Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/RA5adPABboCfrlrGho0ndFmt5yQ.roa
File: RA5adPABboCfrlrGho0ndFmt5yQ.roa (raw, json)
Hash identifier: feuYGBFmNsrW/jztovMN+GhsTVgNzf4OUHytHEj9TlA=
Subject key identifier: 44:0E:5A:74:F0:01:6E:80:9F:AE:5A:C6:86:8D:27:74:59:AD:E7:24
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3BB620548F7C7BA3021D496B81256
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/RA5adPABboCfrlrGho0ndFmt5yQ.roa
Signing time: Thu 21 Nov 2024 09:00:39 +0000
ROA not before: Thu 21 Nov 2024 09:00:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211944
IP address blocks: 2a01:e901:102::/48 maxlen: 48
2a01:e901:112::/48 maxlen: 48
2a01:e901:122::/48 maxlen: 48
2a01:e901:132::/48 maxlen: 48
2a01:e901:142::/48 maxlen: 48
2a01:e901:152::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:bb:62:05:48:f7:c7:ba:30:21:d4:96:b8:12:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=440e5a74f0016e809fae5ac6868d277459ade724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e7:a0:ba:99:36:ab:b5:c7:03:60:00:2e:41:
18:36:f0:1d:50:71:9f:2f:74:16:5f:89:3f:2d:c4:
66:c6:f1:de:9e:7a:57:9a:a0:f2:88:99:06:8d:c8:
de:cf:7c:ee:99:cb:b5:17:df:c0:ce:65:ac:59:78:
de:15:89:34:5f:cf:2d:db:18:29:ab:8c:ec:e7:15:
77:2d:cd:33:9d:d1:25:66:3c:a3:40:3a:72:e5:5d:
96:87:49:24:58:2f:60:8a:9b:64:ef:67:1f:99:77:
a8:53:d4:c6:8d:9c:50:40:9a:00:6c:d9:30:1c:97:
cc:48:5a:c2:15:5c:15:96:eb:9e:2a:59:b4:38:52:
a8:c2:35:c9:dd:0b:f2:43:04:d3:89:82:47:be:b7:
a1:da:18:dd:c8:23:e8:e1:f3:b7:59:36:27:c6:a5:
d6:54:70:8d:93:68:13:b2:c1:37:d6:49:d5:ad:92:
9e:3a:2b:b3:3c:ec:31:f4:d3:51:06:c6:f2:63:dd:
ca:82:a3:66:cd:27:33:10:b0:0c:27:8a:2a:26:ee:
ec:e7:08:cb:c2:68:cd:74:c3:20:49:f4:34:eb:0f:
c7:7e:9c:94:49:f2:40:23:30:40:0b:33:c4:4f:5c:
cb:f9:32:7b:57:18:e7:22:85:49:e4:21:15:44:4c:
cb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0E:5A:74:F0:01:6E:80:9F:AE:5A:C6:86:8D:27:74:59:AD:E7:24
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/RA5adPABboCfrlrGho0ndFmt5yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:102::/48
2a01:e901:112::/48
2a01:e901:122::/48
2a01:e901:132::/48
2a01:e901:142::/48
2a01:e901:152::/48
Signature Algorithm: sha256WithRSAEncryption
40:13:7e:f8:14:93:ac:a1:9b:da:76:ec:3e:5f:67:5d:f7:5b:
fb:a9:a2:02:bc:0c:dd:47:d6:7f:aa:f3:5b:a3:dd:1d:38:21:
27:20:92:b3:e1:9d:55:e4:e5:a8:d2:c4:48:2f:5f:5a:e8:79:
e3:3d:fa:8f:c9:aa:4a:05:e2:23:b9:98:56:d2:e5:fc:d4:ba:
4a:10:07:e5:0f:c6:17:90:be:66:bd:cb:b8:f7:8b:7a:f2:45:
0f:aa:08:4f:d3:82:b4:ee:45:18:80:a5:a1:b0:56:3f:ad:89:
5f:ec:9b:ed:42:ad:e5:59:4b:fb:7d:30:09:e0:31:e6:b0:da:
f9:ab:cd:e7:a5:3a:1d:8a:cc:5f:9d:90:20:90:bc:fa:b4:4f:
3f:65:79:1a:04:d2:66:09:a8:43:56:d4:20:fb:9a:c9:78:f5:
f3:03:90:78:22:0a:a9:93:20:3e:91:49:9f:36:bd:9c:35:77:
be:65:95:92:36:63:04:8e:05:8b:00:f8:83:80:04:03:cc:46:
fb:54:19:61:da:bc:1e:4f:81:24:f5:da:ee:ef:30:d4:af:ca:
5e:b2:c2:a7:9f:db:60:61:4a:e8:b7:f3:a0:d7:7f:da:1b:72:
39:9e:f3:c9:40:5d:18:80:d8:ca:4a:9c:90:a1:47:89:04:82:
ee:53:20:0e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87tiBUj3x7owIdSWuBJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDBlNWE3NGYwMDE2ZTgwOWZhZTVhYzY4NjhkMjc3NDU5YWRlNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeegupk2q7XHA2AALkEYNvAdUHGf
L3QWX4k/LcRmxvHennpXmqDyiJkGjcjez3zumcu1F9/AzmWsWXjeFYk0X88t2xgp
q4zs5xV3Lc0zndElZjyjQDpy5V2Wh0kkWC9giptk72cfmXeoU9TGjZxQQJoAbNkw
HJfMSFrCFVwVluueKlm0OFKowjXJ3QvyQwTTiYJHvreh2hjdyCPo4fO3WTYnxqXW
VHCNk2gTssE31knVrZKeOiuzPOwx9NNRBsbyY93KgqNmzSczELAMJ4oqJu7s5wjL
wmjNdMMgSfQ06w/HfpyUSfJAIzBACzPET1zL+TJ7VxjnIoVJ5CEVREzLqwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEQOWnTwAW6An65axoaNJ3RZreckMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvUkE1YWRQQUJib0NmcmxyR2hvMG5kRm10NXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEC
AwcAKgHpAQESAwcAKgHpAQEiAwcAKgHpAQEyAwcAKgHpAQFCAwcAKgHpAQFSMA0G
CSqGSIb3DQEBCwUAA4IBAQBAE374FJOsoZvaduw+X2dd91v7qaICvAzdR9Z/qvNb
o90dOCEnIJKz4Z1V5OWo0sRIL19a6HnjPfqPyapKBeIjuZhW0uX81LpKEAflD8YX
kL5mvcu494t68kUPqghP04K07kUYgKWhsFY/rYlf7JvtQq3lWUv7fTAJ4DHmsNr5
q83npTodisxfnZAgkLz6tE8/ZXkaBNJmCahDVtQg+5rJePXzA5B4IgqpkyA+kUmf
Nr2cNXe+ZZWSNmMEjgWLAPiDgAQDzEb7VBlh2rweT4Ek9dru7zDUr8pessKnn9tg
YUrot/Og13/aG3I5nvPJQF0YgNjKSpyQoUeJBILuUyAO
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:06:16 2024 by rpki-client on console-fra.rpki-client.org