Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/13072f-178d-4f0c-9ffb-4dbe10c3a71f/1/lUx5mweCAQ9aQFEXApbjsHXXbj8.roa
File: lUx5mweCAQ9aQFEXApbjsHXXbj8.roa (raw, json)
Hash identifier: b9NhYqcxOMxLaBtIZmglA9FnWF2fYanpLgaO4V+0ZD8=
Subject key identifier: 95:4C:79:9B:07:82:01:0F:5A:40:51:17:02:96:E3:B0:75:D7:6E:3F
Certificate issuer: /CN=e80ec31635f4d91bb11312ba0a3465c18f233f68
Certificate serial: 0192B4F60E4113E78EE6E5BA716C84756079
Authority key identifier: E8:0E:C3:16:35:F4:D9:1B:B1:13:12:BA:0A:34:65:C1:8F:23:3F:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6A7DFjX02RuxExK6CjRlwY8jP2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/13072f-178d-4f0c-9ffb-4dbe10c3a71f/1/lUx5mweCAQ9aQFEXApbjsHXXbj8.roa
Signing time: Tue 22 Oct 2024 16:01:17 +0000
ROA not before: Tue 22 Oct 2024 16:01:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 2a10:ed40::/48 maxlen: 48
2a10:ed40:1::/48 maxlen: 48
2a10:ed40:2::/48 maxlen: 48
2a10:ed40:3::/48 maxlen: 48
2a10:ed40:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/13072f-178d-4f0c-9ffb-4dbe10c3a71f/1/6A7DFjX02RuxExK6CjRlwY8jP2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/13072f-178d-4f0c-9ffb-4dbe10c3a71f/1/6A7DFjX02RuxExK6CjRlwY8jP2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/6A7DFjX02RuxExK6CjRlwY8jP2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:f6:0e:41:13:e7:8e:e6:e5:ba:71:6c:84:75:60:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e80ec31635f4d91bb11312ba0a3465c18f233f68
Validity
Not Before: Oct 22 16:01:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=954c799b0782010f5a4051170296e3b075d76e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dc:8c:e4:13:37:37:59:8e:5a:56:99:18:4f:
6d:84:50:95:d6:b2:d7:96:ee:5f:1e:ff:75:10:11:
a2:bc:7f:c2:53:04:61:67:ff:df:c9:41:c8:63:ec:
8d:8f:26:7c:c1:99:6e:65:43:b5:e1:bd:1c:58:25:
c8:99:72:50:0e:73:cd:76:fb:26:3d:fd:cb:bd:87:
1f:08:ed:d9:80:a6:95:cf:d6:95:f4:c2:e4:4d:29:
a4:1d:90:a1:87:25:fa:54:0c:8f:2f:52:12:50:70:
f3:f6:97:82:f2:de:19:ae:aa:22:55:8c:7e:1c:5b:
d8:d8:1d:8e:82:b8:35:31:ab:5d:4f:fe:e9:16:a6:
3a:7e:40:cd:d1:0e:50:c4:20:f1:73:12:01:02:1f:
9c:70:48:e2:5f:43:b7:7c:0a:a7:aa:6e:73:18:f4:
ec:7d:78:9a:75:19:00:96:58:b5:60:1e:ab:09:b5:
1f:43:88:a8:63:be:1c:13:f4:f2:42:f1:b7:79:9d:
b8:67:b5:60:92:a3:a8:fa:70:a8:e4:fc:61:f7:fb:
4e:f3:8a:06:4f:c5:a6:7f:bd:24:f8:a9:40:ea:ba:
dd:6c:f9:2a:b4:b5:a1:a3:ab:54:c9:7e:7f:7c:f5:
fb:09:f6:64:c3:58:03:87:84:ae:e4:b0:8e:c6:0a:
f0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4C:79:9B:07:82:01:0F:5A:40:51:17:02:96:E3:B0:75:D7:6E:3F
X509v3 Authority Key Identifier:
keyid:E8:0E:C3:16:35:F4:D9:1B:B1:13:12:BA:0A:34:65:C1:8F:23:3F:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6A7DFjX02RuxExK6CjRlwY8jP2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/13072f-178d-4f0c-9ffb-4dbe10c3a71f/1/lUx5mweCAQ9aQFEXApbjsHXXbj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/13072f-178d-4f0c-9ffb-4dbe10c3a71f/1/6A7DFjX02RuxExK6CjRlwY8jP2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ed40::-2a10:ed40:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a9:95:21:97:33:59:03:67:47:03:40:de:57:d3:bc:c9:dc:1e:
72:3d:61:0a:25:d2:c8:60:05:0c:a1:f8:eb:88:e9:be:2d:d0:
0b:49:b6:45:8f:34:9a:74:7b:59:89:6e:44:7c:82:f1:b7:6c:
a0:a9:d5:a2:56:8d:4b:82:d8:17:57:10:72:d0:11:77:fb:90:
03:2b:64:2f:2e:96:44:21:9b:89:47:6b:32:57:06:b1:95:2f:
e9:f9:8a:04:fa:0b:3b:df:07:8e:6e:e0:50:2e:c4:8b:d0:91:
a5:cc:4f:49:e5:03:2c:55:c0:c9:c0:4f:ea:28:df:1f:9a:c8:
14:59:b7:af:a9:46:2d:62:26:da:53:d8:72:81:4d:2e:24:d3:
56:b9:9c:ab:da:aa:27:e0:d9:fd:14:02:8f:54:c8:53:c1:bc:
ae:cb:28:8b:56:8a:b9:fb:d3:b5:d7:6c:6a:79:f0:19:a4:2a:
30:59:0d:38:a3:e1:2e:e6:a6:20:c6:0f:19:58:46:e5:31:26:
cf:33:82:41:20:93:00:e1:10:66:ce:e7:b6:27:c0:66:d8:eb:
97:75:15:95:64:f7:46:3a:03:d4:32:36:33:d3:32:c7:0c:55:
7a:ad:5a:40:3e:2f:b8:d6:7e:bc:81:3f:dc:91:cf:c1:ad:2b:
24:b0:12:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK09g5BE+eO5uW6cWyEdWB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MGVjMzE2MzVmNGQ5MWJiMTEzMTJiYTBhMzQ2NWMxOGYy
MzNmNjgwHhcNMjQxMDIyMTYwMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRjNzk5YjA3ODIwMTBmNWE0MDUxMTcwMjk2ZTNiMDc1ZDc2ZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59yM5BM3N1mOWlaZGE9thFCV1rLX
lu5fHv91EBGivH/CUwRhZ//fyUHIY+yNjyZ8wZluZUO14b0cWCXImXJQDnPNdvsm
Pf3LvYcfCO3ZgKaVz9aV9MLkTSmkHZChhyX6VAyPL1ISUHDz9peC8t4ZrqoiVYx+
HFvY2B2Ogrg1MatdT/7pFqY6fkDN0Q5QxCDxcxIBAh+ccEjiX0O3fAqnqm5zGPTs
fXiadRkAlli1YB6rCbUfQ4ioY74cE/TyQvG3eZ24Z7VgkqOo+nCo5Pxh9/tO84oG
T8Wmf70k+KlA6rrdbPkqtLWho6tUyX5/fPX7CfZkw1gDh4Su5LCOxgrw5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJVMeZsHggEPWkBRFwKW47B1124/MB8GA1UdIwQY
MBaAFOgOwxY19NkbsRMSugo0ZcGPIz9oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkE3REZqWDAyUnV4RXhLNkNqUmx3WThqUDJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xMzA3MmYtMTc4ZC00ZjBjLTlmZmIt
NGRiZTEwYzNhNzFmLzEvbFV4NW13ZUNBUTlhUUZFWEFwYmpzSFhYYmo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xMzA3MmYtMTc4ZC00ZjBjLTlmZmItNGRiZTEwYzNhNzFm
LzEvNkE3REZqWDAyUnV4RXhLNkNqUmx3WThqUDJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqEO1A
AwcAKhDtQAAEMA0GCSqGSIb3DQEBCwUAA4IBAQCplSGXM1kDZ0cDQN5X07zJ3B5y
PWEKJdLIYAUMofjriOm+LdALSbZFjzSadHtZiW5EfILxt2ygqdWiVo1LgtgXVxBy
0BF3+5ADK2QvLpZEIZuJR2syVwaxlS/p+YoE+gs73weObuBQLsSL0JGlzE9J5QMs
VcDJwE/qKN8fmsgUWbevqUYtYibaU9hygU0uJNNWuZyr2qon4Nn9FAKPVMhTwbyu
yyiLVoq5+9O112xqefAZpCowWQ04o+Eu5qYgxg8ZWEblMSbPM4JBIJMA4RBmzue2
J8Bm2OuXdRWVZPdGOgPUMjYz0zLHDFV6rVpAPi+41n68gT/ckc/BrSsksBKi
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:41 2024 by rpki-client on console-fra.rpki-client.org