Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I-Yn47-1ReWQO4e-Gse1cQtIP-8.roa
File: I-Yn47-1ReWQO4e-Gse1cQtIP-8.roa (raw, json)
Hash identifier: 7JYVPMpymbKtDgmh3m+CGLUkhPBbU1ugdUBzkyWqIKI=
Subject key identifier: 23:E6:27:E3:BF:B5:45:E5:90:3B:87:BE:1A:C7:B5:71:0B:48:3F:EF
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193494EEFB5FEAD13C5E8F2AC0F0FAAD4B0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I-Yn47-1ReWQO4e-Gse1cQtIP-8.roa
Signing time: Wed 20 Nov 2024 11:22:10 +0000
ROA not before: Wed 20 Nov 2024 11:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32613
IP address blocks: 2a0c:9240::/29 maxlen: 29
2a0d:2ac0::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:e8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:40:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:4e:ef:b5:fe:ad:13:c5:e8:f2:ac:0f:0f:aa:d4:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 20 11:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e627e3bfb545e5903b87be1ac7b5710b483fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:63:e5:f8:2d:dd:3c:25:dd:d2:73:ea:6d:71:
d1:04:33:9b:4a:22:45:64:e6:cb:c3:63:9e:ac:be:
be:b7:52:0b:fd:40:ef:b0:5e:7a:7b:c7:b7:0f:d6:
22:b0:cb:58:e2:20:1b:21:b9:6e:1b:87:ef:01:a9:
f3:79:f4:33:ad:c6:ee:c8:08:30:b0:73:bb:fe:ba:
26:b0:43:cc:76:c3:91:db:c8:1c:44:57:9e:12:4b:
3e:fe:d9:42:08:90:b4:d3:77:a8:64:c7:f3:4a:a9:
f8:14:b2:71:be:a3:d6:c9:74:c1:2b:59:1e:52:3d:
3d:f9:ae:36:ed:7c:dc:bc:99:b8:8c:f5:fd:22:f9:
84:23:02:13:63:b3:b6:62:b8:66:89:70:93:e5:49:
bb:06:af:5c:96:87:25:ae:48:78:39:41:9e:2b:b9:
f5:6f:f4:44:9a:45:f2:e1:28:69:86:fe:3f:f9:ff:
1d:bd:8f:a5:a9:13:7c:17:40:82:93:8e:dd:f9:2c:
37:62:0e:74:7d:ef:a0:8f:12:4b:29:6e:a9:a3:dc:
2c:d8:bd:d4:42:e4:fe:19:85:6d:87:5c:8f:9a:1e:
b4:eb:96:bc:9a:68:d8:ff:a0:59:2e:93:bc:fb:35:
19:6f:cc:e2:a9:23:b7:db:69:8d:a4:ad:64:be:01:
9d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E6:27:E3:BF:B5:45:E5:90:3B:87:BE:1A:C7:B5:71:0B:48:3F:EF
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I-Yn47-1ReWQO4e-Gse1cQtIP-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0d:2ac0::/29
2a0e:5800::/29
2a0f:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:7c:15:29:fd:e3:68:5c:78:c6:ac:d5:95:e8:b3:1b:26:18:
cb:94:7a:20:76:21:45:0a:56:85:bb:6b:62:57:71:22:c3:88:
fa:47:2f:ba:62:cb:a6:02:12:c0:7a:73:8d:5c:21:25:bf:dc:
5a:04:a7:69:cd:c7:ce:7d:7c:7a:fc:7b:96:93:c6:76:fb:7f:
16:78:3e:cf:16:82:d6:dc:4a:9e:56:49:ca:35:76:52:62:93:
07:0c:44:69:c5:84:35:3e:14:65:0e:44:eb:0b:93:65:30:e1:
94:35:e7:4d:d7:15:a9:f1:c8:01:6b:4b:d3:f5:03:9c:0f:27:
49:36:66:76:bd:04:3d:c6:55:9b:41:48:12:b2:07:39:48:31:
9a:10:d8:3c:00:77:62:b7:10:08:9a:33:f8:db:1a:66:ad:87:
2c:00:e2:2b:7f:2b:2b:f1:88:4c:f9:5d:a2:d3:9f:06:1f:ce:
57:79:81:9d:2b:00:b3:b0:a3:1f:99:c4:b2:e8:db:a8:dc:7d:
e4:60:8d:fa:63:37:46:f0:39:ce:b2:9f:97:61:e9:97:6d:ac:
e8:9f:e9:a3:4a:ee:91:00:4f:2b:26:e1:57:08:02:0b:84:c9:
fa:ee:b2:0e:19:30:e9:62:05:e3:8d:04:7a:a8:13:e7:21:9f:
6e:83:0a:5f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZNJTu+1/q0TxejyrA8PqtSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTIwMTEyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U2MjdlM2JmYjU0NWU1OTAzYjg3YmUxYWM3YjU3MTBiNDgzZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2Pl+C3dPCXd0nPqbXHRBDObSiJF
ZObLw2OerL6+t1IL/UDvsF56e8e3D9YisMtY4iAbIbluG4fvAanzefQzrcbuyAgw
sHO7/romsEPMdsOR28gcRFeeEks+/tlCCJC003eoZMfzSqn4FLJxvqPWyXTBK1ke
Uj09+a427XzcvJm4jPX9IvmEIwITY7O2YrhmiXCT5Um7Bq9cloclrkh4OUGeK7n1
b/REmkXy4Shphv4/+f8dvY+lqRN8F0CCk47d+Sw3Yg50fe+gjxJLKW6po9ws2L3U
QuT+GYVth1yPmh6065a8mmjY/6BZLpO8+zUZb8ziqSO322mNpK1kvgGdewIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCPmJ+O/tUXlkDuHvhrHtXELSD/vMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSS1ZbjQ3LTFSZVdRTzRlLUdzZTFjUXRJUC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgySQAMF
AyoNKsADBQMqDlgAAwUDKg/owDANBgkqhkiG9w0BAQsFAAOCAQEAjXwVKf3jaFx4
xqzVleizGyYYy5R6IHYhRQpWhbtrYldxIsOI+kcvumLLpgISwHpzjVwhJb/cWgSn
ac3Hzn18evx7lpPGdvt/Fng+zxaC1txKnlZJyjV2UmKTBwxEacWENT4UZQ5E6wuT
ZTDhlDXnTdcVqfHIAWtL0/UDnA8nSTZmdr0EPcZVm0FIErIHOUgxmhDYPAB3YrcQ
CJoz+NsaZq2HLADiK38rK/GITPldotOfBh/OV3mBnSsAs7CjH5nEsujbqNx95GCN
+mM3RvA5zrKfl2Hpl22s6J/po0rukQBPKybhVwgCC4TJ+u6yDhkw6WIF440EeqgT
5yGfboMKXw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:29:13 2024 by rpki-client on console-fra.rpki-client.org