Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZOMD4yA2nDfseM5_d0IpCb95Pyk.roa
File: ZOMD4yA2nDfseM5_d0IpCb95Pyk.roa (raw, json)
Hash identifier: zGa5prxCUOQKxuhB5MFgpV88KNayWXjsg/LC+Q3wRos=
Subject key identifier: 64:E3:03:E3:20:36:9C:37:EC:78:CE:7F:77:42:29:09:BF:79:3F:29
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019301D42969B19EFCD4A6C679AC30A4179D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZOMD4yA2nDfseM5_d0IpCb95Pyk.roa
Signing time: Wed 06 Nov 2024 14:15:01 +0000
ROA not before: Wed 06 Nov 2024 14:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24940
IP address blocks: 2a0f:e7c3:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:d4:29:69:b1:9e:fc:d4:a6:c6:79:ac:30:a4:17:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 6 14:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64e303e320369c37ec78ce7f77422909bf793f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0e:27:cd:b9:18:ee:bf:6b:a0:60:c8:02:8d:
80:22:c2:dc:33:53:17:81:83:99:83:f5:ea:66:53:
18:0e:45:5a:bd:1a:ea:76:29:cf:fb:b4:3f:cd:57:
f6:f6:85:be:dc:72:f5:80:45:20:24:a7:37:a1:e0:
bb:11:04:6e:ea:4b:c0:ab:fb:7b:2f:98:12:9a:0a:
f7:92:19:4b:a6:ed:7d:d3:ba:85:9c:41:aa:f5:da:
7a:7b:92:d4:f1:96:5a:c5:f1:fe:f8:d1:ce:35:b1:
8d:73:e4:4a:7b:fc:bf:52:d7:02:f4:de:87:84:d5:
52:49:71:99:88:c3:94:70:b9:0c:49:58:1a:f2:e6:
5f:5d:8c:99:5e:51:17:77:d4:1e:91:4d:b8:17:fa:
6c:f2:a3:a5:93:aa:04:8a:56:58:32:f8:e8:e7:ad:
06:1f:b9:3b:30:fd:20:ff:3f:03:55:b4:c5:9a:f5:
de:18:49:d9:9c:58:8b:89:de:69:31:9f:35:bd:e9:
aa:c7:ef:38:da:a4:5c:8b:7b:be:72:40:32:5f:1e:
76:a3:f6:eb:e6:b9:83:69:33:c9:44:9b:c0:65:61:
ce:78:2f:93:d6:09:6c:9c:a1:22:02:e8:c0:e6:8a:
ab:91:f7:bf:25:42:a4:f7:5a:56:52:7d:49:ce:b1:
29:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E3:03:E3:20:36:9C:37:EC:78:CE:7F:77:42:29:09:BF:79:3F:29
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZOMD4yA2nDfseM5_d0IpCb95Pyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e7c3:1::/48
Signature Algorithm: sha256WithRSAEncryption
38:a8:f7:2d:7b:af:a9:b3:10:3a:54:8a:02:ce:70:ce:a9:54:
c8:a5:85:3c:0c:b9:90:7b:5b:55:b0:c8:db:57:b2:2a:5c:8f:
4d:8e:da:73:f5:d0:7d:b9:62:b6:4b:34:25:8e:8f:d7:58:eb:
7d:b9:ea:3c:52:8c:16:19:c5:39:48:4c:54:d1:20:b4:63:07:
59:b9:2d:94:24:38:ac:84:be:85:32:d9:e1:20:01:65:8b:d8:
78:cc:a1:b9:5b:e7:f8:29:b0:63:2c:d3:78:7c:c3:d8:16:18:
ee:40:12:33:6e:e3:f1:ed:ea:1c:f2:e5:db:69:64:45:4b:86:
4d:00:7a:90:f3:bf:e3:68:e0:fa:7d:76:93:10:29:0f:49:27:
1e:b2:90:79:4d:21:df:ca:eb:2c:09:37:28:05:05:23:34:37:
4b:50:c4:e2:27:2b:fc:d3:bc:74:3c:6b:6f:8c:a4:8b:7f:43:
a1:be:be:5a:a4:9f:e7:67:d0:ef:61:c7:66:88:34:ab:f5:a0:
b1:3e:2b:74:9f:eb:c8:e1:c2:04:9d:9c:f8:29:13:8b:36:de:
40:b9:03:49:41:67:94:54:16:4b:3a:d2:8d:21:ae:6c:3d:cc:
4f:ee:4c:b9:ec:8d:02:fa:69:af:b3:22:bb:b6:53:7f:be:6a:
2a:bf:fd:9d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZMB1ClpsZ781KbGeawwpBedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTA2MTQxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGUzMDNlMzIwMzY5YzM3ZWM3OGNlN2Y3NzQyMjkwOWJmNzkzZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA4nzbkY7r9roGDIAo2AIsLcM1MX
gYOZg/XqZlMYDkVavRrqdinP+7Q/zVf29oW+3HL1gEUgJKc3oeC7EQRu6kvAq/t7
L5gSmgr3khlLpu1907qFnEGq9dp6e5LU8ZZaxfH++NHONbGNc+RKe/y/UtcC9N6H
hNVSSXGZiMOUcLkMSVga8uZfXYyZXlEXd9QekU24F/ps8qOlk6oEilZYMvjo560G
H7k7MP0g/z8DVbTFmvXeGEnZnFiLid5pMZ81vemqx+842qRci3u+ckAyXx52o/br
5rmDaTPJRJvAZWHOeC+T1glsnKEiAujA5oqrkfe/JUKk91pWUn1JzrEpSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGTjA+MgNpw37HjOf3dCKQm/eT8pMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWk9NRDR5QTJuRGZzZU01X2QwSXBDYjk1UHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/nwwAB
MA0GCSqGSIb3DQEBCwUAA4IBAQA4qPcte6+psxA6VIoCznDOqVTIpYU8DLmQe1tV
sMjbV7IqXI9Njtpz9dB9uWK2SzQljo/XWOt9ueo8UowWGcU5SExU0SC0YwdZuS2U
JDishL6FMtnhIAFli9h4zKG5W+f4KbBjLNN4fMPYFhjuQBIzbuPx7eoc8uXbaWRF
S4ZNAHqQ87/jaOD6fXaTECkPSScespB5TSHfyussCTcoBQUjNDdLUMTiJyv807x0
PGtvjKSLf0Ohvr5apJ/nZ9DvYcdmiDSr9aCxPit0n+vI4cIEnZz4KROLNt5AuQNJ
QWeUVBZLOtKNIa5sPcxP7ky57I0C+mmvsyK7tlN/vmoqv/2d
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:32 2024 by rpki-client on console-ams.rpki-client.org