Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/N2UXhZ46EndGIwmZzaojf87_B28.roa
File: N2UXhZ46EndGIwmZzaojf87_B28.roa (raw, json)
Hash identifier: emOL1eJYQXO45FIp17Il7qJ4wDU/wR+qhNapZ1vqgfI=
Subject key identifier: 37:65:17:85:9E:3A:12:77:46:23:09:99:CD:AA:23:7F:CE:FF:07:6F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01932A8AA6D636C7F5FC3E804BE473E5EFE6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/N2UXhZ46EndGIwmZzaojf87_B28.roa
Signing time: Thu 14 Nov 2024 11:59:10 +0000
ROA not before: Thu 14 Nov 2024 11:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:2d40::/29 maxlen: 29
2a0f:35c0::/29 maxlen: 29
2a11:90c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:8a:a6:d6:36:c7:f5:fc:3e:80:4b:e4:73:e5:ef:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 14 11:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=376517859e3a127746230999cdaa237fceff076f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:82:c9:9e:67:af:ef:37:60:71:00:33:58:
a2:43:e2:80:55:3b:72:82:bc:88:08:9f:33:14:c0:
34:e7:38:16:9f:0d:05:45:25:cb:08:cf:48:f8:c2:
12:40:dd:75:63:f2:1c:7d:8f:f2:b4:a4:81:69:79:
4d:a7:01:8e:4b:2d:84:b7:3e:55:56:ae:bd:61:c3:
44:8f:9b:6c:11:03:d4:5b:21:bc:77:e7:b0:42:d3:
cf:3a:b5:55:c9:61:d5:e5:b4:b6:53:fe:c3:5c:2f:
91:b7:35:07:02:54:c9:66:28:f2:28:b5:13:15:d7:
45:07:ba:0c:ed:30:71:c5:13:30:8e:33:2d:47:04:
c4:56:af:12:1f:ac:f8:ab:76:0a:ed:aa:1a:ed:09:
17:b2:7c:d3:04:fc:41:ef:33:91:97:fe:ae:dc:b9:
fd:9e:77:35:d2:06:13:e4:23:10:36:2e:fa:7a:ed:
ac:46:00:6a:8c:b2:3d:6b:cc:50:a7:2e:60:02:d5:
46:67:10:4e:dc:fa:06:9e:35:be:7c:67:85:28:aa:
31:b5:f7:ec:24:2a:99:2f:3b:81:62:69:d6:9f:6f:
47:c9:b7:a8:29:3d:0c:9b:a2:df:f1:7f:41:ad:a1:
62:bc:13:6a:8b:f3:5b:ac:10:45:49:73:cf:5c:9c:
e1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:65:17:85:9E:3A:12:77:46:23:09:99:CD:AA:23:7F:CE:FF:07:6F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/N2UXhZ46EndGIwmZzaojf87_B28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2d40::/29
2a0f:35c0::/29
2a11:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
20:c0:8f:af:be:b5:09:a5:ca:a5:7d:81:b8:ee:ff:21:18:74:
9d:7d:95:12:ca:ff:0c:0e:63:f2:04:17:2f:5e:f9:17:8c:fc:
ae:42:76:cb:e0:fb:fe:9d:3b:b3:62:18:9a:af:12:bb:9c:bb:
06:5d:87:52:c9:c4:bd:2f:ff:6d:04:fb:46:7b:d5:3b:85:9f:
f2:09:f8:88:20:76:60:57:86:04:ce:0c:ef:d7:16:2e:56:e0:
64:12:0d:44:dd:95:d1:7a:dd:60:42:5c:ab:4a:dd:38:e7:8f:
b1:e2:be:04:7f:18:08:c1:76:e6:e7:0d:88:bd:3e:cb:28:25:
c0:5b:dd:7e:6c:99:95:4c:04:e7:10:e1:aa:0b:cb:30:92:d3:
9f:58:66:fb:23:ac:53:33:d3:41:23:8c:1a:d9:02:60:cd:53:
42:05:d1:53:0d:4e:ae:86:20:62:c0:36:b6:61:ad:ab:bb:62:
ea:cc:74:be:dd:81:56:dc:82:01:91:67:ad:de:7e:05:47:ab:
d5:f9:07:91:a3:39:cf:9e:44:d2:16:07:c8:bf:0f:d8:08:77:
c9:37:18:62:e7:b8:f5:30:78:54:ca:ea:a3:d9:52:cd:46:82:
55:52:8b:33:11:48:8b:13:1f:2e:7b:35:d6:89:f6:f3:a0:6b:
1e:02:0c:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMqiqbWNsf1/D6AS+Rz5e/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTE0MTE1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY1MTc4NTllM2ExMjc3NDYyMzA5OTljZGFhMjM3ZmNlZmYwNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHqCyZ5nr+83YHEAM1iiQ+KAVTty
gryICJ8zFMA05zgWnw0FRSXLCM9I+MISQN11Y/IcfY/ytKSBaXlNpwGOSy2Etz5V
Vq69YcNEj5tsEQPUWyG8d+ewQtPPOrVVyWHV5bS2U/7DXC+RtzUHAlTJZijyKLUT
FddFB7oM7TBxxRMwjjMtRwTEVq8SH6z4q3YK7aoa7QkXsnzTBPxB7zORl/6u3Ln9
nnc10gYT5CMQNi76eu2sRgBqjLI9a8xQpy5gAtVGZxBO3PoGnjW+fGeFKKoxtffs
JCqZLzuBYmnWn29HybeoKT0Mm6Lf8X9BraFivBNqi/NbrBBFSXPPXJzhmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDdlF4WeOhJ3RiMJmc2qI3/O/wdvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTjJVWGhaNDZFbmRHSXdtWnphb2pmODdfQjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8tQAMF
AyoPNcADBQMqEZDAMA0GCSqGSIb3DQEBCwUAA4IBAQAgwI+vvrUJpcqlfYG47v8h
GHSdfZUSyv8MDmPyBBcvXvkXjPyuQnbL4Pv+nTuzYhiarxK7nLsGXYdSycS9L/9t
BPtGe9U7hZ/yCfiIIHZgV4YEzgzv1xYuVuBkEg1E3ZXRet1gQlyrSt0454+x4r4E
fxgIwXbm5w2IvT7LKCXAW91+bJmVTATnEOGqC8swktOfWGb7I6xTM9NBI4wa2QJg
zVNCBdFTDU6uhiBiwDa2Ya2ru2LqzHS+3YFW3IIBkWet3n4FR6vV+QeRoznPnkTS
FgfIvw/YCHfJNxhi57j1MHhUyuqj2VLNRoJVUoszEUiLEx8uezXWifbzoGseAgxH
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:45:40 2024 by rpki-client on console-fra.rpki-client.org