Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/1-m2O2KqpQZj1TqZftPeZN6Atlak.roa
File: 1-m2O2KqpQZj1TqZftPeZN6Atlak.roa (raw, json)
Hash identifier: WjsW6bpAWyru4dmzzqi8ayoIbRDN0n7vGVxepfoOuC0=
Subject key identifier: FA:6D:8E:D8:AA:A9:41:98:F5:4E:A6:5F:B4:F7:99:37:A0:2D:95:A9
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 018CC64B1C698B4B8ED7CB5E415852B5D782
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/1-m2O2KqpQZj1TqZftPeZN6Atlak.roa
Signing time: Mon 01 Jan 2024 18:31:00 +0000
ROA not before: Mon 01 Jan 2024 18:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197223
IP address blocks: 2a03:8c0:6000::/36 maxlen: 36
2a03:8c0::/32 maxlen: 32
2a03:8c0:8000::/36 maxlen: 36
2a03:8c0:9000::/36 maxlen: 36
2a03:8c0:3000::/36 maxlen: 36
2a03:8c0:4000::/36 maxlen: 36
2a03:8c0:7000::/36 maxlen: 36
2a03:8c0:2000::/36 maxlen: 36
2a03:8c0:5000::/36 maxlen: 36
2a03:8c0:1000::/36 maxlen: 36
2a03:8c0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1c:69:8b:4b:8e:d7:cb:5e:41:58:52:b5:d7:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 1 18:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa6d8ed8aaa94198f54ea65fb4f79937a02d95a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ff:23:44:8d:c1:2b:c6:ba:18:73:64:ef:14:
f4:28:e7:b1:3b:6f:85:a8:35:f7:a5:31:af:f7:32:
73:a9:2d:62:d8:24:ed:f2:2f:4b:11:ea:a0:88:cb:
15:75:7d:46:f8:48:c9:a0:d4:1f:4a:21:59:5b:e5:
73:1f:f3:c6:bf:b7:45:bc:cb:a9:fc:1b:54:eb:24:
25:3a:19:8e:f5:d4:b8:89:d9:7a:92:0c:be:9c:b1:
42:12:e6:b7:af:ec:da:05:ce:f9:ea:ba:7b:2a:02:
7e:ad:82:9e:29:f4:f3:69:29:b6:d3:25:9c:02:3c:
f8:1f:9f:d1:56:c6:47:7d:6a:81:7a:22:cd:ba:39:
fc:cc:db:88:96:8f:bd:ba:f4:70:b9:90:7e:f3:38:
83:63:28:5e:2d:b2:8e:22:00:e4:9b:a4:a1:06:c0:
80:30:a9:33:49:d9:75:4d:3c:f4:79:4b:a3:b7:76:
7b:35:89:d0:c4:9b:99:f9:f6:37:3c:b6:53:7e:ed:
a4:70:f8:1a:15:e1:0e:a3:9f:95:66:ba:06:f2:bc:
c4:75:8e:5c:42:f3:07:bd:9f:1d:45:34:66:65:ba:
d1:ea:72:a5:4a:f6:f1:55:36:72:d0:fc:55:38:f7:
0b:53:63:79:49:69:b0:24:67:e3:b5:cd:8b:c8:90:
d5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6D:8E:D8:AA:A9:41:98:F5:4E:A6:5F:B4:F7:99:37:A0:2D:95:A9
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/1-m2O2KqpQZj1TqZftPeZN6Atlak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
40:37:8b:7d:38:37:b2:71:91:7d:6d:5c:e7:4c:c7:4c:be:e9:
8b:31:cb:6f:93:ac:3f:bb:e3:10:dd:2f:34:0b:94:47:6d:78:
4b:51:e2:d0:85:02:92:b7:27:cc:75:39:0a:d4:87:37:f7:52:
ef:fc:e6:66:7d:98:d2:16:c0:67:cf:c8:9f:3c:1e:8a:46:b3:
3b:fb:13:52:55:8b:68:4d:75:c1:9a:67:18:28:3c:82:5f:8d:
06:7d:c1:2b:65:03:b3:e4:4e:0e:3e:4d:48:ce:17:ed:88:57:
a9:65:c6:38:b4:c9:3d:fe:1e:93:a5:ef:f1:0f:2d:e0:ef:0a:
1f:bb:a2:47:55:99:ca:c3:81:7f:6a:94:7c:91:ec:bc:99:b9:
f6:58:29:3a:8a:3c:f7:fc:5a:61:e9:51:61:18:6f:f3:d6:da:
ff:d9:fc:21:0e:5a:a0:19:1c:44:75:76:8d:b7:a9:11:f5:d8:
28:d1:44:ba:c6:f6:1c:c6:12:74:1b:76:44:b5:33:c9:d4:11:
fa:2c:ac:c0:47:c8:e8:aa:60:e3:86:73:91:fc:7e:c5:a9:5a:
4d:92:a1:6a:76:1d:22:4f:4d:c9:e3:ce:69:6e:e2:3e:c7:c3:
af:9d:18:8e:33:89:26:a8:c1:3f:da:ee:ca:b0:10:70:f8:c5:
2a:b7:e6:0a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGSxxpi0uO18teQVhStdeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjQwMTAxMTgzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTZkOGVkOGFhYTk0MTk4ZjU0ZWE2NWZiNGY3OTkzN2EwMmQ5NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif8jRI3BK8a6GHNk7xT0KOexO2+F
qDX3pTGv9zJzqS1i2CTt8i9LEeqgiMsVdX1G+EjJoNQfSiFZW+VzH/PGv7dFvMup
/BtU6yQlOhmO9dS4idl6kgy+nLFCEua3r+zaBc756rp7KgJ+rYKeKfTzaSm20yWc
Ajz4H5/RVsZHfWqBeiLNujn8zNuIlo+9uvRwuZB+8ziDYyheLbKOIgDkm6ShBsCA
MKkzSdl1TTz0eUujt3Z7NYnQxJuZ+fY3PLZTfu2kcPgaFeEOo5+VZroG8rzEdY5c
QvMHvZ8dRTRmZbrR6nKlSvbxVTZy0PxVOPcLU2N5SWmwJGfjtc2LyJDVfQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPptjtiqqUGY9U6mX7T3mTegLZWpMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvMS1tMk8yS3FwUVpqMVRxWmZ0UGVaTjZBdGxhay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvNmQ1ZDc1LTRkMWUtNDY5Ny1iMWQzLTM2ZTM0NGFiYzlk
My8xLzQzN2g3TzBaLUtDanBqV19xaVpDay1ORGQ1VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoDCMAw
DQYJKoZIhvcNAQELBQADggEBAEA3i304N7JxkX1tXOdMx0y+6Ysxy2+TrD+74xDd
LzQLlEdteEtR4tCFApK3J8x1OQrUhzf3Uu/85mZ9mNIWwGfPyJ88HopGszv7E1JV
i2hNdcGaZxgoPIJfjQZ9wStlA7PkTg4+TUjOF+2IV6llxji0yT3+HpOl7/EPLeDv
Ch+7okdVmcrDgX9qlHyR7LyZufZYKTqKPPf8WmHpUWEYb/PW2v/Z/CEOWqAZHER1
do23qRH12CjRRLrG9hzGEnQbdkS1M8nUEfosrMBHyOiqYOOGc5H8fsWpWk2SoWp2
HSJPTcnjzmlu4j7Hw6+dGI4ziSaowT/a7sqwEHD4xSq35go=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:36:41 2024 by rpki-client on console-fra.rpki-client.org