Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iE_uhKoiA6vnfTpqREnaU8cllXU.roa
File: iE_uhKoiA6vnfTpqREnaU8cllXU.roa (raw, json)
Hash identifier: 3LR98TDZt8IanKP73NZOSJNm4YF/S6m5hE4x9loM6Ho=
Subject key identifier: 88:4F:EE:84:AA:22:03:AB:E7:7D:3A:6A:44:49:DA:53:C7:25:95:75
Certificate issuer: /CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Certificate serial: 018CC500313D1115239035E3D1AA137515D2
Authority key identifier: 88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iE_uhKoiA6vnfTpqREnaU8cllXU.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209289
IP address blocks: 2a09:aac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:31:3d:11:15:23:90:35:e3:d1:aa:13:75:15:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=884fee84aa2203abe77d3a6a4449da53c7259575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6d:f0:f8:37:17:45:01:98:e6:02:77:29:37:
18:12:89:ec:c1:70:58:ee:c2:ca:62:0c:1b:9e:c6:
5a:ca:8d:e2:f3:93:fb:66:e1:2d:fe:37:43:09:a7:
1d:6f:65:1d:b9:50:1f:36:00:a3:2b:24:12:6c:14:
c2:cc:88:e9:70:91:9a:fc:13:aa:11:88:a5:da:ce:
71:85:4e:eb:20:31:fb:ed:b4:4b:de:fd:63:33:78:
c4:50:8d:14:5b:2a:c2:cb:69:bf:c7:db:c2:1b:32:
c3:f2:c0:55:d9:70:88:5c:0e:12:de:16:4b:0a:86:
3d:c3:c3:f2:8a:45:9c:96:ef:1f:53:22:c6:91:ab:
0f:23:bb:8b:38:b3:8d:fa:f4:d6:e3:0a:00:b4:fa:
27:63:de:f0:78:99:a0:c0:dc:57:cc:8c:84:c3:2f:
fb:50:6f:e8:72:c3:f0:08:53:69:ba:76:d0:a6:cb:
ec:ae:e1:41:31:67:bc:bc:d0:a2:22:75:76:64:16:
ac:28:69:20:83:53:55:87:1c:b1:49:e3:b4:db:56:
96:cf:a6:6d:1a:b3:f2:25:41:7b:5e:96:0a:80:83:
e1:b2:56:36:f3:1d:05:19:55:89:e7:d0:2e:8c:49:
3b:f2:f8:7a:cc:53:50:0b:02:71:2f:cc:af:67:0b:
22:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4F:EE:84:AA:22:03:AB:E7:7D:3A:6A:44:49:DA:53:C7:25:95:75
X509v3 Authority Key Identifier:
keyid:88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iE_uhKoiA6vnfTpqREnaU8cllXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
95:61:ba:78:0f:ca:4a:0e:81:f1:08:d2:50:89:d1:f3:fa:ae:
9a:7f:90:e5:55:db:e0:9f:64:54:85:c1:f1:8c:2b:ce:f5:bb:
b6:b6:a5:b6:dd:0e:73:1c:16:2a:24:34:40:8d:6b:53:51:ad:
dd:38:00:37:2d:67:91:96:50:b7:c3:68:de:6f:42:4f:ad:e2:
ee:1a:9a:b3:85:cb:18:86:88:eb:6b:12:c5:fd:50:6d:02:1f:
60:40:9b:39:fe:4d:26:ba:7a:ec:41:5d:4e:0c:66:0b:80:2b:
0a:a0:72:9c:86:02:30:c9:b9:f7:07:9d:73:d4:01:09:5c:7f:
0c:59:7e:75:3b:4b:67:28:87:bc:7d:a6:64:ce:ef:95:a0:77:
c0:d7:07:13:33:5c:91:7c:28:99:2e:a7:10:2e:93:dc:6d:32:
4f:3d:14:1b:41:e9:fa:ae:e2:f9:89:be:ea:78:b9:08:6e:3b:
b7:cb:a9:b4:ad:f1:cf:cd:92:a7:1f:fc:ba:ab:f6:dd:22:22:
bd:66:ab:a4:06:f9:55:80:c7:38:b9:47:f2:96:f1:ef:56:93:
75:fa:bd:14:22:fa:e9:37:ce:64:d0:44:d2:cf:62:1a:27:12:
e1:15:5a:71:d6:24:c9:29:98:78:8a:7f:6c:c2:f0:d1:aa:fe:
f1:ae:a5:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFADE9ERUjkDXj0aoTdRXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NGJmODBlNzJmNTBmMDliZjU2MzQ5M2ViZGIxMWEzNGJi
YTMxMmQwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRmZWU4NGFhMjIwM2FiZTc3ZDNhNmE0NDQ5ZGE1M2M3MjU5NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW3w+DcXRQGY5gJ3KTcYEonswXBY
7sLKYgwbnsZayo3i85P7ZuEt/jdDCacdb2UduVAfNgCjKyQSbBTCzIjpcJGa/BOq
EYil2s5xhU7rIDH77bRL3v1jM3jEUI0UWyrCy2m/x9vCGzLD8sBV2XCIXA4S3hZL
CoY9w8PyikWclu8fUyLGkasPI7uLOLON+vTW4woAtPonY97weJmgwNxXzIyEwy/7
UG/ocsPwCFNpunbQpsvsruFBMWe8vNCiInV2ZBasKGkgg1NVhxyxSeO021aWz6Zt
GrPyJUF7XpYKgIPhslY28x0FGVWJ59AujEk78vh6zFNQCwJxL8yvZwsiQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIhP7oSqIgOr5306akRJ2lPHJZV1MB8GA1UdIwQY
MBaAFIhL+A5y9Q8Jv1Y0k+vbEaNLujEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGIt
MzZmOTg0N2FjMzViLzEvaUVfdWhLb2lBNnZuZlRwcVJFbmFVOGNsbFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGItMzZmOTg0N2FjMzVi
LzEvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgmqwDAN
BgkqhkiG9w0BAQsFAAOCAQEAlWG6eA/KSg6B8QjSUInR8/qumn+Q5VXb4J9kVIXB
8YwrzvW7traltt0OcxwWKiQ0QI1rU1Gt3TgANy1nkZZQt8No3m9CT63i7hqas4XL
GIaI62sSxf1QbQIfYECbOf5NJrp67EFdTgxmC4ArCqBynIYCMMm59wedc9QBCVx/
DFl+dTtLZyiHvH2mZM7vlaB3wNcHEzNckXwomS6nEC6T3G0yTz0UG0Hp+q7i+Ym+
6ni5CG47t8uptK3xz82Spx/8uqv23SIivWarpAb5VYDHOLlH8pbx71aTdfq9FCL6
6TfOZNBE0s9iGicS4RVacdYkySmYeIp/bMLw0ar+8a6log==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:34:08 2024 by rpki-client on console-ams.rpki-client.org