Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/IDOkVqrsMsjV5SiYmRY5frxrOB4.roa
File: IDOkVqrsMsjV5SiYmRY5frxrOB4.roa (raw, json)
Hash identifier: BCwWP2Q3I+Y2o/vh9LYgw+9s0+jAd56GHkbNekx6JWE=
Subject key identifier: 20:33:A4:56:AA:EC:32:C8:D5:E5:28:98:99:16:39:7E:BC:6B:38:1E
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3B927B137FB9E8A2B4C6AA22FB754
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/IDOkVqrsMsjV5SiYmRY5frxrOB4.roa
Signing time: Thu 21 Nov 2024 09:00:38 +0000
ROA not before: Thu 21 Nov 2024 09:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209389
IP address blocks: 2a01:e901:101::/48 maxlen: 48
2a01:e901:111::/48 maxlen: 48
2a01:e901:121::/48 maxlen: 48
2a01:e901:131::/48 maxlen: 48
2a01:e901:141::/48 maxlen: 48
2a01:e901:151::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:b9:27:b1:37:fb:9e:8a:2b:4c:6a:a2:2f:b7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2033a456aaec32c8d5e528989916397ebc6b381e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:58:53:00:bb:ff:44:13:90:32:9c:79:43:a0:
cb:71:ac:f3:e8:a3:5c:e0:31:c4:a2:35:2c:3e:94:
52:b7:1f:4d:13:19:ce:57:80:84:4f:2c:17:f6:06:
83:c8:7d:e2:32:b0:9e:b5:7f:07:5f:5c:d2:81:be:
23:da:ef:79:76:75:46:66:38:85:d0:9c:25:86:e4:
31:3a:89:1f:e5:02:61:3b:75:22:36:d6:26:68:f9:
de:93:9b:3c:d5:d1:4e:b3:9c:b4:c2:56:ef:23:61:
29:b0:61:b2:24:4e:8f:08:22:c2:ee:9b:ad:3c:02:
b9:f8:e3:51:a8:ce:0e:af:ac:e3:3a:19:e0:c4:9e:
31:7a:6a:b5:71:65:e9:84:1a:2f:c6:0f:12:79:04:
85:3f:98:a5:e8:7a:5f:d1:ef:ef:45:dc:59:e3:57:
a7:96:3c:7e:b5:3b:6b:68:b9:fe:b0:42:cc:85:a3:
45:80:fb:6a:10:eb:d1:d9:2e:d3:86:9e:0a:51:33:
fb:81:44:87:fa:e0:b9:37:a7:1c:9b:01:ba:59:95:
17:22:81:43:cf:c4:e1:d7:d2:d9:7d:83:7e:2f:12:
5b:68:ad:fc:27:ee:cb:cb:b2:9e:33:07:ac:7c:f1:
c9:36:dd:f2:7f:b6:9b:ab:3a:9a:2f:43:f9:a7:8c:
3f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:33:A4:56:AA:EC:32:C8:D5:E5:28:98:99:16:39:7E:BC:6B:38:1E
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/IDOkVqrsMsjV5SiYmRY5frxrOB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:101::/48
2a01:e901:111::/48
2a01:e901:121::/48
2a01:e901:131::/48
2a01:e901:141::/48
2a01:e901:151::/48
Signature Algorithm: sha256WithRSAEncryption
2d:e4:ec:07:41:7f:66:c2:20:7a:bd:12:6f:3c:e7:36:1f:9d:
cf:c4:a1:87:d9:ad:81:9b:c4:24:15:e0:50:db:f3:9c:99:bd:
e2:40:92:fb:82:d3:16:fa:2f:c6:04:c4:e5:4b:4b:2f:3e:83:
b4:c8:5e:c0:49:34:b3:b2:b8:53:6d:27:ba:45:34:01:5c:79:
77:3f:5f:9f:10:49:3d:c9:f7:85:72:ba:52:92:a0:b6:ad:84:
2d:5c:64:9c:00:35:0d:00:d1:0d:92:68:8b:cf:47:e3:a1:9d:
a7:51:1e:02:85:5c:3f:ef:bc:da:83:bc:8e:39:75:ef:25:79:
ee:c2:7c:0d:00:5f:d4:d3:34:52:36:d7:63:5a:cc:aa:24:a9:
1d:80:bd:d0:5a:fe:10:97:2e:05:3c:b7:e5:a0:5a:be:f1:3e:
ea:c0:dc:e8:54:98:88:bd:53:3e:8f:b9:79:47:2e:08:5a:a5:
b6:22:d0:34:b8:cc:38:02:89:35:2b:79:7a:37:b3:90:43:75:
d8:8a:00:30:db:36:f6:d7:39:f8:05:d4:c4:39:28:66:1b:21:
70:d4:97:a3:a8:4d:93:48:13:e3:84:2b:4d:73:ac:51:8d:fd:
64:9c:e2:d4:28:5e:e9:49:8e:07:d1:65:98:f7:b9:c4:4e:9b:
4c:85:47:5a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87knsTf7noorTGqiL7dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDMzYTQ1NmFhZWMzMmM4ZDVlNTI4OTg5OTE2Mzk3ZWJjNmIzODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVhTALv/RBOQMpx5Q6DLcazz6KNc
4DHEojUsPpRStx9NExnOV4CETywX9gaDyH3iMrCetX8HX1zSgb4j2u95dnVGZjiF
0JwlhuQxOokf5QJhO3UiNtYmaPnek5s81dFOs5y0wlbvI2EpsGGyJE6PCCLC7put
PAK5+ONRqM4Or6zjOhngxJ4xemq1cWXphBovxg8SeQSFP5il6Hpf0e/vRdxZ41en
ljx+tTtraLn+sELMhaNFgPtqEOvR2S7Thp4KUTP7gUSH+uC5N6ccmwG6WZUXIoFD
z8Th19LZfYN+LxJbaK38J+7Ly7KeMwesfPHJNt3yf7abqzqaL0P5p4w/rQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCAzpFaq7DLI1eUomJkWOX68azgeMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvSURPa1ZxcnNNc2pWNVNpWW1SWTVmcnhyT0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEB
AwcAKgHpAQERAwcAKgHpAQEhAwcAKgHpAQExAwcAKgHpAQFBAwcAKgHpAQFRMA0G
CSqGSIb3DQEBCwUAA4IBAQAt5OwHQX9mwiB6vRJvPOc2H53PxKGH2a2Bm8QkFeBQ
2/Ocmb3iQJL7gtMW+i/GBMTlS0svPoO0yF7ASTSzsrhTbSe6RTQBXHl3P1+fEEk9
yfeFcrpSkqC2rYQtXGScADUNANENkmiLz0fjoZ2nUR4ChVw/77zag7yOOXXvJXnu
wnwNAF/U0zRSNtdjWsyqJKkdgL3QWv4Qly4FPLfloFq+8T7qwNzoVJiIvVM+j7l5
Ry4IWqW2ItA0uMw4Aok1K3l6N7OQQ3XYigAw2zb21zn4BdTEOShmGyFw1JejqE2T
SBPjhCtNc6xRjf1knOLUKF7pSY4H0WWY97nETptMhUda
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:46:59 2024 by rpki-client on console-ams.rpki-client.org