Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/kvXrUyeBQi_5Duxjgp6-Ld2-A04.roa
File: kvXrUyeBQi_5Duxjgp6-Ld2-A04.roa (raw, json)
Hash identifier: glGX1DcdIMwDvGOnafHtJAAh4snkHR3QKJd7pP+0ois=
Subject key identifier: 92:F5:EB:53:27:81:42:2F:F9:0E:EC:63:82:9E:BE:2D:DD:BE:03:4E
Certificate issuer: /CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Certificate serial: 018CC50030E31A42F248D394FE67515242C4
Authority key identifier: 88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/kvXrUyeBQi_5Duxjgp6-Ld2-A04.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209112
IP address blocks: 2a0e:1200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:30:e3:1a:42:f2:48:d3:94:fe:67:51:52:42:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92f5eb532781422ff90eec63829ebe2dddbe034e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ef:d1:ac:b4:17:6f:c7:75:ac:d0:bd:de:8b:
d9:28:ee:43:df:8f:6b:19:57:42:62:54:45:1b:a1:
52:cd:f4:75:b0:19:a1:c4:fc:42:ef:b0:85:17:27:
66:ab:6a:f4:ae:1b:af:bc:37:ce:4d:90:8a:cd:ad:
e6:5a:80:2c:58:0a:4b:77:28:21:10:ae:c9:cb:6e:
57:11:ea:2f:e1:b4:94:d2:56:37:8b:d6:8d:dd:47:
82:67:3c:f3:f5:55:7a:61:81:d5:17:68:f2:ad:ea:
2e:86:ef:14:f6:6e:87:73:72:60:80:a6:f8:a3:e1:
6e:d3:89:65:55:14:f1:22:0c:11:d7:f4:d3:b3:f1:
86:a5:ba:ce:aa:12:f9:2a:e6:8e:c7:05:0e:3a:71:
f2:ae:18:43:21:eb:44:97:fd:17:84:10:42:3b:55:
97:92:b6:be:ef:be:69:96:5c:45:c3:f4:85:a1:53:
49:5f:89:42:be:b5:ed:d4:1b:16:30:3e:82:5f:ed:
70:ba:24:45:60:01:ad:bd:53:70:51:de:e8:94:8d:
03:78:bb:4d:71:67:c2:8e:16:65:1b:98:ca:da:a3:
f6:b1:e0:cb:f7:9b:bc:3f:c2:1b:fb:5a:29:6a:ed:
20:57:04:a3:4b:09:76:ab:a1:dd:31:2b:47:0e:44:
14:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F5:EB:53:27:81:42:2F:F9:0E:EC:63:82:9E:BE:2D:DD:BE:03:4E
X509v3 Authority Key Identifier:
keyid:88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/kvXrUyeBQi_5Duxjgp6-Ld2-A04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1200::/29
Signature Algorithm: sha256WithRSAEncryption
01:04:7a:a4:eb:d3:63:b8:93:54:5c:32:85:06:38:ee:30:c9:
1d:6d:fb:f9:d8:f1:c2:ab:cd:b0:b1:1e:e7:13:09:19:86:be:
95:ac:1c:9b:aa:e7:b9:bd:79:e8:88:07:f8:28:b4:c7:74:c7:
a3:69:ae:91:29:18:80:62:69:52:66:fc:df:70:84:d2:ce:c5:
3f:37:73:12:e4:15:f6:34:e2:32:f1:0a:d3:20:20:7c:f4:a7:
b7:57:81:55:de:62:79:c5:c8:59:9e:77:7a:62:b6:e3:7f:91:
48:cb:d8:48:4e:67:02:ae:63:36:55:2b:8e:42:3d:f2:df:41:
e9:77:3c:27:5b:1f:4b:0d:ee:68:0b:bf:09:32:53:11:dd:09:
3c:18:67:4d:b5:f2:02:61:89:6f:0d:ba:bb:fe:91:7c:cf:61:
58:e3:76:40:74:17:1f:39:06:c8:52:bf:e6:ba:3e:c1:da:33:
d6:5a:19:93:ce:da:3d:42:c8:a2:3b:5e:9d:d7:0c:bb:26:31:
6a:3d:52:7e:ca:2a:72:83:dc:a8:b1:6e:07:a9:1f:a7:dc:9f:
9d:5f:ab:3d:83:5c:48:97:05:2b:25:a7:b4:51:d2:69:9b:24:
a2:10:3f:8b:3f:be:e1:18:d1:2e:48:10:cc:8d:6a:83:9e:44:
98:df:3e:d2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFADDjGkLySNOU/mdRUkLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NGJmODBlNzJmNTBmMDliZjU2MzQ5M2ViZGIxMWEzNGJi
YTMxMmQwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY1ZWI1MzI3ODE0MjJmZjkwZWVjNjM4MjllYmUyZGRkYmUwMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+/RrLQXb8d1rNC93ovZKO5D349r
GVdCYlRFG6FSzfR1sBmhxPxC77CFFydmq2r0rhuvvDfOTZCKza3mWoAsWApLdygh
EK7Jy25XEeov4bSU0lY3i9aN3UeCZzzz9VV6YYHVF2jyreouhu8U9m6Hc3JggKb4
o+Fu04llVRTxIgwR1/TTs/GGpbrOqhL5KuaOxwUOOnHyrhhDIetEl/0XhBBCO1WX
kra+775pllxFw/SFoVNJX4lCvrXt1BsWMD6CX+1wuiRFYAGtvVNwUd7olI0DeLtN
cWfCjhZlG5jK2qP2seDL95u8P8Ib+1opau0gVwSjSwl2q6HdMStHDkQUFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJL161MngUIv+Q7sY4Kevi3dvgNOMB8GA1UdIwQY
MBaAFIhL+A5y9Q8Jv1Y0k+vbEaNLujEtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGIt
MzZmOTg0N2FjMzViLzEva3ZYclV5ZUJRaV81RHV4amdwNi1MZDItQTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMTJlNGQtOGExYS00MDEwLTlhOGItMzZmOTg0N2FjMzVi
LzEvaUV2NERuTDFEd21fVmpTVDY5c1JvMHU2TVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg4SADAN
BgkqhkiG9w0BAQsFAAOCAQEAAQR6pOvTY7iTVFwyhQY47jDJHW37+djxwqvNsLEe
5xMJGYa+lawcm6rnub156IgH+Ci0x3THo2mukSkYgGJpUmb833CE0s7FPzdzEuQV
9jTiMvEK0yAgfPSnt1eBVd5iecXIWZ53emK243+RSMvYSE5nAq5jNlUrjkI98t9B
6Xc8J1sfSw3uaAu/CTJTEd0JPBhnTbXyAmGJbw26u/6RfM9hWON2QHQXHzkGyFK/
5ro+wdoz1loZk87aPULIojtendcMuyYxaj1SfsoqcoPcqLFuB6kfp9yfnV+rPYNc
SJcFKyWntFHSaZskohA/iz++4RjRLkgQzI1qg55EmN8+0g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:39 2024 by rpki-client on console-ams.rpki-client.org