Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/ds9cTVBVtqliS6hfOs23fWRw9pQ.roa
File: ds9cTVBVtqliS6hfOs23fWRw9pQ.roa (raw, json)
Hash identifier: NzEWbK0d2VU/vbzqfTbPLFWTjLBeaEOhUlA5f/1oY+w=
Subject key identifier: 76:CF:5C:4D:50:55:B6:A9:62:4B:A8:5F:3A:CD:B7:7D:64:70:F6:94
Certificate issuer: /CN=0241154462e5adcca9d2bcbd1443fcc637879537
Certificate serial: 0191B6CE5AF6922FDE2A7105F5CEF9C8D418
Authority key identifier: 02:41:15:44:62:E5:AD:CC:A9:D2:BC:BD:14:43:FC:C6:37:87:95:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AkEVRGLlrcyp0ry9FEP8xjeHlTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/ds9cTVBVtqliS6hfOs23fWRw9pQ.roa
Signing time: Tue 03 Sep 2024 07:34:22 +0000
ROA not before: Tue 03 Sep 2024 07:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 2a0d:6300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/AkEVRGLlrcyp0ry9FEP8xjeHlTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/AkEVRGLlrcyp0ry9FEP8xjeHlTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/AkEVRGLlrcyp0ry9FEP8xjeHlTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:ce:5a:f6:92:2f:de:2a:71:05:f5:ce:f9:c8:d4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0241154462e5adcca9d2bcbd1443fcc637879537
Validity
Not Before: Sep 3 07:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76cf5c4d5055b6a9624ba85f3acdb77d6470f694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:d7:a5:92:d3:1c:6f:e1:c1:5b:87:42:fe:
25:d2:e8:f1:32:c5:3d:e9:19:25:5b:c2:16:11:2c:
fb:0b:bb:dd:f0:4b:3e:6c:4f:41:0f:93:21:95:0a:
e5:b1:fb:bc:32:05:3d:0a:66:3c:6a:d4:db:fd:35:
28:36:8d:26:d7:08:40:5a:4c:b8:0f:90:94:b0:ed:
fb:f3:07:1d:b9:b6:aa:0f:50:07:3a:11:dc:2c:ef:
84:3f:ee:2b:e8:d3:2d:bd:54:71:7d:1d:d8:87:6f:
7b:fc:63:b6:cc:0e:49:4e:b9:ee:cb:5b:0d:f7:21:
c1:5e:15:4d:83:72:1b:f2:b3:44:97:52:1d:be:91:
61:d5:cb:cb:dd:c6:2d:ec:9d:67:4d:cd:e7:04:f3:
a5:09:2f:79:e4:35:28:04:e1:8c:0e:e9:3f:c3:92:
90:8e:d0:a5:c1:d7:22:1c:8b:b2:1d:3b:65:ce:84:
f4:cb:81:d0:69:4a:45:ba:1c:4c:b7:58:54:c4:fd:
df:69:c4:df:5d:63:f6:5e:6f:fd:3b:4d:47:b5:d0:
bb:35:46:30:07:b5:ad:0b:7e:8b:ec:cf:b7:c9:ab:
04:5c:d5:fc:98:ce:30:76:a9:5c:13:97:49:13:3b:
8b:78:dc:56:a7:55:1f:1d:96:ef:70:3c:44:9a:84:
2f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CF:5C:4D:50:55:B6:A9:62:4B:A8:5F:3A:CD:B7:7D:64:70:F6:94
X509v3 Authority Key Identifier:
keyid:02:41:15:44:62:E5:AD:CC:A9:D2:BC:BD:14:43:FC:C6:37:87:95:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkEVRGLlrcyp0ry9FEP8xjeHlTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/ds9cTVBVtqliS6hfOs23fWRw9pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/AkEVRGLlrcyp0ry9FEP8xjeHlTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:6300::/29
Signature Algorithm: sha256WithRSAEncryption
08:d5:5f:76:f2:b3:95:57:97:e0:93:6d:e2:96:11:b5:f7:7d:
cc:e5:4f:31:03:85:16:95:e5:a9:27:a4:50:15:95:05:99:69:
bf:f4:ac:aa:09:d6:2e:2a:1e:ca:1f:39:63:71:db:7a:92:90:
6e:b0:43:f6:c8:96:e0:b2:f0:dc:ab:af:2f:ae:15:93:b9:d0:
17:ad:42:8f:93:64:51:8f:38:53:c3:21:1e:c2:28:14:19:41:
70:c9:73:ea:80:20:eb:9c:f8:4c:3e:68:ee:24:0e:80:0c:d3:
dd:88:bc:d6:f7:ca:62:58:92:8b:7d:89:b0:17:67:87:cd:fa:
3d:dd:cf:35:18:0a:80:32:7f:e7:c8:78:81:3a:f2:42:a1:34:
41:4e:42:bc:c6:1e:b1:11:20:ba:df:e4:f9:91:ac:31:f5:08:
74:bc:89:49:f0:68:dc:fd:17:4d:8b:6f:c7:91:b0:66:d8:55:
5f:31:eb:08:d5:0a:53:71:ab:48:ff:d8:96:03:24:c5:da:f4:
b6:9a:26:6d:59:10:70:4f:40:96:bf:d2:7e:3a:65:ec:b9:0b:
a4:8d:55:32:b2:b7:9a:a2:37:80:05:a9:86:bc:f0:60:92:a3:
10:6d:69:e8:ae:2a:30:0a:49:48:61:88:e2:82:ad:5d:dd:1e:
4b:87:48:17
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZG2zlr2ki/eKnEF9c75yNQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDExNTQ0NjJlNWFkY2NhOWQyYmNiZDE0NDNmY2M2Mzc4
Nzk1MzcwHhcNMjQwOTAzMDczNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNmNWM0ZDUwNTViNmE5NjI0YmE4NWYzYWNkYjc3ZDY0NzBmNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK7XpZLTHG/hwVuHQv4l0ujxMsU9
6RklW8IWESz7C7vd8Es+bE9BD5MhlQrlsfu8MgU9CmY8atTb/TUoNo0m1whAWky4
D5CUsO378wcdubaqD1AHOhHcLO+EP+4r6NMtvVRxfR3Yh297/GO2zA5JTrnuy1sN
9yHBXhVNg3Ib8rNEl1IdvpFh1cvL3cYt7J1nTc3nBPOlCS955DUoBOGMDuk/w5KQ
jtClwdciHIuyHTtlzoT0y4HQaUpFuhxMt1hUxP3facTfXWP2Xm/9O01HtdC7NUYw
B7WtC36L7M+3yasEXNX8mM4wdqlcE5dJEzuLeNxWp1UfHZbvcDxEmoQvWwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHbPXE1QVbapYkuoXzrNt31kcPaUMB8GA1UdIwQY
MBaAFAJBFURi5a3MqdK8vRRD/MY3h5U3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtFVlJHTGxyY3lwMHJ5OUZFUDh4amVIbFRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOTc2MWQtNmU1Yy00NTFiLThlOGEt
ZTkyZWU1ZWVkMjI2LzEvZHM5Y1RWQlZ0cWxpUzZoZk9zMjNmV1J3OXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOTc2MWQtNmU1Yy00NTFiLThlOGEtZTkyZWU1ZWVkMjI2
LzEvQWtFVlJHTGxyY3lwMHJ5OUZFUDh4amVIbFRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg1jADAN
BgkqhkiG9w0BAQsFAAOCAQEACNVfdvKzlVeX4JNt4pYRtfd9zOVPMQOFFpXlqSek
UBWVBZlpv/SsqgnWLioeyh85Y3HbepKQbrBD9siW4LLw3KuvL64Vk7nQF61Cj5Nk
UY84U8MhHsIoFBlBcMlz6oAg65z4TD5o7iQOgAzT3Yi81vfKYliSi32JsBdnh836
Pd3PNRgKgDJ/58h4gTryQqE0QU5CvMYesREgut/k+ZGsMfUIdLyJSfBo3P0XTYtv
x5GwZthVXzHrCNUKU3GrSP/YlgMkxdr0tpombVkQcE9Alr/Sfjpl7LkLpI1VMrK3
mqI3gAWphrzwYJKjEG1p6K4qMApJSGGI4oKtXd0eS4dIFw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:39 2024 by rpki-client on console-fra.rpki-client.org