Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/iad03zVNlUSVSI7-250e6qId2hU.roa
File: iad03zVNlUSVSI7-250e6qId2hU.roa (raw, json)
Hash identifier: MGYeKyHEBMybtNOFzyhj2FdWGrCoyN4Nk8HzTtquMh0=
Subject key identifier: 89:A7:74:DF:35:4D:95:44:95:48:8E:FE:DB:9D:1E:EA:A2:1D:DA:15
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0193392A3F8ED8B0E2A05ACE6F65BA0F4C6C
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/iad03zVNlUSVSI7-250e6qId2hU.roa
Signing time: Sun 17 Nov 2024 08:08:10 +0000
ROA not before: Sun 17 Nov 2024 08:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214168
IP address blocks: 2a0d:7340::/29 maxlen: 29
2a0d:9440::/29 maxlen: 29
2a0d:be40::/29 maxlen: 29
2a0f:9480::/29 maxlen: 29
2a10:5d40::/29 maxlen: 29
2a10:9580::/29 maxlen: 29
2a11:3d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:39:2a:3f:8e:d8:b0:e2:a0:5a:ce:6f:65:ba:0f:4c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Nov 17 08:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a774df354d954495488efedb9d1eeaa21dda15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:93:5a:f6:13:51:0b:da:2d:6a:05:1d:13:
23:d8:d6:a1:4c:46:ef:17:01:28:31:6d:bf:86:da:
f1:bc:e5:61:48:f4:d7:0e:b7:cd:2d:2e:f0:fd:09:
b5:42:40:cb:17:3b:f7:1b:14:83:b7:36:21:c4:60:
6d:c1:66:79:ad:ee:27:f0:20:bd:14:5d:89:79:78:
51:3f:ed:5d:b5:13:c4:27:ed:82:9d:17:32:3f:ae:
96:96:e5:44:f4:e8:a7:af:21:6a:b3:d8:a6:04:eb:
b0:7c:af:30:59:70:43:36:ca:19:6f:49:35:77:64:
38:45:e3:9b:8e:2b:a6:30:09:27:57:ce:63:10:9f:
a0:b4:7d:79:c4:e6:05:47:ba:25:54:20:65:c9:78:
ad:93:c1:07:27:0f:05:88:31:2c:5c:7e:0d:0b:e4:
20:74:f2:42:de:ca:c9:4f:ae:56:0e:df:5d:43:9b:
49:9d:75:12:bc:04:13:db:08:2c:5c:3a:d4:f7:30:
81:be:cc:7a:91:49:b3:84:c9:fa:a1:42:62:2b:f5:
82:de:33:ac:0a:d0:de:27:0e:e3:74:9e:ae:12:e3:
90:a8:c1:14:e4:ff:4d:a0:fc:62:da:67:a9:25:b6:
4a:24:84:20:5a:1e:22:bb:56:6a:b3:4f:e4:92:9d:
97:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A7:74:DF:35:4D:95:44:95:48:8E:FE:DB:9D:1E:EA:A2:1D:DA:15
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/iad03zVNlUSVSI7-250e6qId2hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:7340::/29
2a0d:9440::/29
2a0d:be40::/29
2a0f:9480::/29
2a10:5d40::/29
2a10:9580::/29
2a11:3d40::/29
Signature Algorithm: sha256WithRSAEncryption
55:fa:86:b5:c1:45:e6:eb:b3:0f:1a:28:ca:f4:ba:89:98:dc:
85:4d:b3:77:44:bd:d7:ee:66:30:62:6c:73:79:fd:7d:eb:df:
89:e2:0b:9e:53:2f:77:34:d3:df:74:d8:21:ee:09:78:5b:be:
b8:e9:4d:57:58:a9:a2:50:69:8c:69:6d:70:b7:6a:ba:d0:c7:
aa:e2:b7:cd:a4:42:51:86:c8:72:72:ff:b1:1e:b1:5f:35:ae:
16:96:33:a0:66:52:f6:72:68:3b:cd:1c:65:8b:d9:37:a0:7b:
6c:7b:be:18:4e:03:b3:46:82:bd:be:fe:f2:4e:90:c5:9a:8d:
0e:45:e1:95:6c:2a:98:3d:34:78:fa:08:67:c8:e3:d0:7a:26:
f5:7e:70:26:4a:8e:57:7a:bc:fe:b4:c5:2f:71:f4:3b:f2:10:
94:33:db:50:00:c4:0b:ec:9f:a5:e9:25:c4:69:c3:5a:88:e7:
38:18:24:a7:14:1c:f1:dd:90:79:75:e2:56:e5:90:1e:66:04:
3d:af:fe:c8:f2:32:63:cc:f0:fc:61:3c:a3:42:71:46:80:98:
b4:6a:d8:b9:2e:2a:f7:bf:44:c5:93:d5:15:44:8e:29:f0:b8:
9d:ec:5c:e9:7d:dc:c8:59:e7:55:ca:29:6e:6c:45:ba:d2:23:
10:06:6e:e0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZM5Kj+O2LDioFrOb2W6D0xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQxMTE3MDgwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE3NzRkZjM1NGQ5NTQ0OTU0ODhlZmVkYjlkMWVlYWEyMWRkYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPqTWvYTUQvaLWoFHRMj2NahTEbv
FwEoMW2/htrxvOVhSPTXDrfNLS7w/Qm1QkDLFzv3GxSDtzYhxGBtwWZ5re4n8CC9
FF2JeXhRP+1dtRPEJ+2CnRcyP66WluVE9OinryFqs9imBOuwfK8wWXBDNsoZb0k1
d2Q4ReObjiumMAknV85jEJ+gtH15xOYFR7olVCBlyXitk8EHJw8FiDEsXH4NC+Qg
dPJC3srJT65WDt9dQ5tJnXUSvAQT2wgsXDrU9zCBvsx6kUmzhMn6oUJiK/WC3jOs
CtDeJw7jdJ6uEuOQqMEU5P9NoPxi2mepJbZKJIQgWh4iu1Zqs0/kkp2XwQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFImndN81TZVElUiO/tudHuqiHdoVMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvaWFkMDN6Vk5sVVNWU0k3LTI1MGU2cUlkMmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg1zQAMF
AyoNlEADBQMqDb5AAwUDKg+UgAMFAyoQXUADBQMqEJWAAwUDKhE9QDANBgkqhkiG
9w0BAQsFAAOCAQEAVfqGtcFF5uuzDxooyvS6iZjchU2zd0S91+5mMGJsc3n9fevf
ieILnlMvdzTT33TYIe4JeFu+uOlNV1ipolBpjGltcLdqutDHquK3zaRCUYbIcnL/
sR6xXzWuFpYzoGZS9nJoO80cZYvZN6B7bHu+GE4Ds0aCvb7+8k6QxZqNDkXhlWwq
mD00ePoIZ8jj0Hom9X5wJkqOV3q8/rTFL3H0O/IQlDPbUADEC+yfpeklxGnDWojn
OBgkpxQc8d2QeXXiVuWQHmYEPa/+yPIyY8zw/GE8o0JxRoCYtGrYuS4q979ExZPV
FUSOKfC4nexc6X3cyFnnVcopbmxFutIjEAZu4A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:06:09 2024 by rpki-client on console-ams.rpki-client.org