Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/q9QeyXVMOh7Bw6F12FgkOG8XU20.roa
File: q9QeyXVMOh7Bw6F12FgkOG8XU20.roa (raw, json)
Hash identifier: /tkv7wh2jsgwU2nC/XJnDZ4g0lyUP/zwCc9mpkzQtdc=
Subject key identifier: AB:D4:1E:C9:75:4C:3A:1E:C1:C3:A1:75:D8:58:24:38:6F:17:53:6D
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE82D632067CCB9EE664F10A7A4E3A
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/q9QeyXVMOh7Bw6F12FgkOG8XU20.roa
Signing time: Tue 02 Jan 2024 06:31:14 +0000
ROA not before: Tue 02 Jan 2024 06:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44364
IP address blocks: 2a09:cc0::/48 maxlen: 48
2a09:9d40::/48 maxlen: 48
2a09:1240::/48 maxlen: 48
2a09:9dc0::/48 maxlen: 48
2a09:4740::/48 maxlen: 48
2a09:a080::/48 maxlen: 48
2a09:9e40::/48 maxlen: 48
2a09:47c0::/48 maxlen: 48
2a09:9cc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:82:d6:32:06:7c:cb:9e:e6:64:f1:0a:7a:4e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abd41ec9754c3a1ec1c3a175d85824386f17536d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5f:5d:4e:0c:c7:1c:70:17:a2:94:82:96:71:
15:89:0d:59:20:d1:00:a5:55:35:71:fa:51:4f:25:
95:52:df:d3:90:a7:4c:db:7c:0a:7c:d6:6c:b6:8e:
cc:67:bc:c2:70:6e:e4:68:68:1e:2c:d0:d2:bc:aa:
26:a7:7a:0f:a2:09:c4:2e:4c:b8:cd:75:8e:a3:41:
f4:ec:e0:85:a9:32:cd:40:9f:97:30:78:a5:3b:17:
60:87:97:a8:ae:47:03:41:e2:cc:03:5b:45:89:62:
86:5d:c4:45:b8:50:86:a8:c9:84:05:1c:5e:05:0c:
97:91:b0:df:ad:d9:f1:b5:80:12:75:ec:db:5a:c0:
89:a3:02:19:d8:18:13:5f:ae:9c:ae:45:ab:be:b1:
bc:d4:1a:1e:58:f7:6d:27:17:b9:51:22:f0:24:96:
2d:8a:06:a8:c5:08:d4:94:35:bd:89:c6:a1:41:36:
13:e8:21:54:1a:4f:06:a0:84:27:40:f8:ed:2d:46:
7e:ca:ee:35:4f:24:b0:bd:4a:7c:24:07:3f:f2:b9:
81:19:34:5d:76:35:11:ae:fa:a9:80:a7:b5:6a:34:
83:0d:b9:6d:5d:e4:2e:22:d9:5f:ed:d7:7b:14:a2:
d5:d0:56:65:32:73:2a:1e:32:eb:a6:57:b8:06:63:
be:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D4:1E:C9:75:4C:3A:1E:C1:C3:A1:75:D8:58:24:38:6F:17:53:6D
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/q9QeyXVMOh7Bw6F12FgkOG8XU20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:cc0::/48
2a09:1240::/48
2a09:4740::/48
2a09:47c0::/48
2a09:9cc0::/48
2a09:9d40::/48
2a09:9dc0::/48
2a09:9e40::/48
2a09:a080::/48
Signature Algorithm: sha256WithRSAEncryption
c6:39:79:e1:92:c9:3a:df:6a:46:70:f6:96:44:f9:df:82:fc:
fb:c5:66:4f:62:c6:1e:8b:b5:a9:d5:6e:f9:1d:83:e2:70:dd:
9e:46:df:01:d5:e9:22:8d:db:cf:21:98:cd:16:08:b9:0c:ff:
34:15:c0:b9:ab:89:0f:c7:42:76:f2:14:86:8e:4f:ba:8f:c2:
3a:e2:5c:82:5a:81:4e:6e:77:b6:46:13:2e:3a:92:d8:c3:a1:
1e:09:e3:36:aa:03:81:d3:78:6b:1d:51:f0:44:d7:52:66:70:
8b:59:68:6d:f0:94:b7:f3:34:9d:20:8a:0b:d3:d7:38:76:59:
aa:c7:27:ca:7b:6a:79:c4:26:77:21:e9:aa:8e:5c:e0:22:34:
03:eb:76:44:f8:47:6e:da:e6:84:e7:00:04:b1:84:d3:93:4e:
c6:26:15:25:e9:fd:35:7d:16:d1:85:44:06:d8:d9:51:cd:8d:
8f:c6:2b:7f:c9:3d:44:14:23:a0:af:ec:fb:cf:86:ea:5a:35:
56:8c:36:33:a8:78:81:78:8f:da:06:17:b9:22:a7:39:e4:30:
27:ad:3d:00:a4:c7:46:c2:6b:34:7d:d7:8c:e6:f2:74:c0:c3:
f3:17:57:2c:3f:9f:9a:8a:f6:7e:7f:b7:2d:31:0c:1e:a7:e5:
71:5c:d8:32
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzI3oLWMgZ8y57mZPEKek46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQ0MWVjOTc1NGMzYTFlYzFjM2ExNzVkODU4MjQzODZmMTc1MzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi19dTgzHHHAXopSClnEViQ1ZINEA
pVU1cfpRTyWVUt/TkKdM23wKfNZsto7MZ7zCcG7kaGgeLNDSvKomp3oPognELky4
zXWOo0H07OCFqTLNQJ+XMHilOxdgh5eorkcDQeLMA1tFiWKGXcRFuFCGqMmEBRxe
BQyXkbDfrdnxtYASdezbWsCJowIZ2BgTX66crkWrvrG81BoeWPdtJxe5USLwJJYt
igaoxQjUlDW9icahQTYT6CFUGk8GoIQnQPjtLUZ+yu41TySwvUp8JAc/8rmBGTRd
djURrvqpgKe1ajSDDbltXeQuItlf7dd7FKLV0FZlMnMqHjLrple4BmO+zwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFKvUHsl1TDoewcOhddhYJDhvF1NtMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcTlRZXlYVk1PaDdCdzZGMTJGZ2tPRzhYVTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwcAKgkMwAAA
AwcAKgkSQAAAAwcAKglHQAAAAwcAKglHwAAAAwcAKgmcwAAAAwcAKgmdQAAAAwcA
KgmdwAAAAwcAKgmeQAAAAwcAKgmggAAAMA0GCSqGSIb3DQEBCwUAA4IBAQDGOXnh
ksk632pGcPaWRPnfgvz7xWZPYsYei7Wp1W75HYPicN2eRt8B1ekijdvPIZjNFgi5
DP80FcC5q4kPx0J28hSGjk+6j8I64lyCWoFObne2RhMuOpLYw6EeCeM2qgOB03hr
HVHwRNdSZnCLWWht8JS38zSdIIoL09c4dlmqxyfKe2p5xCZ3IemqjlzgIjQD63ZE
+Edu2uaE5wAEsYTTk07GJhUl6f01fRbRhUQG2NlRzY2Pxit/yT1EFCOgr+z7z4bq
WjVWjDYzqHiBeI/aBhe5Iqc55DAnrT0ApMdGwms0fdeM5vJ0wMPzF1csP5+aivZ+
f7ctMQwep+VxXNgy
-----END CERTIFICATE-----
Generated at Wed May 8 16:51:44 2024 by rpki-client on console-fra.rpki-client.org