Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4_Htv6dZ2s5Pym_ZFjEi5SQKCQ0.roa
File: 4_Htv6dZ2s5Pym_ZFjEi5SQKCQ0.roa (raw, json)
Hash identifier: kQw2oiAUUnCp6bYhC0S8IYiAQTLF6cmh2vz84qX6EhY=
Subject key identifier: E3:F1:ED:BF:A7:59:DA:CE:4F:CA:6F:D9:16:31:22:E5:24:0A:09:0D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01920EA505D308C897C3FEE7308D4F58D97B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4_Htv6dZ2s5Pym_ZFjEi5SQKCQ0.roa
Signing time: Fri 20 Sep 2024 08:55:48 +0000
ROA not before: Fri 20 Sep 2024 08:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199925
IP address blocks: 2a0d:b740::/29 maxlen: 29
2a0f:1480::/29 maxlen: 29
2a0f:28c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:a5:05:d3:08:c8:97:c3:fe:e7:30:8d:4f:58:d9:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 20 08:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3f1edbfa759dace4fca6fd9163122e5240a090d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0f:45:f9:83:e1:91:af:ed:c3:0d:fd:f1:bc:
10:7b:d6:17:44:ef:d7:27:49:eb:b1:32:be:c1:9e:
50:ec:7f:45:bf:1e:6d:30:e4:24:70:e1:92:65:aa:
c6:d5:0f:e7:a7:dc:61:51:8f:7c:80:b3:72:e5:bd:
82:d9:6a:fb:e8:76:29:06:88:7c:8b:b1:84:1b:1f:
9a:9b:6d:f9:f1:5d:a2:60:38:eb:4c:61:2a:d7:fd:
69:3b:38:77:d5:1b:61:fe:7d:13:41:f7:0d:86:c6:
24:bb:fc:24:82:53:8c:4a:90:11:f8:ce:4e:82:e5:
d8:91:83:ca:a3:2b:a2:8f:5e:51:07:87:76:73:67:
49:a2:52:4b:aa:cf:29:7f:75:3e:8e:57:0e:55:95:
99:a2:75:e6:4e:15:c0:53:93:45:9c:8d:2d:d4:35:
13:c9:63:57:aa:c4:5e:81:f2:16:0c:05:ff:14:26:
78:9c:29:44:2c:7f:ea:29:84:48:87:9e:ca:94:42:
5e:d1:8c:70:ad:40:95:da:49:7c:5e:68:0e:e4:c0:
a9:bf:d7:a5:eb:1a:96:a9:f3:ed:25:0d:18:30:7a:
82:0d:d4:17:29:f0:cd:99:46:c8:42:c6:94:7a:87:
4c:56:8f:de:12:6b:a8:94:e6:95:b5:d3:9c:90:28:
99:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F1:ED:BF:A7:59:DA:CE:4F:CA:6F:D9:16:31:22:E5:24:0A:09:0D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4_Htv6dZ2s5Pym_ZFjEi5SQKCQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b740::/29
2a0f:1480::/29
2a0f:28c0::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
7d:82:18:a5:b4:bc:33:d1:0b:31:8c:24:0b:75:16:30:91:5b:
e0:a3:34:a9:64:40:92:eb:00:b1:fb:2a:af:64:7f:14:79:f5:
ee:89:43:25:02:82:61:cb:a1:f5:88:08:6e:da:7e:76:3b:ff:
bc:ec:8d:06:0c:0c:07:e8:3c:55:7c:28:2c:a9:7e:02:1d:4e:
c5:70:02:fc:15:1f:96:62:8e:bc:a7:d9:82:42:a1:06:c1:24:
40:14:ec:2c:b5:35:ef:d7:d1:9e:38:a3:10:0d:f8:10:aa:25:
0d:5a:77:70:00:63:36:11:3e:b7:d5:d3:f9:72:8f:55:bf:ca:
69:ec:22:57:88:5a:a2:26:83:fb:21:3a:c5:3f:0d:d9:d1:95:
11:7c:ec:84:1b:fe:f4:c7:c7:0d:3b:a1:aa:e9:ff:04:ca:da:
be:67:3b:78:bc:94:46:00:fb:e5:37:73:5f:28:75:f5:4b:a9:
d3:ee:a4:dd:7c:cb:61:5e:ca:6a:13:69:84:4e:ab:e0:62:05:
fa:37:70:04:30:db:50:5c:89:1f:07:2c:89:dd:e3:2d:df:77:
49:0e:23:26:41:e9:1a:fb:db:b7:2f:37:8f:f4:55:db:37:f5:
2f:be:3f:48:93:0a:44:4b:8a:b6:4e:7c:49:83:6e:a7:ed:9b:
cb:8b:37:34
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZIOpQXTCMiXw/7nMI1PWNl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTIwMDg1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2YxZWRiZmE3NTlkYWNlNGZjYTZmZDkxNjMxMjJlNTI0MGEwOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A9F+YPhka/tww398bwQe9YXRO/X
J0nrsTK+wZ5Q7H9Fvx5tMOQkcOGSZarG1Q/np9xhUY98gLNy5b2C2Wr76HYpBoh8
i7GEGx+am2358V2iYDjrTGEq1/1pOzh31Rth/n0TQfcNhsYku/wkglOMSpAR+M5O
guXYkYPKoyuij15RB4d2c2dJolJLqs8pf3U+jlcOVZWZonXmThXAU5NFnI0t1DUT
yWNXqsRegfIWDAX/FCZ4nClELH/qKYRIh57KlEJe0YxwrUCV2kl8XmgO5MCpv9el
6xqWqfPtJQ0YMHqCDdQXKfDNmUbIQsaUeodMVo/eEmuolOaVtdOckCiZqQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOPx7b+nWdrOT8pv2RYxIuUkCgkNMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNF9IdHY2ZFoyczVQeW1fWkZqRWk1U1FLQ1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg23QAMF
AyoPFIADBQMqDyjAAwUDKhMrQDANBgkqhkiG9w0BAQsFAAOCAQEAfYIYpbS8M9EL
MYwkC3UWMJFb4KM0qWRAkusAsfsqr2R/FHn17olDJQKCYcuh9YgIbtp+djv/vOyN
BgwMB+g8VXwoLKl+Ah1OxXAC/BUflmKOvKfZgkKhBsEkQBTsLLU179fRnjijEA34
EKolDVp3cABjNhE+t9XT+XKPVb/KaewiV4haoiaD+yE6xT8N2dGVEXzshBv+9MfH
DTuhqun/BMravmc7eLyURgD75TdzXyh19Uup0+6k3XzLYV7KahNphE6r4GIF+jdw
BDDbUFyJHwcsid3jLd93SQ4jJkHpGvvbty83j/RV2zf1L74/SJMKREuKtk58SYNu
p+2by4s3NA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:06:17 2024 by rpki-client on console-ams.rpki-client.org