Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aq109EaOfpTpADFFWC17nolTB3U.roa
File: aq109EaOfpTpADFFWC17nolTB3U.roa (raw, json)
Hash identifier: hl4mMy6GZgSqwBS6UTwGgvTtaLfsi8mI9SkfgN5scro=
Subject key identifier: 6A:AD:74:F4:46:8E:7E:94:E9:00:31:45:58:2D:7B:9E:89:53:07:75
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC1F29840C2607F7745AC19143E296
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aq109EaOfpTpADFFWC17nolTB3U.roa
Signing time: Tue 02 Jan 2024 10:33:18 +0000
ROA not before: Tue 02 Jan 2024 10:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7203
IP address blocks: 2a0f:1e84::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:1f:29:84:0c:26:07:f7:74:5a:c1:91:43:e2:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6aad74f4468e7e94e9003145582d7b9e89530775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:a5:78:8b:d0:23:14:aa:2b:68:4e:90:ca:
2d:53:e9:62:23:d7:6f:d7:58:e4:4d:84:62:c8:ee:
d7:74:27:4e:56:89:df:dd:ee:7a:26:38:b7:c7:25:
95:74:eb:22:9c:82:1d:8c:99:3f:3e:d6:a2:5c:67:
ec:ed:4d:57:be:a2:57:42:e1:51:8c:dc:8e:5b:8d:
68:5c:65:64:4d:2b:4e:0d:d3:12:62:fe:03:76:59:
73:63:06:b0:c3:4b:a6:7f:81:89:b0:76:fd:73:a8:
52:22:97:92:c1:a9:8b:01:92:54:ed:bc:3a:be:20:
5a:cb:f6:45:17:70:f0:01:4c:e9:8e:f3:bf:9e:f6:
9a:ac:32:80:84:bb:8b:2b:ca:cf:bd:df:4d:0f:14:
f7:e3:5d:8b:0f:d0:2c:bc:be:e2:6b:3d:c1:a6:fe:
a5:4b:42:6b:c5:ef:2f:0c:36:2c:62:ed:ee:67:c6:
1c:86:82:fc:9c:41:66:5f:57:18:24:4d:5d:41:af:
7a:61:0c:d7:3d:5d:a8:31:33:95:ae:81:09:59:b0:
3e:54:56:b7:b4:4c:52:a9:e1:ad:82:17:73:2d:be:
60:eb:d3:0e:b3:2d:fd:07:49:9d:2f:c0:7f:7c:30:
54:d0:e6:fa:47:b1:28:f9:ea:87:07:44:6e:78:8e:
5f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AD:74:F4:46:8E:7E:94:E9:00:31:45:58:2D:7B:9E:89:53:07:75
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aq109EaOfpTpADFFWC17nolTB3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1e84::/32
Signature Algorithm: sha256WithRSAEncryption
07:8a:32:03:a5:85:2b:0b:ea:f5:77:fb:c0:bb:7c:8f:d9:73:
14:4f:e6:33:b4:1f:a3:46:9c:19:18:f7:6a:8a:98:3a:0e:d3:
c1:40:10:50:ca:5f:f9:73:0e:fc:6f:24:7a:4c:87:d2:18:bf:
9e:dc:07:59:ad:20:56:8c:1c:55:bb:0b:cf:c6:f4:5f:52:a2:
bf:67:13:48:b0:24:b8:83:4f:13:62:d4:91:40:95:4c:3d:07:
47:50:19:e1:cf:51:f3:bf:a1:80:62:c8:10:e7:48:79:a5:8a:
bb:92:d2:dc:d7:c1:56:26:da:42:21:26:19:7a:7c:ae:cd:52:
cf:a5:c4:11:f8:af:d1:03:95:aa:80:c2:03:4e:93:96:5a:fb:
24:cb:7c:e4:59:47:a1:47:27:37:23:50:14:df:13:1c:1d:63:
3e:4a:0d:66:6c:e2:8e:f9:7c:46:8b:48:2a:83:45:45:ca:0b:
a8:c4:41:a1:42:07:89:57:94:21:71:6b:62:7a:3c:47:32:a1:
5c:0e:c2:ca:16:3a:52:1b:d1:0a:9e:b1:a0:ac:5a:e2:5e:f3:
7c:19:25:48:5b:7a:9e:c9:3e:39:d6:fd:6b:54:f5:09:e3:04:
0f:19:2b:32:70:85:3e:fa:0a:ca:f0:bd:e9:33:3d:a4:ba:9a:
11:fe:c3:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJvB8phAwmB/d0WsGRQ+KWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWFkNzRmNDQ2OGU3ZTk0ZTkwMDMxNDU1ODJkN2I5ZTg5NTMwNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjyleIvQIxSqK2hOkMotU+liI9dv
11jkTYRiyO7XdCdOVonf3e56Jji3xyWVdOsinIIdjJk/PtaiXGfs7U1XvqJXQuFR
jNyOW41oXGVkTStODdMSYv4DdllzYwaww0umf4GJsHb9c6hSIpeSwamLAZJU7bw6
viBay/ZFF3DwAUzpjvO/nvaarDKAhLuLK8rPvd9NDxT3412LD9AsvL7iaz3Bpv6l
S0Jrxe8vDDYsYu3uZ8YchoL8nEFmX1cYJE1dQa96YQzXPV2oMTOVroEJWbA+VFa3
tExSqeGtghdzLb5g69MOsy39B0mdL8B/fDBU0Ob6R7Eo+eqHB0RueI5fQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGqtdPRGjn6U6QAxRVgte56JUwd1MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYXExMDlFYU9mcFRwQURGRldDMTdub2xUQjNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg8ehDAN
BgkqhkiG9w0BAQsFAAOCAQEAB4oyA6WFKwvq9Xf7wLt8j9lzFE/mM7Qfo0acGRj3
aoqYOg7TwUAQUMpf+XMO/G8kekyH0hi/ntwHWa0gVowcVbsLz8b0X1Kiv2cTSLAk
uINPE2LUkUCVTD0HR1AZ4c9R87+hgGLIEOdIeaWKu5LS3NfBVibaQiEmGXp8rs1S
z6XEEfiv0QOVqoDCA06Tllr7JMt85FlHoUcnNyNQFN8THB1jPkoNZmzijvl8RotI
KoNFRcoLqMRBoUIHiVeUIXFrYno8RzKhXA7CyhY6UhvRCp6xoKxa4l7zfBklSFt6
nsk+Odb9a1T1CeMEDxkrMnCFPvoKyvC96TM9pLqaEf7DMQ==
-----END CERTIFICATE-----
Generated at Sun Jun 2 08:37:54 2024 by rpki-client on console-fra.rpki-client.org