Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/tLpl64WEtkgLvWUyq2y2E9-xCmA.roa
File: tLpl64WEtkgLvWUyq2y2E9-xCmA.roa (raw, json)
Hash identifier: LXCOzrU1swN350UaNSN1dVbFOvQyJXlh5KjizlIY0O8=
Subject key identifier: B4:BA:65:EB:85:84:B6:48:0B:BD:65:32:AB:6C:B6:13:DF:B1:0A:60
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018CC4255ACCC98EC17256735C915400BD86
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/tLpl64WEtkgLvWUyq2y2E9-xCmA.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60960
IP address blocks: 2a07:7b00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5a:cc:c9:8e:c1:72:56:73:5c:91:54:00:bd:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4ba65eb8584b6480bbd6532ab6cb613dfb10a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6f:a4:29:80:4c:57:4c:d0:e0:a5:29:04:52:
31:44:24:55:a8:b6:5e:32:71:e1:87:10:be:58:27:
a0:63:99:e6:98:b3:a7:33:cb:b9:c9:37:9e:db:84:
b6:cc:71:98:1d:f7:76:55:fd:e1:83:db:e5:3b:4c:
4f:15:f2:fa:70:fa:13:ee:ec:b7:7c:b7:f3:f3:a1:
f4:12:86:cd:2e:36:16:cc:47:31:28:ad:2e:0b:e7:
73:3b:6b:87:45:45:38:dc:e6:2b:f2:b1:71:2e:96:
08:d4:48:0d:23:4b:f0:6f:7f:e5:1e:dc:15:cd:09:
37:23:e7:ff:57:cf:ee:ea:2b:8b:6f:ea:73:1e:c8:
f8:94:4b:a9:01:b6:0b:e0:e5:3d:f9:5f:91:6f:11:
3e:1e:fb:b8:f2:7d:a7:f1:69:9d:e4:82:f4:73:48:
40:ed:25:20:cd:a5:4c:c3:80:67:7d:2b:a7:da:9b:
c2:dc:2d:9c:dd:74:5d:bd:2f:18:2e:2a:be:06:57:
7f:a6:77:45:ce:22:88:be:01:14:fc:8c:4b:fc:a3:
96:ec:41:70:60:67:42:7d:d3:fc:e1:2d:c0:55:8b:
ec:16:d7:cb:72:d8:d2:e6:33:30:db:24:8d:80:04:
c8:1c:74:f3:01:4e:20:a0:26:8d:fc:03:4f:07:84:
1e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BA:65:EB:85:84:B6:48:0B:BD:65:32:AB:6C:B6:13:DF:B1:0A:60
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/tLpl64WEtkgLvWUyq2y2E9-xCmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7b00::/29
Signature Algorithm: sha256WithRSAEncryption
81:ce:4f:5b:bd:bb:7e:90:f1:2e:6b:13:b7:b7:db:92:fb:bc:
1a:9a:6e:77:80:20:ab:6a:56:9a:0e:90:4b:8e:0d:61:e9:2b:
b8:3a:57:5a:27:44:fa:73:8d:02:f6:8a:a3:24:0a:01:95:e1:
ae:de:59:74:9c:96:c4:27:19:d5:50:67:22:ee:d9:21:be:f6:
81:af:3f:45:25:4d:70:4c:b2:ec:fd:49:a9:4c:13:21:4a:b7:
98:0c:aa:c3:fc:10:75:0d:e1:d9:b8:1a:94:21:88:84:83:1a:
81:1d:8a:a7:76:d1:2f:49:de:cd:dd:7f:fd:fd:40:33:0e:34:
a4:ac:fc:ca:76:ad:a1:75:d2:29:3a:5b:ec:7f:79:1a:42:30:
97:c8:4f:b7:06:b1:c1:c5:66:62:6a:bc:9e:23:86:07:26:d8:
62:05:5c:c5:6e:5b:f9:3d:f9:c5:e7:d9:32:a8:99:e7:6d:29:
c2:8d:a1:2e:00:18:60:e9:65:51:ba:dd:09:fc:bd:41:1f:21:
4c:eb:0e:8c:1c:14:a2:bc:72:1a:16:ed:92:30:2e:ec:d8:8c:
8d:82:a4:fa:a8:8e:e0:98:d3:2b:41:11:bf:8c:9d:10:0c:85:
af:4c:a6:95:9a:d1:14:01:59:0b:9c:4c:7b:72:de:da:ec:e9:
81:aa:7f:d9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJVrMyY7BclZzXJFUAL2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJhNjVlYjg1ODRiNjQ4MGJiZDY1MzJhYjZjYjYxM2RmYjEwYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2+kKYBMV0zQ4KUpBFIxRCRVqLZe
MnHhhxC+WCegY5nmmLOnM8u5yTee24S2zHGYHfd2Vf3hg9vlO0xPFfL6cPoT7uy3
fLfz86H0EobNLjYWzEcxKK0uC+dzO2uHRUU43OYr8rFxLpYI1EgNI0vwb3/lHtwV
zQk3I+f/V8/u6iuLb+pzHsj4lEupAbYL4OU9+V+RbxE+Hvu48n2n8Wmd5IL0c0hA
7SUgzaVMw4BnfSun2pvC3C2c3XRdvS8YLiq+Bld/pndFziKIvgEU/IxL/KOW7EFw
YGdCfdP84S3AVYvsFtfLctjS5jMw2ySNgATIHHTzAU4goCaN/ANPB4QerQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLS6ZeuFhLZIC71lMqtsthPfsQpgMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvdExwbDY0V0V0a2dMdldVeXEyeTJFOS14Q21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgd7ADAN
BgkqhkiG9w0BAQsFAAOCAQEAgc5PW727fpDxLmsTt7fbkvu8Gppud4Agq2pWmg6Q
S44NYekruDpXWidE+nONAvaKoyQKAZXhrt5ZdJyWxCcZ1VBnIu7ZIb72ga8/RSVN
cEyy7P1JqUwTIUq3mAyqw/wQdQ3h2bgalCGIhIMagR2Kp3bRL0nezd1//f1AMw40
pKz8ynatoXXSKTpb7H95GkIwl8hPtwaxwcVmYmq8niOGBybYYgVcxW5b+T35xefZ
MqiZ520pwo2hLgAYYOllUbrdCfy9QR8hTOsOjBwUorxyGhbtkjAu7NiMjYKk+qiO
4JjTK0ERv4ydEAyFr0ymlZrRFAFZC5xMe3Le2uzpgap/2Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:28:54 2024 by rpki-client on console-fra.rpki-client.org