Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iC9ezub5GESJYOPbA-aJUoYdyDk.roa
File: iC9ezub5GESJYOPbA-aJUoYdyDk.roa (raw, json)
Hash identifier: XTbvjRrxLs1HohPfOI6DUN6vMsqi1ZfN+toBrfSX1iU=
Subject key identifier: 88:2F:5E:CE:E6:F9:18:44:89:60:E3:DB:03:E6:89:52:86:1D:C8:39
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018CC26D6130D1AC48A57E0E4AE3A2A85718
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iC9ezub5GESJYOPbA-aJUoYdyDk.roa
Signing time: Mon 01 Jan 2024 00:29:57 +0000
ROA not before: Mon 01 Jan 2024 00:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11831
IP address blocks: 2a11:840:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:61:30:d1:ac:48:a5:7e:0e:4a:e3:a2:a8:57:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 1 00:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=882f5ecee6f918448960e3db03e68952861dc839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4d:c5:8e:53:15:9a:73:61:d5:fd:4c:13:90:
57:80:90:b1:d8:bc:5c:6d:25:2f:c1:68:c5:29:b9:
13:ba:35:b9:de:d3:59:a8:ff:ca:5d:9a:18:41:f3:
af:21:f3:25:99:0a:32:eb:00:05:66:12:bd:b5:6d:
6f:6e:b7:bb:04:83:af:70:ee:35:99:38:98:2f:7e:
70:89:d4:f3:fe:f0:87:5b:fe:23:22:a4:1d:d8:aa:
e9:78:d6:2a:48:a5:f4:35:37:e3:fd:b7:9f:bb:22:
4c:a3:74:fa:d1:67:73:5e:ac:41:09:0a:27:f8:37:
02:c0:4e:5e:05:81:09:e7:0c:9d:89:94:1a:8f:a2:
55:66:09:72:76:b3:f2:0e:3b:7c:64:a7:59:34:43:
7e:ad:d0:f6:7b:ed:51:42:6f:9c:9c:6c:ef:9e:17:
8a:46:f8:2f:be:76:bd:cd:f7:d5:1f:c4:64:e1:7c:
37:6e:fa:fe:cc:34:6e:c8:1f:a8:c9:13:1e:16:d7:
b9:73:de:65:f0:03:57:ab:b6:13:94:6b:1c:4b:c9:
12:ed:f7:41:74:8a:29:09:dd:cc:6e:d5:f0:78:76:
10:08:30:38:fe:4b:24:20:de:e5:1c:b4:2a:3a:81:
19:a1:f0:f3:e1:c0:44:6e:bc:71:2b:f0:7f:29:89:
60:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2F:5E:CE:E6:F9:18:44:89:60:E3:DB:03:E6:89:52:86:1D:C8:39
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iC9ezub5GESJYOPbA-aJUoYdyDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:31::/48
Signature Algorithm: sha256WithRSAEncryption
84:b6:85:cd:8e:c1:f2:86:23:80:08:1a:b2:17:d8:e5:84:ec:
ef:74:46:40:68:3f:3c:26:f1:f9:75:64:46:72:57:be:3a:cb:
e7:6a:9d:7e:d4:d8:cb:3c:d4:45:e7:3f:97:c8:8f:d4:5d:ce:
0b:c2:bd:1c:9a:3b:b6:9e:7b:d4:24:d2:00:c5:f8:13:d9:94:
f8:33:a4:90:8f:e5:88:14:be:40:bd:bd:13:f4:06:95:c6:e3:
66:e9:e2:32:7a:42:20:a6:46:7c:67:de:cc:34:a0:a1:15:67:
86:8f:a2:15:d2:e8:c5:33:4a:3d:4f:61:43:df:a2:d5:29:e3:
b3:b3:6a:9d:62:70:8e:cd:6a:02:a1:9e:5f:56:0b:81:05:0a:
1e:32:02:5a:ec:3f:e7:48:10:1c:2c:b7:42:ea:78:a8:f0:7b:
84:34:1d:f2:9b:0d:54:a3:6f:ef:34:f8:1c:57:e7:ba:4e:67:
45:e2:db:a3:a1:88:a5:6f:d9:e5:a1:28:a1:42:34:6f:16:ad:
62:c2:77:2a:30:5c:26:00:2f:a9:33:4b:1e:8d:70:9e:7f:c0:
56:96:e4:97:0a:f6:0e:c4:f2:47:5d:b4:25:04:9f:e9:53:4d:
b9:de:a0:eb:2c:74:38:3f:6a:50:34:7a:32:d7:61:18:cd:03:
f4:41:c1:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbWEw0axIpX4OSuOiqFcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMTAxMDAyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODJmNWVjZWU2ZjkxODQ0ODk2MGUzZGIwM2U2ODk1Mjg2MWRjODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs03FjlMVmnNh1f1ME5BXgJCx2Lxc
bSUvwWjFKbkTujW53tNZqP/KXZoYQfOvIfMlmQoy6wAFZhK9tW1vbre7BIOvcO41
mTiYL35widTz/vCHW/4jIqQd2KrpeNYqSKX0NTfj/befuyJMo3T60WdzXqxBCQon
+DcCwE5eBYEJ5wydiZQaj6JVZglydrPyDjt8ZKdZNEN+rdD2e+1RQm+cnGzvnheK
Rvgvvna9zffVH8Rk4Xw3bvr+zDRuyB+oyRMeFte5c95l8ANXq7YTlGscS8kS7fdB
dIopCd3MbtXweHYQCDA4/kskIN7lHLQqOoEZofDz4cBEbrxxK/B/KYlg0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIgvXs7m+RhEiWDj2wPmiVKGHcg5MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvaUM5ZXp1YjVHRVNKWU9QYkEtYUpVb1lkeURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAx
MA0GCSqGSIb3DQEBCwUAA4IBAQCEtoXNjsHyhiOACBqyF9jlhOzvdEZAaD88JvH5
dWRGcle+Osvnap1+1NjLPNRF5z+XyI/UXc4Lwr0cmju2nnvUJNIAxfgT2ZT4M6SQ
j+WIFL5Avb0T9AaVxuNm6eIyekIgpkZ8Z97MNKChFWeGj6IV0ujFM0o9T2FD36LV
KeOzs2qdYnCOzWoCoZ5fVguBBQoeMgJa7D/nSBAcLLdC6nio8HuENB3ymw1Uo2/v
NPgcV+e6TmdF4tujoYilb9nloSihQjRvFq1iwncqMFwmAC+pM0sejXCef8BWluSX
CvYOxPJHXbQlBJ/pU0253qDrLHQ4P2pQNHoy12EYzQP0QcFX
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:21 2024 by rpki-client on console-fra.rpki-client.org