Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ap0Mo9K9YW_x4J7LQ03QLvXT5K4.roa
File: Ap0Mo9K9YW_x4J7LQ03QLvXT5K4.roa (raw, json)
Hash identifier: S7nn8OGfIEQGmKuO4CE6hERlR4tjQpjaeEu6ntPFLUc=
Subject key identifier: 02:9D:0C:A3:D2:BD:61:6F:F1:E0:9E:CB:43:4D:D0:2E:F5:D3:E4:AE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193494E06CAD56CC22751C5F40B83D3D90E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ap0Mo9K9YW_x4J7LQ03QLvXT5K4.roa
Signing time: Wed 20 Nov 2024 11:21:10 +0000
ROA not before: Wed 20 Nov 2024 11:21:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197992
IP address blocks: 2a05:b300::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a07:a300::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:30c0::/29 maxlen: 29
2a10:33c0::/29 maxlen: 29
2a10:3840::/29 maxlen: 29
2a10:5c00::/29 maxlen: 29
2a10:6400::/29 maxlen: 29
2a10:7700::/29 maxlen: 29
2a10:7b00::/29 maxlen: 29
2a11:1200::/29 maxlen: 29
2a11:1880::/29 maxlen: 29
2a11:5c80::/29 maxlen: 29
2a11:8700::/29 maxlen: 29
2a11:89c0::/29 maxlen: 29
2a11:9340::/29 maxlen: 29
2a11:9e00::/29 maxlen: 29
2a11:b200::/29 maxlen: 29
2a11:b740::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a11:efc0::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a12:ba00::/29 maxlen: 29
2a12:dc00::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a13:cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:40:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:4e:06:ca:d5:6c:c2:27:51:c5:f4:0b:83:d3:d9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 20 11:21:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=029d0ca3d2bd616ff1e09ecb434dd02ef5d3e4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f4:01:ca:6b:e4:d9:3f:bb:d5:3b:7f:fb:75:
0b:0c:09:77:e1:80:68:0c:28:4e:8c:04:15:71:5f:
b6:cc:1f:4f:ab:6d:99:88:dc:86:d2:2d:48:1b:2c:
04:ad:c3:c0:44:5c:48:21:f4:80:71:d5:34:7f:1b:
96:cf:12:7e:1e:ae:d1:bc:a2:c8:1e:87:c6:14:a6:
c3:24:22:3f:42:d8:22:9d:88:14:82:8b:38:fc:08:
cf:54:a7:a2:c0:df:a0:00:8b:de:f8:2a:cd:12:e9:
a0:73:4c:4a:75:8a:a5:50:1f:85:8f:66:54:4a:87:
b1:3b:d5:ee:92:c5:c4:65:62:6c:c0:87:21:46:3f:
3f:73:5f:34:e0:59:7a:c5:84:aa:98:0c:a5:8a:1f:
6d:29:a6:8f:fc:59:52:43:cf:cd:81:ff:4c:48:5a:
92:3f:ae:c1:a4:98:6b:24:26:7a:b2:f8:cc:00:86:
91:b7:bd:50:cb:37:b8:87:24:53:93:00:1f:52:a9:
4c:0a:a3:c5:4e:ec:a3:a3:90:43:05:16:4b:b6:80:
48:05:ba:1b:ad:d6:28:b8:d7:10:c2:a8:35:b9:21:
21:b2:e3:c6:7e:96:67:fc:3d:d2:6d:d7:9a:32:aa:
dc:9f:5c:dc:c8:36:c9:f7:24:e3:fe:76:1a:0d:29:
57:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9D:0C:A3:D2:BD:61:6F:F1:E0:9E:CB:43:4D:D0:2E:F5:D3:E4:AE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ap0Mo9K9YW_x4J7LQ03QLvXT5K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:dfc0::/29
2a07:a300::/29
2a0f:1740::/29
2a0f:19c0::/29
2a0f:1ac0::/29
2a0f:e740::/29
2a10:30c0::/29
2a10:33c0::/29
2a10:3840::/29
2a10:5c00::/29
2a10:6400::/29
2a10:7700::/29
2a10:7b00::/29
2a11:1200::/29
2a11:1880::/29
2a11:5c80::/29
2a11:8700::/29
2a11:89c0::/29
2a11:9340::/29
2a11:9e00::/29
2a11:b200::/29
2a11:b740::/29
2a11:e580::/29
2a11:efc0::/29
2a11:f040::/29
2a12:ba00::/29
2a12:dc00::/29
2a13:200::/29
2a13:cc0::/29
Signature Algorithm: sha256WithRSAEncryption
33:fe:4d:04:31:e8:ef:cb:3c:29:1f:25:8d:64:e1:84:2d:db:
b8:d5:64:ef:67:f3:9d:b5:d8:38:3b:ba:8c:33:73:fd:25:7f:
be:30:dd:2e:59:07:90:28:76:0b:04:a4:c7:76:b9:51:b6:4c:
ad:a2:b3:15:74:40:7d:95:82:39:2c:78:85:99:bb:e3:4e:74:
02:52:83:56:16:89:be:b8:c4:70:6f:0f:ab:9a:b4:48:7c:93:
3a:8f:a8:f7:06:f4:49:1d:38:b1:b7:60:2b:28:a5:2b:a8:40:
d7:ce:f8:16:43:73:90:51:d3:49:cc:28:37:21:2c:54:f5:2d:
b9:ee:4e:e6:84:01:d7:fc:ad:d7:a7:97:fa:ad:e1:15:d2:3b:
c4:61:cc:08:47:6d:2e:ac:3f:27:3c:d8:0f:5c:8f:e6:36:cb:
60:b0:1f:de:13:1a:67:85:42:6a:dc:69:01:68:53:ba:90:40:
57:35:64:e9:56:b1:e7:9e:71:ac:92:af:c2:1a:63:da:98:a8:
6f:3b:5a:ed:5d:7f:fe:02:64:b1:4b:e6:bf:fc:0b:ab:7e:de:
88:78:ff:13:60:fe:27:71:b9:3c:24:9d:cd:26:fc:2a:f8:1b:
e5:39:26:73:a5:84:26:72:1f:3a:7d:f9:56:9c:fe:07:02:fe:
79:63:77:ab
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZNJTgbK1WzCJ1HF9AuD09kOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTIwMTEyMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjlkMGNhM2QyYmQ2MTZmZjFlMDllY2I0MzRkZDAyZWY1ZDNlNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvQBymvk2T+71Tt/+3ULDAl34YBo
DChOjAQVcV+2zB9Pq22ZiNyG0i1IGywErcPARFxIIfSAcdU0fxuWzxJ+Hq7RvKLI
HofGFKbDJCI/QtginYgUgos4/AjPVKeiwN+gAIve+CrNEumgc0xKdYqlUB+Fj2ZU
SoexO9XuksXEZWJswIchRj8/c1804Fl6xYSqmAylih9tKaaP/FlSQ8/Ngf9MSFqS
P67BpJhrJCZ6svjMAIaRt71Qyze4hyRTkwAfUqlMCqPFTuyjo5BDBRZLtoBIBbob
rdYouNcQwqg1uSEhsuPGfpZn/D3SbdeaMqrcn1zcyDbJ9yTj/nYaDSlXdwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFAKdDKPSvWFv8eCey0NN0C710+SuMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQXAwTW85SzlZV194NEo3TFEwM1FMdlhUNUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAIwgdIDBQMq
BbMAAwUDKgbfwAMFAyoHowADBQMqDxdAAwUDKg8ZwAMFAyoPGsADBQMqD+dAAwUD
KhAwwAMFAyoQM8ADBQMqEDhAAwUDKhBcAAMFAyoQZAADBQMqEHcAAwUDKhB7AAMF
AyoREgADBQMqERiAAwUDKhFcgAMFAyoRhwADBQMqEYnAAwUDKhGTQAMFAyoRngAD
BQMqEbIAAwUDKhG3QAMFAyoR5YADBQMqEe/AAwUDKhHwQAMFAyoSugADBQMqEtwA
AwUDKhMCAAMFAyoTDMAwDQYJKoZIhvcNAQELBQADggEBADP+TQQx6O/LPCkfJY1k
4YQt27jVZO9n85212Dg7uowzc/0lf74w3S5ZB5AodgsEpMd2uVG2TK2isxV0QH2V
gjkseIWZu+NOdAJSg1YWib64xHBvD6uatEh8kzqPqPcG9EkdOLG3YCsopSuoQNfO
+BZDc5BR00nMKDchLFT1LbnuTuaEAdf8rdenl/qt4RXSO8RhzAhHbS6sPyc82A9c
j+Y2y2CwH94TGmeFQmrcaQFoU7qQQFc1ZOlWseeecaySr8IaY9qYqG87Wu1df/4C
ZLFL5r/8C6t+3oh4/xNg/idxuTwknc0m/Cr4G+U5JnOlhCZyHzp9+Vac/gcC/nlj
d6s=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:28 2024 by rpki-client on console-ams.rpki-client.org