Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/StLekuwlTRfJKr-Z-2a69VG3bmc.roa
File: StLekuwlTRfJKr-Z-2a69VG3bmc.roa (raw, json)
Hash identifier: XMI/CPRUv+CD9tx07RA91HbGsDw4aoAnKPdkbGVVlvk=
Subject key identifier: 4A:D2:DE:92:EC:25:4D:17:C9:2A:BF:99:FB:66:BA:F5:51:B7:6E:67
Certificate issuer: /CN=96b377644e414101db6dead0eb5821063f588e8c
Certificate serial: 018FCE6133930E0509C69FD0E8A2ACF590E4
Authority key identifier: 96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/StLekuwlTRfJKr-Z-2a69VG3bmc.roa
Signing time: Fri 31 May 2024 11:20:27 +0000
ROA not before: Fri 31 May 2024 11:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48152
IP address blocks: 2a10:3200::/32 maxlen: 48
2a10:3201::/32 maxlen: 48
2a10:3202::/32 maxlen: 48
2a10:3203::/32 maxlen: 48
2a10:3204::/32 maxlen: 48
2a10:3205::/32 maxlen: 48
2a10:3206::/32 maxlen: 48
2a10:3207::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.mft
rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:61:33:93:0e:05:09:c6:9f:d0:e8:a2:ac:f5:90:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96b377644e414101db6dead0eb5821063f588e8c
Validity
Not Before: May 31 11:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ad2de92ec254d17c92abf99fb66baf551b76e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:eb:61:61:ca:d8:e5:17:c7:ca:60:6d:c0:0b:
ed:98:80:03:cb:4e:88:de:ba:54:30:88:05:12:67:
28:d1:48:e3:f3:c3:89:7d:13:1d:3a:9f:c0:17:b6:
57:e9:07:ee:ba:7a:62:f6:ff:74:d6:1f:2a:e6:32:
17:68:ce:94:8e:7e:54:1a:b3:82:2d:f9:1b:52:21:
4b:af:63:56:16:d2:a4:2b:00:dd:03:36:91:44:4c:
98:b9:eb:ac:d7:b4:67:1a:a1:31:7a:27:5b:81:eb:
bb:72:98:47:6a:0d:6e:8f:83:0f:86:11:1a:2c:ab:
7b:5b:9e:5a:db:21:b7:44:d8:6a:88:41:1c:cc:0e:
f5:cd:4f:7d:e2:2f:be:c6:f4:35:db:77:e8:a0:bf:
e0:f4:d2:59:33:f9:c2:5c:23:ca:ad:6c:5d:80:70:
95:41:5f:fe:de:8e:2a:8d:1b:f7:c9:27:7b:12:ba:
66:5b:6d:f2:64:66:dc:59:bd:42:cf:e4:ab:3e:95:
9e:46:54:73:71:71:d6:81:96:d9:84:85:e8:c8:58:
62:d3:1d:0b:7f:bb:20:cc:3c:73:d9:a5:fe:eb:e5:
31:7e:7c:c3:f7:82:ca:3b:83:74:de:d8:7a:07:74:
6d:c9:08:2c:bc:a6:5b:59:22:8b:6f:6b:5c:f1:ab:
25:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D2:DE:92:EC:25:4D:17:C9:2A:BF:99:FB:66:BA:F5:51:B7:6E:67
X509v3 Authority Key Identifier:
keyid:96:B3:77:64:4E:41:41:01:DB:6D:EA:D0:EB:58:21:06:3F:58:8E:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lrN3ZE5BQQHbberQ61ghBj9Yjow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/StLekuwlTRfJKr-Z-2a69VG3bmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/89e4e2-b8ab-4814-93c1-28e6c5ba2eae/1/lrN3ZE5BQQHbberQ61ghBj9Yjow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3200::/29
Signature Algorithm: sha256WithRSAEncryption
32:4e:48:e1:04:14:b6:d9:81:9d:53:ec:32:36:87:27:26:91:
e4:ab:5c:67:97:02:ae:0a:55:5d:0d:fc:03:7f:1a:c9:f7:50:
09:c1:33:b6:84:c3:43:96:71:36:f4:7b:b9:21:29:c3:d0:1a:
24:88:8d:e5:30:66:01:87:26:59:cc:81:ee:7c:73:c6:21:2a:
21:fa:f4:4c:ee:7c:d7:bb:ad:c2:4b:95:35:75:a8:29:c9:bb:
8c:5d:9f:12:4a:79:6d:33:77:6c:3c:57:8a:79:b4:bf:7f:cb:
8f:49:13:56:11:53:81:22:27:d7:88:49:e4:98:9b:b5:0f:bc:
94:e8:7f:44:92:c4:71:84:b7:fd:40:f3:4e:d8:50:59:86:92:
c0:90:77:6e:b1:02:68:f6:31:a8:38:00:94:49:a8:94:9f:e6:
b0:b5:ca:29:af:fb:21:50:9c:75:03:ab:83:76:22:8f:78:73:
13:0d:6d:cc:50:d6:b9:30:e6:79:5f:67:92:36:e5:80:a8:8e:
81:d5:ff:97:91:3a:58:3a:b1:f3:68:29:64:7c:15:85:ef:49:
ee:20:2d:dd:10:86:56:03:f6:59:f0:7f:0f:70:b9:0b:75:11:
ea:e7:c9:b7:ec:37:77:5e:3a:e4:ec:d3:43:3e:6a:7b:00:32:
de:78:33:ce
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY/OYTOTDgUJxp/Q6KKs9ZDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YjM3NzY0NGU0MTQxMDFkYjZkZWFkMGViNTgyMTA2M2Y1
ODhlOGMwHhcNMjQwNTMxMTEyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQyZGU5MmVjMjU0ZDE3YzkyYWJmOTlmYjY2YmFmNTUxYjc2ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqethYcrY5RfHymBtwAvtmIADy06I
3rpUMIgFEmco0Ujj88OJfRMdOp/AF7ZX6Qfuunpi9v901h8q5jIXaM6Ujn5UGrOC
LfkbUiFLr2NWFtKkKwDdAzaRREyYueus17RnGqExeidbgeu7cphHag1uj4MPhhEa
LKt7W55a2yG3RNhqiEEczA71zU994i++xvQ123fooL/g9NJZM/nCXCPKrWxdgHCV
QV/+3o4qjRv3ySd7ErpmW23yZGbcWb1Cz+SrPpWeRlRzcXHWgZbZhIXoyFhi0x0L
f7sgzDxz2aX+6+UxfnzD94LKO4N03th6B3RtyQgsvKZbWSKLb2tc8aslJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFErS3pLsJU0XySq/mftmuvVRt25nMB8GA1UdIwQY
MBaAFJazd2ROQUEB223q0OtYIQY/WI6MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEt
MjhlNmM1YmEyZWFlLzEvU3RMZWt1d2xUUmZKS3ItWi0yYTY5VkczYm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OWU0ZTItYjhhYi00ODE0LTkzYzEtMjhlNmM1YmEyZWFl
LzEvbHJOM1pFNUJRUUhiYmVyUTYxZ2hCajlZam93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAyADAN
BgkqhkiG9w0BAQsFAAOCAQEAMk5I4QQUttmBnVPsMjaHJyaR5KtcZ5cCrgpVXQ38
A38ayfdQCcEztoTDQ5ZxNvR7uSEpw9AaJIiN5TBmAYcmWcyB7nxzxiEqIfr0TO58
17utwkuVNXWoKcm7jF2fEkp5bTN3bDxXinm0v3/Lj0kTVhFTgSIn14hJ5JibtQ+8
lOh/RJLEcYS3/UDzTthQWYaSwJB3brECaPYxqDgAlEmolJ/msLXKKa/7IVCcdQOr
g3Yij3hzEw1tzFDWuTDmeV9nkjblgKiOgdX/l5E6WDqx82gpZHwVhe9J7iAt3RCG
VgP2WfB/D3C5C3UR6ufJt+w3d1465OzTQz5qewAy3ngzzg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:03:19 2024 by rpki-client on console-ams.rpki-client.org