Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/eiQfLMhmN_e3SeEWjwsVCRKKf9w.roa
File: eiQfLMhmN_e3SeEWjwsVCRKKf9w.roa (raw, json)
Hash identifier: 1Jl8XCkofNDKsx/9OzkemLSQKymPpmBBmAyvUwKEsBc=
Subject key identifier: 7A:24:1F:2C:C8:66:37:F7:B7:49:E1:16:8F:0B:15:09:12:8A:7F:DC
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 018CC2DB5942C021FEFD2364E80042CB9A76
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/eiQfLMhmN_e3SeEWjwsVCRKKf9w.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208914
IP address blocks: 2a10:4741:35::/48 maxlen: 48
2a10:4741:32::/48 maxlen: 48
2a10:4741:33::/48 maxlen: 48
2a10:4741:36::/48 maxlen: 48
2a10:4741:37::/48 maxlen: 48
2a10:4741:34::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:59:42:c0:21:fe:fd:23:64:e8:00:42:cb:9a:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a241f2cc86637f7b749e1168f0b1509128a7fdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6a:bd:94:45:78:ce:36:26:67:64:92:c5:49:
2f:d8:af:4a:eb:ee:5b:bf:99:c1:0a:70:01:b0:a4:
7c:e4:5d:e2:d3:bd:5e:15:25:c5:4e:e5:8d:32:85:
98:ec:e3:ba:6a:36:74:b5:8a:19:16:af:8f:de:73:
84:a7:d1:b2:92:ac:f0:8c:fb:03:75:7e:8d:48:27:
92:09:ac:f1:46:9e:68:c5:da:47:e7:1e:79:a2:cf:
1b:20:e2:ca:61:89:2f:d4:f2:98:36:79:57:29:ac:
0b:75:c2:af:79:bc:c5:5a:19:46:0c:af:31:86:fc:
c2:f9:60:b9:e6:66:8e:43:54:e3:1d:cc:75:ce:85:
c9:de:cf:c1:7d:44:27:57:41:15:7e:fc:ee:6e:c7:
ef:d3:1d:95:9e:d4:35:c0:ba:2c:b7:75:2f:1b:35:
c2:2a:cf:c3:a6:a5:ac:94:7b:ab:29:32:50:f6:b8:
b8:64:1d:29:50:cb:c4:7f:f1:1f:97:f9:f4:35:b5:
ae:70:ab:d9:23:5f:e4:45:19:bb:19:65:90:16:86:
71:71:a2:f2:76:de:eb:d9:3b:b6:a5:5e:37:b9:1f:
dc:9f:01:8e:ef:a3:67:2a:de:83:de:f2:05:47:e2:
78:45:2b:97:57:d9:77:df:6f:32:5a:e1:cd:c6:27:
d6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:24:1F:2C:C8:66:37:F7:B7:49:E1:16:8F:0B:15:09:12:8A:7F:DC
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/eiQfLMhmN_e3SeEWjwsVCRKKf9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4741:32::-2a10:4741:37:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
55:09:b4:91:b3:1d:78:39:ad:df:bc:26:cd:99:13:b8:2d:39:
17:9d:79:15:3d:50:05:26:3f:7c:6a:ed:f2:bf:e7:8f:22:3b:
9e:3d:0f:51:21:62:96:76:38:32:a1:c0:e0:e1:93:a0:3c:8e:
46:ab:45:d0:41:e1:29:37:18:75:a1:d0:53:48:6e:bf:5a:a2:
dd:4b:1a:f1:0e:b9:dc:cb:4b:5e:97:00:b0:a5:0f:8a:e4:f2:
bf:82:89:58:cf:bf:6a:a5:cb:9c:92:fe:50:cf:95:9b:0e:ad:
65:d7:eb:fa:3e:b6:38:22:23:fd:b9:11:ae:b6:88:c1:59:36:
69:77:ad:16:1c:39:de:fd:56:43:03:74:a9:9c:7f:3e:75:1c:
dc:7c:8c:55:19:18:9f:71:7d:a7:26:92:85:7d:a0:b8:4a:bc:
60:44:a0:2d:c9:67:91:ac:97:b1:1b:ee:d9:82:06:66:ae:75:
a7:eb:39:ec:70:50:16:2a:df:86:c9:0b:c2:5c:19:c7:a2:35:
5a:42:7f:de:25:75:1b:f1:0a:1c:03:f2:be:cd:cb:c5:0f:84:
28:db:4c:ca:cb:bc:e4:f2:24:92:94:e4:1a:0a:c1:4d:0d:af:
cd:1c:26:13:f3:26:e8:9b:dc:61:15:51:81:cc:37:56:78:0c:
ed:52:28:c4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzC21lCwCH+/SNk6ABCy5p2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTI0MWYyY2M4NjYzN2Y3Yjc0OWUxMTY4ZjBiMTUwOTEyOGE3ZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mq9lEV4zjYmZ2SSxUkv2K9K6+5b
v5nBCnABsKR85F3i071eFSXFTuWNMoWY7OO6ajZ0tYoZFq+P3nOEp9GykqzwjPsD
dX6NSCeSCazxRp5oxdpH5x55os8bIOLKYYkv1PKYNnlXKawLdcKvebzFWhlGDK8x
hvzC+WC55maOQ1TjHcx1zoXJ3s/BfUQnV0EVfvzubsfv0x2VntQ1wLost3UvGzXC
Ks/DpqWslHurKTJQ9ri4ZB0pUMvEf/Efl/n0NbWucKvZI1/kRRm7GWWQFoZxcaLy
dt7r2Tu2pV43uR/cnwGO76NnKt6D3vIFR+J4RSuXV9l3328yWuHNxifWuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHokHyzIZjf3t0nhFo8LFQkSin/cMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvZWlRZkxNaG1OX2UzU2VFV2p3c1ZDUktLZjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqEEdB
ADIDBwMqEEdBADAwDQYJKoZIhvcNAQELBQADggEBAFUJtJGzHXg5rd+8Js2ZE7gt
ORedeRU9UAUmP3xq7fK/548iO549D1EhYpZ2ODKhwODhk6A8jkarRdBB4Sk3GHWh
0FNIbr9aot1LGvEOudzLS16XALClD4rk8r+CiVjPv2qly5yS/lDPlZsOrWXX6/o+
tjgiI/25Ea62iMFZNml3rRYcOd79VkMDdKmcfz51HNx8jFUZGJ9xfacmkoV9oLhK
vGBEoC3JZ5Gsl7Eb7tmCBmaudafrOexwUBYq34bJC8JcGceiNVpCf94ldRvxChwD
8r7Ny8UPhCjbTMrLvOTyJJKU5BoKwU0Nr80cJhPzJuib3GEVUYHMN1Z4DO1SKMQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:44:37 2024 by rpki-client on console-ams.rpki-client.org