Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/AO58Qo86FCKIWISOB9O6GjKv8OA.roa
File: AO58Qo86FCKIWISOB9O6GjKv8OA.roa (raw, json)
Hash identifier: o+7BJvXgd4CttZ9Dnd4aAdvSGAALC353sDNqCMSmWMc=
Subject key identifier: 00:EE:7C:42:8F:3A:14:22:88:58:84:8E:07:D3:BA:1A:32:AF:F0:E0
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3BC63958D315CFAA2A5F53CDDE0F1
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/AO58Qo86FCKIWISOB9O6GjKv8OA.roa
Signing time: Thu 21 Nov 2024 09:00:39 +0000
ROA not before: Thu 21 Nov 2024 09:00:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213876
IP address blocks: 2a01:e901:100::/48 maxlen: 48
2a01:e901:110::/48 maxlen: 48
2a01:e901:120::/48 maxlen: 48
2a01:e901:130::/48 maxlen: 48
2a01:e901:140::/48 maxlen: 48
2a01:e901:150::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:bc:63:95:8d:31:5c:fa:a2:a5:f5:3c:dd:e0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00ee7c428f3a14228858848e07d3ba1a32aff0e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ba:73:60:d5:bf:3f:aa:79:ba:2a:24:78:c6:
51:12:61:cc:12:32:28:8f:c2:09:e3:59:aa:3a:67:
4f:6d:05:c1:09:ed:80:5b:db:b1:d7:68:b1:65:45:
93:98:ef:bc:91:bc:32:54:7e:5d:ea:b1:b7:38:b5:
38:b6:d9:ee:bd:84:14:f6:50:f3:da:b7:4a:e2:97:
a0:12:c0:a7:b8:95:78:18:8d:6d:06:56:e3:93:4f:
21:76:d3:56:f7:78:11:d7:00:31:ea:45:0f:f9:38:
4a:b7:88:45:7b:de:f9:c3:86:bc:88:85:ea:1b:c6:
ac:da:d0:d2:a5:1a:fd:ad:ba:4c:63:56:df:80:c1:
d9:23:bc:c6:1a:eb:47:eb:64:94:a7:8b:ce:43:98:
41:52:54:e8:87:56:a4:02:33:46:96:1d:dc:ee:4a:
dc:19:43:d1:ac:72:cd:35:4e:00:e5:9f:91:5c:aa:
35:31:bd:d3:84:81:ef:8d:8e:c1:4c:64:46:47:9c:
64:58:ad:78:cf:78:2d:03:a2:68:a4:76:76:20:e0:
d4:6d:8b:f5:80:87:93:79:cd:e0:1a:40:39:49:4b:
af:85:2d:3b:39:2c:05:37:ba:4e:72:93:d6:63:60:
76:e4:63:9a:33:ea:69:70:87:33:e5:c8:06:84:12:
3e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EE:7C:42:8F:3A:14:22:88:58:84:8E:07:D3:BA:1A:32:AF:F0:E0
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/AO58Qo86FCKIWISOB9O6GjKv8OA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:100::/48
2a01:e901:110::/48
2a01:e901:120::/48
2a01:e901:130::/48
2a01:e901:140::/48
2a01:e901:150::/48
Signature Algorithm: sha256WithRSAEncryption
96:c9:b3:57:b7:4b:07:17:88:f2:88:bb:58:1d:63:03:43:95:
50:18:88:94:82:fb:9a:ab:22:38:2a:36:fe:6b:f2:2b:95:56:
40:8d:bc:d0:dd:98:43:a0:e0:b4:59:81:33:de:47:10:95:95:
b8:6c:f5:a7:c0:ba:71:39:0b:62:ca:ec:b1:a1:39:84:72:6c:
fa:19:94:d0:3d:72:87:ce:ad:03:19:da:0f:29:a3:05:59:b7:
14:08:2a:dc:4c:22:3b:9e:0a:eb:4c:76:b3:51:78:21:eb:41:
4e:65:77:aa:a5:1f:5b:d5:02:87:40:5f:96:be:d0:d7:25:eb:
a1:1e:e9:34:29:86:05:0b:2b:c8:ab:45:bb:e8:b3:61:56:bd:
e3:c2:47:59:56:dc:58:03:cb:ad:b8:69:c4:6f:a8:08:1d:2f:
e3:bc:7c:42:fb:8f:b7:e1:6d:12:ca:89:6d:ad:df:73:aa:5d:
a1:73:61:fe:5b:3d:11:21:9b:ef:87:e4:d9:cb:b9:b1:10:33:
be:46:5e:f8:33:d0:f0:2c:44:22:80:74:b3:3a:76:cc:0f:d0:
28:07:46:d8:76:ee:1e:4f:af:c7:6e:07:b8:3e:83:2e:b9:36:
99:81:64:2e:b2:d6:69:5e:5e:0c:60:ac:dd:3b:3d:c3:5a:4d:
1a:46:33:7a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87xjlY0xXPqipfU83eDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVlN2M0MjhmM2ExNDIyODg1ODg0OGUwN2QzYmExYTMyYWZmMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrpzYNW/P6p5uiokeMZREmHMEjIo
j8IJ41mqOmdPbQXBCe2AW9ux12ixZUWTmO+8kbwyVH5d6rG3OLU4ttnuvYQU9lDz
2rdK4pegEsCnuJV4GI1tBlbjk08hdtNW93gR1wAx6kUP+ThKt4hFe975w4a8iIXq
G8as2tDSpRr9rbpMY1bfgMHZI7zGGutH62SUp4vOQ5hBUlToh1akAjNGlh3c7krc
GUPRrHLNNU4A5Z+RXKo1Mb3ThIHvjY7BTGRGR5xkWK14z3gtA6JopHZ2IODUbYv1
gIeTec3gGkA5SUuvhS07OSwFN7pOcpPWY2B25GOaM+ppcIcz5cgGhBI+jQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFADufEKPOhQiiFiEjgfTuhoyr/DgMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvQU81OFFvODZGQ0tJV0lTT0I5TzZHakt2OE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEA
AwcAKgHpAQEQAwcAKgHpAQEgAwcAKgHpAQEwAwcAKgHpAQFAAwcAKgHpAQFQMA0G
CSqGSIb3DQEBCwUAA4IBAQCWybNXt0sHF4jyiLtYHWMDQ5VQGIiUgvuaqyI4Kjb+
a/IrlVZAjbzQ3ZhDoOC0WYEz3kcQlZW4bPWnwLpxOQtiyuyxoTmEcmz6GZTQPXKH
zq0DGdoPKaMFWbcUCCrcTCI7ngrrTHazUXgh60FOZXeqpR9b1QKHQF+WvtDXJeuh
Huk0KYYFCyvIq0W76LNhVr3jwkdZVtxYA8utuGnEb6gIHS/jvHxC+4+34W0Syolt
rd9zql2hc2H+Wz0RIZvvh+TZy7mxEDO+Rl74M9DwLEQigHSzOnbMD9AoB0bYdu4e
T6/Hbge4PoMuuTaZgWQustZpXl4MYKzdOz3DWk0aRjN6
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:26:59 2024 by rpki-client on console-fra.rpki-client.org