Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/T4YzafknjHTPZzU7s4BVsNys3XU.roa
File: T4YzafknjHTPZzU7s4BVsNys3XU.roa (raw, json)
Hash identifier: BGrkygNCZyAT4QOKIBGlUYXmOi1v49gGfW85bgZTYS0=
Subject key identifier: 4F:86:33:69:F9:27:8C:74:CF:67:35:3B:B3:80:55:B0:DC:AC:DD:75
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3BA1389C57FFC1566A18500FCAC6C
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/T4YzafknjHTPZzU7s4BVsNys3XU.roa
Signing time: Thu 21 Nov 2024 09:00:38 +0000
ROA not before: Thu 21 Nov 2024 09:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210344
IP address blocks: 2a01:e901:104::/48 maxlen: 48
2a01:e901:114::/48 maxlen: 48
2a01:e901:124::/48 maxlen: 48
2a01:e901:134::/48 maxlen: 48
2a01:e901:144::/48 maxlen: 48
2a01:e901:154::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:ba:13:89:c5:7f:fc:15:66:a1:85:00:fc:ac:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f863369f9278c74cf67353bb38055b0dcacdd75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b0:0d:47:ce:1c:c7:b9:58:94:d2:0b:24:8b:
da:18:96:88:87:dd:d9:23:77:b3:b3:70:f1:56:af:
79:9b:00:08:4b:d2:5b:b6:d3:db:95:b1:73:b8:e1:
fb:88:de:2c:98:36:91:82:e4:af:43:4a:de:1c:f4:
53:73:5c:76:43:03:78:0f:48:44:88:bc:ff:ca:9b:
f5:5a:54:bd:6f:00:e4:1a:fb:a1:f4:18:6f:d9:2a:
76:24:b7:b6:36:d2:30:88:ca:72:57:a4:f5:f5:93:
17:76:36:33:04:00:45:fd:92:c3:2b:11:d3:08:76:
57:4c:24:8d:14:57:6b:cf:25:71:36:2c:31:d1:76:
d6:10:3d:86:7e:5b:51:e4:53:cb:1a:f4:4e:89:06:
17:46:66:16:4b:a7:1a:5e:8a:56:09:0b:66:79:8c:
82:72:08:07:32:91:f6:22:a1:d5:b5:24:f7:ad:6f:
88:57:81:ae:fb:18:df:a4:70:75:b4:0a:66:38:a8:
68:bc:ab:a3:db:d2:d4:0c:36:f0:72:17:40:11:c5:
13:29:b2:fb:00:b5:04:03:57:94:0f:79:e4:fb:c7:
ca:d3:fa:c6:0d:17:03:3b:ef:2b:c3:e2:45:51:3f:
34:fe:ba:d3:93:03:d9:8c:09:4c:d2:3c:ff:af:1e:
e0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:86:33:69:F9:27:8C:74:CF:67:35:3B:B3:80:55:B0:DC:AC:DD:75
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/T4YzafknjHTPZzU7s4BVsNys3XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:104::/48
2a01:e901:114::/48
2a01:e901:124::/48
2a01:e901:134::/48
2a01:e901:144::/48
2a01:e901:154::/48
Signature Algorithm: sha256WithRSAEncryption
8a:1a:9a:ca:d4:0a:ca:d8:0d:71:97:6a:34:4e:da:4d:b4:ab:
e0:9a:86:db:e1:58:1a:e4:31:1e:f3:fa:c5:40:47:e5:88:38:
cc:0e:97:e6:09:53:e1:90:1d:58:b1:a3:37:45:61:6d:17:1d:
60:e1:42:9c:b3:39:48:1d:f3:3b:9f:18:09:91:97:eb:36:24:
74:86:88:15:86:c5:5f:23:8c:b1:36:b3:53:24:57:7e:d9:cc:
8a:40:1d:20:0c:04:50:db:69:75:43:e9:1f:ab:57:36:f1:99:
c1:1f:b0:44:24:9c:ae:fd:a8:77:5c:62:37:8b:ed:25:84:1c:
bf:bd:e8:f0:fb:1a:56:12:d2:15:d7:66:18:1c:6f:47:3a:b5:
98:53:e7:ee:b2:72:fa:94:c4:ab:61:fc:6f:ae:2a:b9:03:5a:
13:cb:9f:36:f7:60:8a:59:65:43:d1:f9:43:8d:ab:8f:05:0a:
22:d2:64:34:c0:92:66:ff:c2:a3:ae:4a:12:3d:ca:9a:72:64:
8a:2c:93:ad:08:c0:14:5f:0c:98:cb:b6:40:23:a1:91:0e:8a:
f7:01:e3:ab:be:66:dc:c4:8e:04:c2:09:cb:58:1c:4c:11:de:
ba:41:18:62:39:75:23:e0:4a:14:5f:2e:ac:9e:7e:b6:18:8f:
fb:6b:f0:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87oTicV//BVmoYUA/KxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjg2MzM2OWY5Mjc4Yzc0Y2Y2NzM1M2JiMzgwNTViMGRjYWNkZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLANR84cx7lYlNILJIvaGJaIh93Z
I3ezs3DxVq95mwAIS9JbttPblbFzuOH7iN4smDaRguSvQ0reHPRTc1x2QwN4D0hE
iLz/ypv1WlS9bwDkGvuh9Bhv2Sp2JLe2NtIwiMpyV6T19ZMXdjYzBABF/ZLDKxHT
CHZXTCSNFFdrzyVxNiwx0XbWED2GfltR5FPLGvROiQYXRmYWS6caXopWCQtmeYyC
cggHMpH2IqHVtST3rW+IV4Gu+xjfpHB1tApmOKhovKuj29LUDDbwchdAEcUTKbL7
ALUEA1eUD3nk+8fK0/rGDRcDO+8rw+JFUT80/rrTkwPZjAlM0jz/rx7gMwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFE+GM2n5J4x0z2c1O7OAVbDcrN11MB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvVDRZemFma25qSFRQWnpVN3M0QlZzTnlzM1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEE
AwcAKgHpAQEUAwcAKgHpAQEkAwcAKgHpAQE0AwcAKgHpAQFEAwcAKgHpAQFUMA0G
CSqGSIb3DQEBCwUAA4IBAQCKGprK1ArK2A1xl2o0TtpNtKvgmobb4Vga5DEe8/rF
QEfliDjMDpfmCVPhkB1YsaM3RWFtFx1g4UKcszlIHfM7nxgJkZfrNiR0hogVhsVf
I4yxNrNTJFd+2cyKQB0gDARQ22l1Q+kfq1c28ZnBH7BEJJyu/ah3XGI3i+0lhBy/
vejw+xpWEtIV12YYHG9HOrWYU+fusnL6lMSrYfxvriq5A1oTy58292CKWWVD0flD
jauPBQoi0mQ0wJJm/8KjrkoSPcqacmSKLJOtCMAUXwyYy7ZAI6GRDor3AeOrvmbc
xI4EwgnLWBxMEd66QRhiOXUj4EoUXy6snn62GI/7a/DJ
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:45:50 2024 by rpki-client on console-ams.rpki-client.org