HJpp3VbS/oFhM3rqjdib9wx0o4qVh/AXd
bZZeBJQJ5P/xZyc6NKpLRgxdaoRMfUQCV/CV69wtD2L6TMLybrdR0Xo/CMp49Iur
UcEnAjDfoHofgluB8hg0lCgXCJmfNaFtuJlKBM81VbggqUpO6b1gzOQAm0b9Q3QV
/qICB219OrQ9KnjIE2Z0mkwDss91A3Pi3AWF3OSxa6J9U2NlbaJ7HnImy7TTR1Wp
J4fsYSGvTiHwZgD8mITg+hnwaEmuO8O3xKowdRYrTh8lVRolyTxsSKvOHwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOMI/a3FvR6ymHzvvi2MiQZgsEPYMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvNHdqOXJjVzlIcktZZk8tLUxZeUpCbUN3UTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEK
AwcAKgHpAQEaAwcAKgHpAQEqAwcAKgHpAQE6AwcAKgHpAQFKAwcAKgHpAQFaMA0G
CSqGSIb3DQEBCwUAA4IBAQAQVFiqJVllJWr00oYGOjxBR/naUJTb+JsuaQGINKgG
ZWCU1Oq7sJ/J7sIZhjb5SDbLXwOb8VCpwDceH5IdF3vI8msz05VnCSKjbL5L/Uqz
8ruP74ZxXmMy1ofrUSv0RGEAyQsv8APtVC8Vph02StU6c9LKsAfcXJlByoS8Fhhi
mKigxnDpfBfpn4MoaN6oLEbfVY3U860bxxITkYFzQuBeK0j3Y6vYaEKY4kDO8zpv
57ywp4n31a5D6+dDoFdn7ZFFJ89dEQzRxb9GXqJhnwhd1r1LzSG5ikwxKB0Hkx4G
t3Cucm47+tyGe4oElo+9mbxoaLsOwdhz68pE58Pw5AMm
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:56:35 2024 by rpki-client on console-ams.rpki-client.org