Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/JIMm9ZORvKE2wdLMUwrjokMNthY.roa
File: JIMm9ZORvKE2wdLMUwrjokMNthY.roa (raw, json)
Hash identifier: YeoytfoU+yWlYewK2iJJfp/6BblqzLBNbHcbXcWBljg=
Subject key identifier: 24:83:26:F5:93:91:BC:A1:36:C1:D2:CC:53:0A:E3:A2:43:0D:B6:16
Certificate issuer: /CN=521a30077223c25c6f37dcf59480778c0b5b1068
Certificate serial: 01914DAA69C254D5BDD313A6CAFB17563742
Authority key identifier: 52:1A:30:07:72:23:C2:5C:6F:37:DC:F5:94:80:77:8C:0B:5B:10:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/JIMm9ZORvKE2wdLMUwrjokMNthY.roa
Signing time: Tue 13 Aug 2024 21:34:59 +0000
ROA not before: Tue 13 Aug 2024 21:34:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0a:4a40:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Sep 2024 01:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:aa:69:c2:54:d5:bd:d3:13:a6:ca:fb:17:56:37:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521a30077223c25c6f37dcf59480778c0b5b1068
Validity
Not Before: Aug 13 21:34:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=248326f59391bca136c1d2cc530ae3a2430db616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:d3:7b:31:21:35:8a:8b:ed:37:70:98:c6:
8f:78:b5:43:6b:0e:03:ef:fb:bf:b8:25:38:e7:b9:
76:2d:6f:f6:39:e1:8d:65:ed:32:39:94:26:b3:aa:
c9:2b:d3:30:da:8a:a2:fb:f9:ff:01:db:78:ba:58:
b5:39:f8:fd:ce:f6:5e:a0:47:f0:10:3f:c5:92:50:
c0:76:e2:e2:07:9c:e8:92:7f:fc:8f:55:36:ed:4a:
0e:1a:55:b9:1c:6d:48:8b:a2:c2:e7:12:90:0c:92:
37:97:5a:d0:d1:cb:73:3f:db:b2:07:2a:1f:8c:eb:
f1:fe:f1:d0:50:86:d5:4a:61:01:3a:77:18:8d:67:
5f:d0:ca:52:e5:9c:f9:2d:64:d3:5e:2b:e7:15:f8:
61:a9:e2:b4:9f:f0:c0:9f:b6:45:af:c4:f9:77:7b:
f5:bf:a9:8d:39:df:c5:63:ca:8f:9d:83:56:60:77:
a7:1c:17:6f:39:be:04:2f:b4:78:46:98:22:6e:dd:
ad:5b:78:b1:e8:ca:b3:fe:1e:48:0e:a4:bd:a8:ea:
e2:42:48:1b:6a:67:a7:22:28:38:ac:71:d2:ff:2f:
3f:e6:fb:4a:c9:32:98:b8:25:b0:cc:81:1e:80:c8:
37:e0:1c:d8:2f:4c:fe:10:81:2c:a6:8d:bd:73:05:
28:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:83:26:F5:93:91:BC:A1:36:C1:D2:CC:53:0A:E3:A2:43:0D:B6:16
X509v3 Authority Key Identifier:
keyid:52:1A:30:07:72:23:C2:5C:6F:37:DC:F5:94:80:77:8C:0B:5B:10:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/JIMm9ZORvKE2wdLMUwrjokMNthY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:4a40:10::/48
Signature Algorithm: sha256WithRSAEncryption
4f:4e:d2:e1:cd:59:9e:af:d7:96:e7:34:6f:ca:08:16:7e:28:
b6:15:0b:29:fc:dc:70:91:d4:ce:7d:ee:5b:1b:6e:40:77:9d:
2a:cb:7e:8b:97:78:75:46:73:0e:a7:f7:d1:aa:9a:43:66:86:
7d:4d:b9:f3:4a:d5:5f:15:ac:ff:99:bd:c5:23:2d:a8:03:6d:
be:d2:ce:41:32:78:ff:b1:67:a6:3e:6c:e2:ab:91:78:39:c6:
f1:db:99:29:54:c0:d3:cb:0e:6c:ed:08:b6:b9:a0:ce:96:97:
cf:74:a2:7b:a4:93:86:c6:58:29:e4:5e:68:54:7a:15:24:f9:
70:c1:49:79:83:69:89:1b:5b:7c:f7:6b:66:0a:a5:9b:0f:13:
c6:fb:ce:3c:68:b2:93:9c:8e:94:86:c4:1c:6c:03:45:c0:35:
32:b8:08:7a:09:a8:32:ae:6c:45:33:54:3d:66:f3:23:fc:f8:
d9:d2:d7:74:a5:92:78:96:63:13:4b:45:f7:35:9b:fc:09:d0:
9b:96:89:53:44:77:8f:b0:19:55:2f:e8:09:e2:13:73:bf:0a:
cb:10:7f:5f:8b:2c:bd:2b:83:9a:e8:5d:e9:0a:09:09:24:0a:
49:94:65:e5:17:84:bd:9f:24:1f:89:a9:68:9d:37:2e:3f:2c:
bf:6d:0b:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZFNqmnCVNW90xOmyvsXVjdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWEzMDA3NzIyM2MyNWM2ZjM3ZGNmNTk0ODA3NzhjMGI1
YjEwNjgwHhcNMjQwODEzMjEzNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDgzMjZmNTkzOTFiY2ExMzZjMWQyY2M1MzBhZTNhMjQzMGRiNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWzTezEhNYqL7TdwmMaPeLVDaw4D
7/u/uCU457l2LW/2OeGNZe0yOZQms6rJK9Mw2oqi+/n/Adt4uli1Ofj9zvZeoEfw
ED/FklDAduLiB5zokn/8j1U27UoOGlW5HG1Ii6LC5xKQDJI3l1rQ0ctzP9uyByof
jOvx/vHQUIbVSmEBOncYjWdf0MpS5Zz5LWTTXivnFfhhqeK0n/DAn7ZFr8T5d3v1
v6mNOd/FY8qPnYNWYHenHBdvOb4EL7R4Rpgibt2tW3ix6Mqz/h5IDqS9qOriQkgb
amenIig4rHHS/y8/5vtKyTKYuCWwzIEegMg34BzYL0z+EIEspo29cwUoWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCSDJvWTkbyhNsHSzFMK46JDDbYWMB8GA1UdIwQY
MBaAFFIaMAdyI8Jcbzfc9ZSAd4wLWxBoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWhvd0IzSWp3bHh2Tjl6MWxJQjNqQXRiRUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82YjExNTEtYjA1YS00YTAyLWE4ODMt
MGY1ZjA5YjJlYjE0LzEvSklNbTlaT1J2S0Uyd2RMTVV3cmpva01OdGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82YjExNTEtYjA1YS00YTAyLWE4ODMtMGY1ZjA5YjJlYjE0
LzEvVWhvd0IzSWp3bHh2Tjl6MWxJQjNqQXRiRUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgpKQAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBPTtLhzVmer9eW5zRvyggWfii2FQsp/NxwkdTO
fe5bG25Ad50qy36Ll3h1RnMOp/fRqppDZoZ9TbnzStVfFaz/mb3FIy2oA22+0s5B
Mnj/sWemPmziq5F4Ocbx25kpVMDTyw5s7Qi2uaDOlpfPdKJ7pJOGxlgp5F5oVHoV
JPlwwUl5g2mJG1t892tmCqWbDxPG+848aLKTnI6UhsQcbANFwDUyuAh6CagyrmxF
M1Q9ZvMj/PjZ0td0pZJ4lmMTS0X3NZv8CdCblolTRHePsBlVL+gJ4hNzvwrLEH9f
iyy9K4Oa6F3pCgkJJApJlGXlF4S9nyQfialonTcuPyy/bQv/
-----END CERTIFICATE-----
Generated at Sat Sep 21 09:07:46 2024 by rpki-client on console-fra.rpki-client.org