Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/jpwBe-AkRq2dy_PULOnXHQ9Ycs0.roa
File: jpwBe-AkRq2dy_PULOnXHQ9Ycs0.roa (raw, json)
Hash identifier: CD+U4XQaiXctHnizntcTVPzR91HUW5c2OzChIkv3V24=
Subject key identifier: 8E:9C:01:7B:E0:24:46:AD:9D:CB:F3:D4:2C:E9:D7:1D:0F:58:72:CD
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3B9E7B11273865C2C0661A6AC1C88
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/jpwBe-AkRq2dy_PULOnXHQ9Ycs0.roa
Signing time: Thu 21 Nov 2024 09:00:38 +0000
ROA not before: Thu 21 Nov 2024 09:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210335
IP address blocks: 2a01:e901:10b::/48 maxlen: 48
2a01:e901:11b::/48 maxlen: 48
2a01:e901:12b::/48 maxlen: 48
2a01:e901:13b::/48 maxlen: 48
2a01:e901:14b::/48 maxlen: 48
2a01:e901:15b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:b9:e7:b1:12:73:86:5c:2c:06:61:a6:ac:1c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e9c017be02446ad9dcbf3d42ce9d71d0f5872cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:bf:a5:7d:ff:c7:2f:ac:e4:13:cf:9e:69:2f:
d6:bb:8d:ee:88:0b:32:85:8e:10:60:24:4f:82:4b:
e5:36:f8:bd:5a:eb:be:ea:9a:89:f7:6d:01:c4:a0:
b1:bc:9c:13:81:a7:1f:f2:b7:b0:d6:c8:44:17:d3:
68:68:4d:14:96:aa:a9:f9:df:36:4e:90:d1:85:c7:
fc:8f:88:f6:45:86:83:1a:d7:f4:78:1c:c4:96:7d:
fd:c7:ca:2c:b3:3e:e4:94:07:68:82:fb:47:f7:90:
2f:eb:35:d9:76:be:8c:90:88:e1:65:3d:fa:66:2c:
29:7c:b4:97:34:04:8f:e1:56:58:5f:10:4b:b9:96:
04:a5:2e:78:44:a0:54:c8:9c:ba:0c:c2:2a:df:21:
29:89:a2:04:a6:67:85:de:15:ea:9a:ff:06:7d:37:
68:f2:29:7f:aa:71:1d:89:27:5e:e9:78:86:a5:ea:
d3:ce:eb:6b:91:6b:38:07:b3:fd:95:1a:d8:57:1f:
33:71:01:bc:bf:ba:50:9b:65:13:e4:b9:6c:aa:58:
04:71:54:12:22:6e:bf:19:49:5a:82:c8:24:bd:fe:
71:18:63:da:5c:0d:d4:5a:2b:2c:65:05:dc:be:18:
87:d9:fc:23:92:10:36:74:43:48:0a:5d:21:be:b1:
89:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:9C:01:7B:E0:24:46:AD:9D:CB:F3:D4:2C:E9:D7:1D:0F:58:72:CD
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/jpwBe-AkRq2dy_PULOnXHQ9Ycs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10b::/48
2a01:e901:11b::/48
2a01:e901:12b::/48
2a01:e901:13b::/48
2a01:e901:14b::/48
2a01:e901:15b::/48
Signature Algorithm: sha256WithRSAEncryption
9d:4f:3c:5a:c4:85:ef:d3:7f:d8:3f:54:70:ca:0d:24:23:33:
01:01:f5:ce:c7:db:66:04:eb:a5:85:0c:71:3b:5b:1a:47:95:
5f:d6:06:78:54:67:f6:98:fe:2f:26:a4:df:76:85:eb:c0:00:
e1:b7:a5:a9:87:1b:cd:a1:41:05:c1:16:98:f4:d7:55:f3:08:
75:b6:db:a1:d6:1a:5e:3a:c5:21:68:fb:10:23:28:2e:92:9e:
8a:df:76:ac:66:40:e9:01:53:7b:bc:3f:df:79:f2:23:e7:d5:
06:9e:a5:13:15:f8:b5:88:a0:05:8f:ee:57:1e:d2:97:7a:73:
cd:50:27:2a:7f:fc:61:e1:d6:c4:ad:54:58:72:4b:46:01:37:
47:48:fe:b3:58:4e:ee:aa:27:cd:e5:d8:82:93:c3:c4:68:4d:
a3:d8:b6:5b:69:e8:39:ae:8b:f8:7a:3c:4b:a2:51:4d:63:b9:
99:08:49:6a:e5:4a:8d:86:ba:56:0a:3d:71:04:d2:3e:22:2d:
41:b9:b0:cb:62:d8:35:c2:f2:3f:1d:73:51:86:2b:13:84:27:
91:b3:45:c9:b4:98:0d:b0:57:e7:5a:92:62:72:b4:1c:be:e1:
03:ff:bf:41:9f:64:92:29:bb:6e:6f:55:b6:f7:9f:92:ca:6e:
5c:64:db:2e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87nnsRJzhlwsBmGmrByIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTljMDE3YmUwMjQ0NmFkOWRjYmYzZDQyY2U5ZDcxZDBmNTg3MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7L+lff/HL6zkE8+eaS/Wu43uiAsy
hY4QYCRPgkvlNvi9Wuu+6pqJ920BxKCxvJwTgacf8rew1shEF9NoaE0Ulqqp+d82
TpDRhcf8j4j2RYaDGtf0eBzEln39x8ossz7klAdogvtH95Av6zXZdr6MkIjhZT36
ZiwpfLSXNASP4VZYXxBLuZYEpS54RKBUyJy6DMIq3yEpiaIEpmeF3hXqmv8GfTdo
8il/qnEdiSde6XiGperTzutrkWs4B7P9lRrYVx8zcQG8v7pQm2UT5LlsqlgEcVQS
Im6/GUlagsgkvf5xGGPaXA3UWissZQXcvhiH2fwjkhA2dENICl0hvrGJNwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFI6cAXvgJEatncvz1Czp1x0PWHLNMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvanB3QmUtQWtScTJkeV9QVUxPblhIUTlZY3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEL
AwcAKgHpAQEbAwcAKgHpAQErAwcAKgHpAQE7AwcAKgHpAQFLAwcAKgHpAQFbMA0G
CSqGSIb3DQEBCwUAA4IBAQCdTzxaxIXv03/YP1Rwyg0kIzMBAfXOx9tmBOulhQxx
O1saR5Vf1gZ4VGf2mP4vJqTfdoXrwADht6WphxvNoUEFwRaY9NdV8wh1ttuh1hpe
OsUhaPsQIygukp6K33asZkDpAVN7vD/fefIj59UGnqUTFfi1iKAFj+5XHtKXenPN
UCcqf/xh4dbErVRYcktGATdHSP6zWE7uqifN5diCk8PEaE2j2LZbaeg5rov4ejxL
olFNY7mZCElq5UqNhrpWCj1xBNI+Ii1BubDLYtg1wvI/HXNRhisThCeRs0XJtJgN
sFfnWpJicrQcvuED/79Bn2SSKbtub1W295+Sym5cZNsu
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:26:59 2024 by rpki-client on console-fra.rpki-client.org