Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/Jwm1aDJVaDqgmIXNd8NeSkpbNWc.roa
File: Jwm1aDJVaDqgmIXNd8NeSkpbNWc.roa (raw, json)
Hash identifier: ZedZaWM1LKV5JBtsZOKql3EHlZQrOK/Q4X+Eb+7I+lw=
Subject key identifier: 27:09:B5:68:32:55:68:3A:A0:98:85:CD:77:C3:5E:4A:4A:5B:35:67
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018CC42465C09000FF2E870E0AA28E86FD08
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/Jwm1aDJVaDqgmIXNd8NeSkpbNWc.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202402
IP address blocks: 2a0f:7803:ff90::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:65:c0:90:00:ff:2e:87:0e:0a:a2:8e:86:fd:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2709b5683255683aa09885cd77c35e4a4a5b3567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:1c:62:cc:24:56:36:9f:0a:17:ff:b3:c1:aa:
0f:3f:9b:a3:56:a1:64:c4:98:9f:a1:a9:8f:86:10:
35:0c:a4:8e:6f:87:a4:9e:0b:22:4a:e1:3f:49:09:
c7:ed:83:2e:80:ed:99:da:c9:d7:89:24:4c:73:7a:
59:0a:8e:36:bd:ba:5d:00:23:38:83:bc:9a:1b:bc:
dd:cb:ae:a2:95:39:e3:8c:32:73:de:b9:0a:2a:ed:
50:3b:12:1e:0b:c8:5e:c5:20:22:ec:6b:1d:ae:7f:
98:14:84:bd:70:24:8f:21:01:ad:26:c5:ee:ab:6e:
fa:85:5a:67:fe:7c:c0:cd:2d:47:23:15:2b:c9:93:
6a:65:7a:da:9e:8c:54:26:ca:f7:bf:d1:7c:81:e9:
b7:4c:e1:ce:c2:6f:78:f3:96:7c:18:43:ca:c9:09:
34:c4:83:a8:53:5c:c7:50:b6:4e:bf:c8:29:86:22:
ab:1f:09:58:eb:64:8a:95:8a:75:d4:60:5d:79:d3:
ac:01:10:42:79:b4:ca:48:60:ab:86:c6:52:07:e8:
18:00:22:5f:11:cb:10:bc:e1:a5:6b:26:63:93:30:
b9:70:f2:d6:d3:c2:ff:54:fe:f6:72:9f:54:5f:9c:
5c:d6:0a:34:98:62:90:cd:f4:1b:7e:9a:ff:a5:1f:
0d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:09:B5:68:32:55:68:3A:A0:98:85:CD:77:C3:5E:4A:4A:5B:35:67
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/Jwm1aDJVaDqgmIXNd8NeSkpbNWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:ff90::/44
Signature Algorithm: sha256WithRSAEncryption
7d:04:48:e7:11:88:d0:d9:62:59:03:7e:c6:f4:05:f1:69:cd:
c8:de:67:45:cc:1d:42:46:0b:22:8e:6a:1e:47:43:97:a2:c7:
9d:32:92:d8:de:54:bf:a4:9f:7a:55:5e:ff:31:09:4f:94:f5:
75:17:8b:17:01:52:3c:4b:4c:bb:4b:05:4f:5a:81:df:77:03:
66:26:ff:d6:07:58:a4:00:60:22:d7:62:9b:8c:36:2e:19:96:
ad:14:91:26:23:b8:90:10:8e:2c:d3:5b:00:54:cf:07:24:7c:
ed:aa:92:15:52:db:e9:3d:ba:c5:b0:f3:52:a7:b2:9b:af:45:
0a:5e:5f:99:2a:5d:29:29:65:e5:4a:d9:7b:57:68:9a:30:dd:
a6:5c:58:7b:7e:f3:94:2c:27:23:5d:5b:a5:f6:df:12:7b:23:
b6:91:f2:d0:d4:b1:d5:5c:de:7e:aa:d9:4b:da:dd:01:fd:16:
95:74:cf:b6:c5:e4:fc:b3:ca:8f:f5:30:9b:1b:27:09:11:b1:
99:99:80:29:74:8f:86:a8:aa:ae:c2:09:64:9a:d3:83:e9:d2:
a9:ac:d0:4c:75:7b:51:d3:d4:12:dd:7f:21:7b:ea:7e:ae:3b:
0e:09:ca:e4:af:5a:4c:6f:86:ad:2c:c7:45:3c:73:f6:41:17:
c6:b3:0c:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJGXAkAD/LocOCqKOhv0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzA5YjU2ODMyNTU2ODNhYTA5ODg1Y2Q3N2MzNWU0YTRhNWIzNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8RxizCRWNp8KF/+zwaoPP5ujVqFk
xJifoamPhhA1DKSOb4ekngsiSuE/SQnH7YMugO2Z2snXiSRMc3pZCo42vbpdACM4
g7yaG7zdy66ilTnjjDJz3rkKKu1QOxIeC8hexSAi7Gsdrn+YFIS9cCSPIQGtJsXu
q276hVpn/nzAzS1HIxUryZNqZXranoxUJsr3v9F8gem3TOHOwm9485Z8GEPKyQk0
xIOoU1zHULZOv8gphiKrHwlY62SKlYp11GBdedOsARBCebTKSGCrhsZSB+gYACJf
EcsQvOGlayZjkzC5cPLW08L/VP72cp9UX5xc1go0mGKQzfQbfpr/pR8NQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCcJtWgyVWg6oJiFzXfDXkpKWzVnMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvSndtMWFESlZhRHFnbUlYTmQ4TmVTa3BiTldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQB9BEjnEYjQ2WJZA37G9AXxac3I3mdFzB1CRgsi
jmoeR0OXosedMpLY3lS/pJ96VV7/MQlPlPV1F4sXAVI8S0y7SwVPWoHfdwNmJv/W
B1ikAGAi12KbjDYuGZatFJEmI7iQEI4s01sAVM8HJHztqpIVUtvpPbrFsPNSp7Kb
r0UKXl+ZKl0pKWXlStl7V2iaMN2mXFh7fvOULCcjXVul9t8SeyO2kfLQ1LHVXN5+
qtlL2t0B/RaVdM+2xeT8s8qP9TCbGycJEbGZmYApdI+GqKquwglkmtOD6dKprNBM
dXtR09QS3X8he+p+rjsOCcrkr1pMb4atLMdFPHP2QRfGswz+
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:25:39 2024 by rpki-client on console-fra.rpki-client.org