Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/TbZRM3h4AsMjWvHak2KrmhLVQCU.roa
File: TbZRM3h4AsMjWvHak2KrmhLVQCU.roa (raw, json)
Hash identifier: jIYARf85azSdSt3z2i3QmxNxs7i1RGU9J9OCGWG96JA=
Subject key identifier: 4D:B6:51:33:78:78:02:C3:23:5A:F1:DA:93:62:AB:9A:12:D5:40:25
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01927C558413683E877D7960C85BE8242A47
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/TbZRM3h4AsMjWvHak2KrmhLVQCU.roa
Signing time: Fri 11 Oct 2024 16:07:12 +0000
ROA not before: Fri 11 Oct 2024 16:07:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 2a01:e900:f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7c:55:84:13:68:3e:87:7d:79:60:c8:5b:e8:24:2a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Oct 11 16:07:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db65133787802c3235af1da9362ab9a12d54025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f1:ac:67:fc:f3:c9:ce:77:c7:82:6e:32:40:
64:5e:9a:b7:3d:c8:ff:a7:5b:42:83:6f:4e:62:41:
f2:15:0e:1c:f4:75:99:90:fd:dc:39:cd:0d:0e:02:
62:27:44:9a:1c:ef:93:9e:67:b8:b0:26:95:bd:7d:
bc:97:19:cc:0d:8a:45:44:fe:de:75:7c:53:69:cb:
c8:7a:26:e7:c3:aa:0c:f2:4f:81:9e:63:2e:07:5c:
66:79:50:e9:ba:d4:06:c5:63:cc:c7:3f:55:48:cb:
7d:f4:5c:29:f1:a9:47:d2:d8:0b:4c:bc:36:db:b4:
d2:62:62:73:eb:c1:a1:bd:25:f9:1d:56:98:9c:59:
dc:e3:b0:e0:6e:3b:34:ee:f2:54:b3:3b:e1:4d:1b:
03:30:70:01:8e:ce:76:30:20:16:62:0e:a5:1a:4b:
63:12:42:aa:20:31:73:7a:ad:a3:d8:1f:b8:f9:2e:
fd:b2:1a:b6:2e:61:99:7a:03:98:52:85:c6:ca:42:
aa:26:84:73:73:2d:0f:38:ea:da:15:bc:2f:3e:51:
73:0f:f0:ae:29:bc:94:95:5b:5b:95:03:2e:72:bf:
de:3f:bf:93:3a:96:b9:e8:33:af:04:de:9c:3e:cb:
55:2c:cf:88:85:28:f0:c3:56:fd:f4:e8:b0:a3:4c:
89:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B6:51:33:78:78:02:C3:23:5A:F1:DA:93:62:AB:9A:12:D5:40:25
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/TbZRM3h4AsMjWvHak2KrmhLVQCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e900:f0::/48
Signature Algorithm: sha256WithRSAEncryption
07:16:92:75:15:58:07:1e:bc:a7:9a:17:f0:2e:64:84:9c:0e:
bf:02:4b:b8:5f:52:a9:ae:87:b3:54:d5:5e:41:c9:16:0e:67:
55:9d:a5:9a:2c:06:4e:11:3f:02:7e:81:77:a1:a8:00:2f:47:
81:d2:b1:6f:b5:5a:d3:08:1a:7b:93:d6:0c:b3:f4:3c:9e:77:
55:60:05:4c:63:75:b3:ce:56:54:6d:91:a8:c3:d6:df:af:0c:
90:3d:d8:b4:0b:7d:3b:12:b9:e2:f9:c9:b1:96:ce:fa:c3:9c:
92:c3:bc:ce:ee:6a:81:c6:28:a6:5a:b2:9c:c7:3c:06:cf:22:
9c:a3:55:03:a8:1e:a4:c4:73:d3:cd:66:04:29:ce:f6:f3:ac:
d5:69:55:12:65:e2:f3:3d:2d:0a:c5:49:1a:1b:99:3c:40:0c:
3e:98:e8:5c:af:ec:52:06:12:b6:9f:35:28:00:4c:66:ec:e7:
bc:4f:93:77:e3:b9:26:be:c4:c8:cb:8d:9b:43:66:c3:05:78:
15:f5:66:6b:cd:6c:bf:5b:bf:a6:07:ec:a8:f4:79:38:9e:95:
5d:94:11:29:4b:18:b7:7b:a6:6f:66:de:5a:0b:92:fa:78:93:
d4:74:14:ee:b2:13:3f:17:da:4f:f0:97:4c:3f:62:7c:e0:85:
69:a5:0a:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZJ8VYQTaD6HfXlgyFvoJCpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMDExMTYwNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI2NTEzMzc4NzgwMmMzMjM1YWYxZGE5MzYyYWI5YTEyZDU0MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvGsZ/zzyc53x4JuMkBkXpq3Pcj/
p1tCg29OYkHyFQ4c9HWZkP3cOc0NDgJiJ0SaHO+Tnme4sCaVvX28lxnMDYpFRP7e
dXxTacvIeibnw6oM8k+BnmMuB1xmeVDputQGxWPMxz9VSMt99Fwp8alH0tgLTLw2
27TSYmJz68GhvSX5HVaYnFnc47Dgbjs07vJUszvhTRsDMHABjs52MCAWYg6lGktj
EkKqIDFzeq2j2B+4+S79shq2LmGZegOYUoXGykKqJoRzcy0POOraFbwvPlFzD/Cu
KbyUlVtblQMucr/eP7+TOpa56DOvBN6cPstVLM+IhSjww1b99Oiwo0yJaQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE22UTN4eALDI1rx2pNiq5oS1UAlMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvVGJaUk0zaDRBc01qV3ZIYWsyS3JtaExWUUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgHpAADw
MA0GCSqGSIb3DQEBCwUAA4IBAQAHFpJ1FVgHHrynmhfwLmSEnA6/Aku4X1Kproez
VNVeQckWDmdVnaWaLAZOET8CfoF3oagAL0eB0rFvtVrTCBp7k9YMs/Q8nndVYAVM
Y3WzzlZUbZGow9bfrwyQPdi0C307Erni+cmxls76w5ySw7zO7mqBxiimWrKcxzwG
zyKco1UDqB6kxHPTzWYEKc7286zVaVUSZeLzPS0KxUkaG5k8QAw+mOhcr+xSBhK2
nzUoAExm7Oe8T5N347kmvsTIy42bQ2bDBXgV9WZrzWy/W7+mB+yo9Hk4npVdlBEp
Sxi3e6ZvZt5aC5L6eJPUdBTushM/F9pP8JdMP2J84IVppQpw
-----END CERTIFICATE-----
Generated at Tue Nov 12 22:43:09 2024 by rpki-client on console-fra.rpki-client.org