Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/xFjtl4EbfgRcr8YCbGiiwZbihqk.roa
File: xFjtl4EbfgRcr8YCbGiiwZbihqk.roa (raw, json)
Hash identifier: T7WS3OUKYwBABdHgljmlTQydFPQNe0dXXPXlVj0NdxA=
Subject key identifier: C4:58:ED:97:81:1B:7E:04:5C:AF:C6:02:6C:68:A2:C1:96:E2:86:A9
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 01934DF3BA9D42ED9CAFD6212A57196DA6FE
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/xFjtl4EbfgRcr8YCbGiiwZbihqk.roa
Signing time: Thu 21 Nov 2024 09:00:38 +0000
ROA not before: Thu 21 Nov 2024 09:00:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210348
IP address blocks: 2a01:e901:10c::/48 maxlen: 48
2a01:e901:11c::/48 maxlen: 48
2a01:e901:12c::/48 maxlen: 48
2a01:e901:13c::/48 maxlen: 48
2a01:e901:14c::/48 maxlen: 48
2a01:e901:15c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:f3:ba:9d:42:ed:9c:af:d6:21:2a:57:19:6d:a6:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Nov 21 09:00:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c458ed97811b7e045cafc6026c68a2c196e286a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f0:60:d7:20:51:2b:4e:61:e4:1f:1e:d0:d1:
1c:a4:c9:c6:cd:f3:78:d2:bb:66:23:f2:42:de:db:
65:8d:ec:6a:18:68:03:07:e4:66:c1:8e:ad:71:17:
91:d9:aa:c3:96:e8:50:bf:5f:e3:b8:60:43:38:2f:
14:99:3a:26:a7:73:df:cb:71:b1:ad:ff:ab:40:50:
e7:86:ea:10:a6:99:13:26:5e:1b:fb:20:dc:96:42:
f6:6c:ea:99:4a:59:b5:81:0a:4d:41:0e:ca:7d:78:
47:8b:0f:66:0d:2f:00:f5:d1:4d:9a:f5:d5:0a:34:
4b:33:3e:e9:db:91:f1:01:42:dd:6a:79:ac:6a:e9:
0d:6d:1a:7b:60:f6:e7:6d:77:6d:3f:02:20:e0:8f:
bc:5c:6d:c8:98:33:55:12:1a:50:87:51:96:43:b9:
39:91:4e:92:ab:15:df:c3:3a:c3:55:0a:9f:82:c7:
e1:50:48:52:73:96:8e:34:b0:06:73:55:33:84:3e:
26:3a:d5:60:b8:28:03:fc:db:2f:30:a5:59:f2:22:
21:be:49:59:09:88:a8:89:60:4c:7e:23:37:e0:fc:
d2:4c:46:53:31:b3:f5:20:5a:63:03:50:60:c8:0d:
e1:42:8f:b8:4c:4e:a3:86:19:13:96:dd:a9:6f:57:
32:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:58:ED:97:81:1B:7E:04:5C:AF:C6:02:6C:68:A2:C1:96:E2:86:A9
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/xFjtl4EbfgRcr8YCbGiiwZbihqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:10c::/48
2a01:e901:11c::/48
2a01:e901:12c::/48
2a01:e901:13c::/48
2a01:e901:14c::/48
2a01:e901:15c::/48
Signature Algorithm: sha256WithRSAEncryption
24:46:36:53:03:f1:4d:6f:50:60:96:79:5e:cf:c0:76:8e:6c:
13:1f:06:a5:ee:34:33:3d:77:fc:2a:94:1f:8b:8c:1b:9e:d3:
97:e7:61:1d:8a:e5:7c:6a:19:ae:f2:47:f1:12:db:ff:bd:01:
a0:08:35:e3:9b:aa:31:2d:0e:c2:0b:13:57:0a:13:80:25:2e:
76:18:92:21:49:63:b6:1e:56:d9:8d:5c:8c:0e:f0:4d:4c:0c:
bb:7b:55:d9:f1:45:3a:71:37:af:c2:6f:9b:b4:17:e6:e0:3f:
f5:fc:63:e2:63:80:19:7f:5f:bd:59:ee:fd:93:ed:c3:1d:7d:
31:5e:de:3c:f5:f7:8e:f5:88:50:b1:d9:15:41:49:13:8a:e0:
9a:82:62:75:13:b8:2d:77:f6:d7:b6:54:67:74:c4:93:e8:b0:
51:b9:2c:e4:7b:a3:e6:69:84:c8:e5:45:4d:9b:a9:c8:15:46:
5e:10:ee:c5:b3:c8:97:c3:d5:6d:48:0a:20:06:9d:a5:a8:a4:
30:b4:46:e6:d1:f5:b4:0e:69:c0:2c:52:8e:6f:35:61:35:b2:
80:74:62:18:c1:cb:ed:5b:9e:22:bd:e3:55:1f:c2:cb:9f:18:
8c:af:82:ef:ee:2c:25:ee:dd:8f:d3:20:ea:6d:b7:bf:ee:43:
40:0d:3a:d4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNN87qdQu2cr9YhKlcZbab+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjQxMTIxMDkwMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDU4ZWQ5NzgxMWI3ZTA0NWNhZmM2MDI2YzY4YTJjMTk2ZTI4NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/Bg1yBRK05h5B8e0NEcpMnGzfN4
0rtmI/JC3ttljexqGGgDB+RmwY6tcReR2arDluhQv1/juGBDOC8UmTomp3Pfy3Gx
rf+rQFDnhuoQppkTJl4b+yDclkL2bOqZSlm1gQpNQQ7KfXhHiw9mDS8A9dFNmvXV
CjRLMz7p25HxAULdanmsaukNbRp7YPbnbXdtPwIg4I+8XG3ImDNVEhpQh1GWQ7k5
kU6SqxXfwzrDVQqfgsfhUEhSc5aONLAGc1UzhD4mOtVguCgD/NsvMKVZ8iIhvklZ
CYioiWBMfiM34PzSTEZTMbP1IFpjA1BgyA3hQo+4TE6jhhkTlt2pb1cy/QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMRY7ZeBG34EXK/GAmxoosGW4oapMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEveEZqdGw0RWJmZ1JjcjhZQ2JHaWl3WmJpaHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEM
AwcAKgHpAQEcAwcAKgHpAQEsAwcAKgHpAQE8AwcAKgHpAQFMAwcAKgHpAQFcMA0G
CSqGSIb3DQEBCwUAA4IBAQAkRjZTA/FNb1Bglnlez8B2jmwTHwal7jQzPXf8KpQf
i4wbntOX52EdiuV8ahmu8kfxEtv/vQGgCDXjm6oxLQ7CCxNXChOAJS52GJIhSWO2
HlbZjVyMDvBNTAy7e1XZ8UU6cTevwm+btBfm4D/1/GPiY4AZf1+9We79k+3DHX0x
Xt489feO9YhQsdkVQUkTiuCagmJ1E7gtd/bXtlRndMST6LBRuSzke6PmaYTI5UVN
m6nIFUZeEO7Fs8iXw9VtSAogBp2lqKQwtEbm0fW0DmnALFKObzVhNbKAdGIYwcvt
W54iveNVH8LLnxiMr4Lv7iwl7t2P0yDqbbe/7kNADTrU
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:06:16 2024 by rpki-client on console-fra.rpki-client.org