Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/9DBhsYTqToRjO4bMEQie1Kjo4MQ.roa
File: 9DBhsYTqToRjO4bMEQie1Kjo4MQ.roa (raw, json)
Hash identifier: KAMD+asDZZo1P/kWQlKn7UnaeySuYEkDIpVc27ZP+GA=
Subject key identifier: F4:30:61:B1:84:EA:4E:84:63:3B:86:CC:11:08:9E:D4:A8:E8:E0:C4
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 0192333D9D3A8AC3C5F5C4541C65B02D4234
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/9DBhsYTqToRjO4bMEQie1Kjo4MQ.roa
Signing time: Fri 27 Sep 2024 11:28:48 +0000
ROA not before: Fri 27 Sep 2024 11:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206938
IP address blocks: 2a03:2107::/48 maxlen: 48
2a03:2107:1::/48 maxlen: 48
2a03:2107:2::/48 maxlen: 48
2a03:2107:3::/48 maxlen: 48
2a03:2107:4::/48 maxlen: 48
2a03:2107:5::/48 maxlen: 48
2a03:2107:6::/48 maxlen: 48
2a03:2107:7::/48 maxlen: 48
2a03:2107:8::/48 maxlen: 48
2a03:2107:9::/48 maxlen: 48
2a03:2107:a::/48 maxlen: 48
2a03:2107:b::/48 maxlen: 48
2a03:2107:c::/48 maxlen: 48
2a03:2107:d::/48 maxlen: 48
2a03:2107:e::/48 maxlen: 48
2a03:2107:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:3d:9d:3a:8a:c3:c5:f5:c4:54:1c:65:b0:2d:42:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Sep 27 11:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f43061b184ea4e84633b86cc11089ed4a8e8e0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:dc:d3:a6:f5:5c:0d:3b:a4:55:f1:c7:96:ce:
9f:2b:0a:e9:a5:92:0e:46:e4:06:5f:5c:31:5b:29:
03:54:dd:17:9f:66:f5:e6:77:81:52:e1:e7:88:ba:
96:3c:25:84:80:50:05:be:20:32:46:7b:54:8b:b3:
a6:f3:16:da:af:b0:62:fa:db:01:da:db:85:6c:b4:
50:0b:ef:d9:5a:98:a8:4d:0f:d2:d1:e8:6d:8c:56:
c0:a9:c2:ae:f7:72:9f:d6:67:11:55:00:e8:e2:08:
24:42:6a:e8:40:93:37:29:fd:72:96:46:62:09:11:
9c:cb:ea:06:3d:6b:b7:60:8e:15:39:78:24:33:52:
69:18:61:ab:c6:17:83:11:26:f6:ea:83:3b:5b:af:
6b:82:b3:e6:71:36:ae:27:64:e6:aa:35:0a:ad:27:
21:1b:73:be:24:f7:30:88:3f:b2:59:b7:20:f1:ae:
f7:a1:97:7c:02:34:f9:ea:dc:cc:86:58:5a:91:de:
f5:30:79:17:ff:36:6e:b6:1a:51:0e:98:95:39:34:
b9:cf:ba:2d:59:5d:97:6f:d8:92:26:3b:6f:69:a0:
44:b2:85:1e:c2:3d:0b:4b:f9:c3:8b:91:3f:55:87:
20:04:b2:29:5e:b5:24:f1:ce:8b:42:73:2e:fe:b8:
31:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:30:61:B1:84:EA:4E:84:63:3B:86:CC:11:08:9E:D4:A8:E8:E0:C4
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/9DBhsYTqToRjO4bMEQie1Kjo4MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2107::/44
Signature Algorithm: sha256WithRSAEncryption
a3:db:c5:ee:13:18:5f:10:66:e7:47:d7:29:82:e9:36:21:13:
81:ad:e7:44:4a:e2:34:10:de:bb:d3:c5:84:fe:f0:01:5c:44:
78:aa:f0:cf:c0:e6:c5:6a:74:e0:2c:8c:60:fd:07:41:b1:e7:
59:9d:d1:c5:cc:93:23:3d:5e:b3:12:55:26:d6:c8:91:01:b5:
a0:88:c5:ea:9c:75:be:29:3b:02:50:30:23:e0:4b:91:ba:57:
d4:d0:33:7e:bd:f4:80:0f:90:2d:1c:05:4d:ce:7b:f6:97:a8:
37:08:c5:05:94:d6:a4:f5:6a:f3:15:7d:ee:5b:6c:04:fd:41:
40:65:6a:4a:15:24:ef:ec:3a:ad:15:b2:8f:61:30:bf:23:b0:
ba:8f:d6:87:8f:ee:72:ed:0c:0a:73:bc:40:e6:00:d7:96:1e:
17:e2:76:72:4f:99:a2:31:71:b7:ef:91:88:e3:cb:59:17:b1:
82:31:22:dc:42:0b:84:60:6e:55:cc:34:30:50:11:94:b9:e4:
44:fa:ae:bd:60:e6:1c:b9:06:30:a8:55:59:56:05:0e:33:4f:
d7:86:63:3c:c4:19:52:08:47:f2:a6:ff:0c:5d:90:27:e8:89:
e5:3f:ef:f4:87:e5:67:58:cc:3d:7f:f5:b2:58:ba:df:dc:42:
1d:b3:8b:79
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZIzPZ06isPF9cRUHGWwLUI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQwOTI3MTEyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDMwNjFiMTg0ZWE0ZTg0NjMzYjg2Y2MxMTA4OWVkNGE4ZThlMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8tzTpvVcDTukVfHHls6fKwrppZIO
RuQGX1wxWykDVN0Xn2b15neBUuHniLqWPCWEgFAFviAyRntUi7Om8xbar7Bi+tsB
2tuFbLRQC+/ZWpioTQ/S0ehtjFbAqcKu93Kf1mcRVQDo4ggkQmroQJM3Kf1ylkZi
CRGcy+oGPWu3YI4VOXgkM1JpGGGrxheDESb26oM7W69rgrPmcTauJ2TmqjUKrSch
G3O+JPcwiD+yWbcg8a73oZd8AjT56tzMhlhakd71MHkX/zZuthpRDpiVOTS5z7ot
WV2Xb9iSJjtvaaBEsoUewj0LS/nDi5E/VYcgBLIpXrUk8c6LQnMu/rgxIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPQwYbGE6k6EYzuGzBEIntSo6ODEMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvOURCaHNZVHFUb1JqTzRiTUVRaWUxS2pvNE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgMhBwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCj28XuExhfEGbnR9cpguk2IROBredESuI0EN67
08WE/vABXER4qvDPwObFanTgLIxg/QdBsedZndHFzJMjPV6zElUm1siRAbWgiMXq
nHW+KTsCUDAj4EuRulfU0DN+vfSAD5AtHAVNznv2l6g3CMUFlNak9WrzFX3uW2wE
/UFAZWpKFSTv7DqtFbKPYTC/I7C6j9aHj+5y7QwKc7xA5gDXlh4X4nZyT5miMXG3
75GI48tZF7GCMSLcQguEYG5VzDQwUBGUueRE+q69YOYcuQYwqFVZVgUOM0/XhmM8
xBlSCEfypv8MXZAn6InlP+/0h+VnWMw9f/WyWLrf3EIds4t5
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:31:18 2024 by rpki-client on console-fra.rpki-client.org