Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/z0rnvphHXQoK5zZtIHoqlKGqiwc.roa
File: z0rnvphHXQoK5zZtIHoqlKGqiwc.roa (raw, json)
Hash identifier: xEV8zAx+BcJgBMoz6+jM612AM4EUjmiPii0hXJszhIA=
Subject key identifier: CF:4A:E7:BE:98:47:5D:0A:0A:E7:36:6D:20:7A:2A:94:A1:AA:8B:07
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01934ED114DAE1C56E297AEBE3ED93D03459
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/z0rnvphHXQoK5zZtIHoqlKGqiwc.roa
Signing time: Thu 21 Nov 2024 13:02:25 +0000
ROA not before: Thu 21 Nov 2024 13:02:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a07:7880::/29 maxlen: 29
2a0d:8f80::/29 maxlen: 29
2a0e:f500::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:d1:14:da:e1:c5:6e:29:7a:eb:e3:ed:93:d0:34:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 21 13:02:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf4ae7be98475d0a0ae7366d207a2a94a1aa8b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:20:a5:4b:9d:2d:a7:72:23:31:ad:c6:6c:
e6:d6:76:24:92:90:dd:7f:6c:aa:70:d0:92:24:db:
a2:69:98:26:ac:ba:72:c8:36:32:47:63:6b:3c:34:
9b:31:26:fe:c9:7e:e8:42:1c:e2:70:6d:85:db:08:
fb:b7:59:c7:d2:b6:41:af:ea:21:0a:84:b2:fc:0f:
25:95:6f:54:a7:81:e7:57:d2:4a:e4:a7:4b:02:c9:
5a:79:96:28:aa:fc:29:bc:92:ed:7b:59:8b:49:85:
c4:2f:9f:d0:c1:53:24:e5:10:6c:93:de:65:5a:75:
bd:8c:1a:3b:a1:7b:8d:36:36:42:e3:41:43:7c:ad:
87:df:8e:f9:42:ba:be:4c:98:98:8d:34:9f:25:26:
3c:73:12:60:22:38:d1:72:cd:e3:7e:ba:b4:34:7b:
4c:93:36:23:5e:a9:0d:88:fb:1f:f8:6c:de:2b:52:
f0:ad:e1:a5:fc:57:81:1b:6d:31:60:76:f2:a6:32:
35:1d:93:de:96:32:ca:32:31:cb:d7:bb:fa:ac:99:
50:e3:4f:c1:a2:dc:10:de:1d:dc:09:36:e6:a7:2d:
21:ae:a1:7d:f0:73:15:59:8e:34:2b:be:bf:0e:36:
46:2b:7d:6b:5c:74:65:7e:d2:7e:af:21:ee:b7:5e:
ee:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:E7:BE:98:47:5D:0A:0A:E7:36:6D:20:7A:2A:94:A1:AA:8B:07
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/z0rnvphHXQoK5zZtIHoqlKGqiwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:7880::/29
2a0d:8f80::/29
2a0e:f500::/29
2a10:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:58:da:6a:6a:d7:06:b1:57:d8:f5:d8:91:db:1d:e3:af:a8:
b2:93:a4:ac:b8:1c:a6:46:ab:6f:37:56:7a:b5:52:df:09:27:
33:7a:f9:e3:ec:80:e1:30:93:8f:87:43:94:5d:0f:68:5a:aa:
80:ab:bb:2f:26:3d:ed:cb:e9:b1:e0:52:92:58:fb:83:56:93:
c4:9f:32:b7:fc:01:af:c2:da:55:70:7e:e8:c7:52:b4:5a:8c:
5e:4a:0a:3a:1b:d7:0c:35:61:82:ad:c5:b2:95:d0:04:8f:71:
6c:5f:a0:3f:09:ef:7e:08:97:6b:00:67:4a:d8:87:ea:b6:fb:
98:5a:85:20:fa:6d:f3:c3:ad:9d:e9:59:c2:64:4e:50:27:f2:
29:26:a8:be:0b:1c:9d:da:26:ad:e0:d0:b0:ac:13:1f:b7:c8:
7e:5d:19:13:c9:d7:13:9e:98:e2:64:c9:d8:c3:38:1f:19:5b:
35:1a:1f:d3:2a:76:b2:10:7a:1b:a5:91:ed:a8:75:06:25:4d:
bb:92:33:06:58:0e:0f:16:52:67:62:4f:ab:79:e3:f9:d9:0d:
bd:ad:a5:82:66:f5:0a:26:db:20:01:de:86:1c:e1:ca:87:09:
0b:fa:a9:7e:f1:7e:ff:a7:7f:8a:ac:a0:46:81:93:c8:f9:76:
39:22:c1:1d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZNO0RTa4cVuKXrr4+2T0DRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTIxMTMwMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRhZTdiZTk4NDc1ZDBhMGFlNzM2NmQyMDdhMmE5NGExYWE4YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRMgpUudLadyIzGtxmzm1nYkkpDd
f2yqcNCSJNuiaZgmrLpyyDYyR2NrPDSbMSb+yX7oQhzicG2F2wj7t1nH0rZBr+oh
CoSy/A8llW9Up4HnV9JK5KdLAslaeZYoqvwpvJLte1mLSYXEL5/QwVMk5RBsk95l
WnW9jBo7oXuNNjZC40FDfK2H3475Qrq+TJiYjTSfJSY8cxJgIjjRcs3jfrq0NHtM
kzYjXqkNiPsf+GzeK1LwreGl/FeBG20xYHbypjI1HZPeljLKMjHL17v6rJlQ40/B
otwQ3h3cCTbmpy0hrqF98HMVWY40K76/DjZGK31rXHRlftJ+ryHut17urwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFM9K576YR10KCuc2bSB6KpShqosHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvejBybnZwaEhYUW9LNXpadElIb3FsS0dxaXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgd4gAMF
AyoNj4ADBQMqDvUAAwUDKhA3wDANBgkqhkiG9w0BAQsFAAOCAQEAQljaamrXBrFX
2PXYkdsd46+ospOkrLgcpkarbzdWerVS3wknM3r54+yA4TCTj4dDlF0PaFqqgKu7
LyY97cvpseBSklj7g1aTxJ8yt/wBr8LaVXB+6MdStFqMXkoKOhvXDDVhgq3FspXQ
BI9xbF+gPwnvfgiXawBnStiH6rb7mFqFIPpt88OtnelZwmROUCfyKSaovgscndom
reDQsKwTH7fIfl0ZE8nXE56Y4mTJ2MM4HxlbNRof0yp2shB6G6WR7ah1BiVNu5Iz
BlgODxZSZ2JPq3nj+dkNva2lgmb1CibbIAHehhzhyocJC/qpfvF+/6d/iqygRoGT
yPl2OSLBHQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:43:25 2024 by rpki-client on console-fra.rpki-client.org