Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/D9BLhIfmqa8OCufrtdqVPl-5CfY.roa
File: D9BLhIfmqa8OCufrtdqVPl-5CfY.roa (raw, json)
Hash identifier: w8VdN5QFPE2EMzTeRsLzND7s6yg7r9WdHbblQO5pHgo=
Subject key identifier: 0F:D0:4B:84:87:E6:A9:AF:0E:0A:E7:EB:B5:DA:95:3E:5F:B9:09:F6
Certificate issuer: /CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
Certificate serial: 018CC9BBFBE767B40C9C5B1BDA4DFD84C9C9
Authority key identifier: 0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/D9BLhIfmqa8OCufrtdqVPl-5CfY.roa
Signing time: Tue 02 Jan 2024 10:33:09 +0000
ROA not before: Tue 02 Jan 2024 10:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209309
IP address blocks: 2a0d:9843::/32 maxlen: 32
2a0d:9847::/32 maxlen: 32
2a0d:9845::/32 maxlen: 32
2a0d:9841::/32 maxlen: 32
2a0d:9844::/32 maxlen: 32
2a0d:9842::/32 maxlen: 32
2a0d:9840::/32 maxlen: 32
2a0d:9846::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fb:e7:67:b4:0c:9c:5b:1b:da:4d:fd:84:c9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c7161e622f63c0db8568d8cb4c4d7c0d9808346
Validity
Not Before: Jan 2 10:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd04b8487e6a9af0e0ae7ebb5da953e5fb909f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c5:6b:30:b3:90:a2:88:d3:1d:1c:76:da:0f:
d9:ef:a7:93:14:f3:79:dd:e6:86:9a:f7:88:a3:6e:
6f:dc:7b:34:a1:e9:60:4a:e1:93:43:cf:2e:ab:4d:
30:f2:6f:14:c4:6f:21:ce:88:4f:4a:de:6b:73:f4:
f9:15:49:5e:cf:58:33:89:7d:7d:06:86:82:94:c1:
4b:51:87:40:b1:d3:e8:ac:d3:a4:e7:8c:1e:54:f1:
a1:2b:f9:d5:b0:30:d0:78:91:51:f9:28:12:8a:e5:
a0:24:d2:fe:a1:15:af:15:9c:80:6c:21:91:85:e5:
24:8f:b2:69:f4:86:5e:da:e3:6a:6c:e6:e2:ae:52:
75:ce:17:25:b5:b0:9d:da:4b:6f:c5:bf:91:43:33:
7b:51:ad:6e:e7:8f:86:2d:91:a5:69:b3:c3:a3:a4:
f1:66:2c:48:06:36:59:67:bd:3b:a9:95:2c:1e:91:
e9:44:96:34:4c:59:8c:d7:ca:03:03:59:b3:e6:4e:
58:f7:67:25:a3:7f:84:d1:24:a1:01:e6:d6:06:32:
24:fa:68:1d:75:d1:cb:c2:1d:a0:b9:90:66:58:16:
30:2b:fb:55:87:09:88:82:72:ee:92:7e:fd:13:98:
df:7b:ba:e6:6b:10:f4:ae:cc:21:b2:ca:61:b4:88:
c0:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D0:4B:84:87:E6:A9:AF:0E:0A:E7:EB:B5:DA:95:3E:5F:B9:09:F6
X509v3 Authority Key Identifier:
keyid:0C:71:61:E6:22:F6:3C:0D:B8:56:8D:8C:B4:C4:D7:C0:D9:80:83:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/D9BLhIfmqa8OCufrtdqVPl-5CfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01f08c-065e-4ac1-8e80-b15e3f09e01b/1/DHFh5iL2PA24Vo2MtMTXwNmAg0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:9840::/29
Signature Algorithm: sha256WithRSAEncryption
56:ab:9b:b9:94:ea:58:98:4f:4f:dc:ff:cf:8f:b2:92:03:d8:
1a:a2:d1:bb:91:0d:1b:25:3f:82:ac:3d:ca:0d:1f:6a:cc:ea:
2e:9c:ce:75:5d:26:56:4b:5a:bf:b5:cc:31:f0:ef:54:f2:31:
bd:b0:d5:29:34:e0:b3:27:4d:e5:49:93:ae:6a:a1:55:ea:28:
35:af:9d:d1:fd:ca:02:49:c2:55:f5:b5:0e:ff:0c:cb:5c:f3:
3f:bb:b5:b5:ef:cc:a3:ca:15:8e:22:b8:44:30:f2:2d:a2:9a:
46:ca:54:62:6b:9f:3b:0d:46:dc:b5:69:4b:f9:ff:4a:24:9c:
91:ba:51:fa:fe:73:d9:ca:3e:59:ab:d9:84:fd:57:9a:7a:23:
9e:e5:fe:82:ac:69:5a:ce:7d:c2:96:34:e4:95:40:ee:90:3a:
34:eb:6f:47:38:aa:6c:08:06:c7:0e:4a:71:ea:90:7e:0c:ed:
f4:98:30:98:81:e7:c8:d2:c5:5f:db:c4:a6:27:28:f7:f0:a5:
b2:15:f9:1c:77:96:8c:a8:17:2a:65:91:2e:17:5c:be:5b:aa:
cb:a4:03:43:c3:1c:a6:39:a7:f4:29:86:b4:3d:a0:96:9c:d3:
51:e3:00:4a:85:3b:31:ee:fe:af:4d:f4:10:c6:f8:0d:6f:f1:
73:99:2b:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJu/vnZ7QMnFsb2k39hMnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNzE2MWU2MjJmNjNjMGRiODU2OGQ4Y2I0YzRkN2MwZDk4
MDgzNDYwHhcNMjQwMTAyMTAzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQwNGI4NDg3ZTZhOWFmMGUwYWU3ZWJiNWRhOTUzZTVmYjkwOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sVrMLOQoojTHRx22g/Z76eTFPN5
3eaGmveIo25v3Hs0oelgSuGTQ88uq00w8m8UxG8hzohPSt5rc/T5FUlez1gziX19
BoaClMFLUYdAsdPorNOk54weVPGhK/nVsDDQeJFR+SgSiuWgJNL+oRWvFZyAbCGR
heUkj7Jp9IZe2uNqbObirlJ1zhcltbCd2ktvxb+RQzN7Ua1u54+GLZGlabPDo6Tx
ZixIBjZZZ707qZUsHpHpRJY0TFmM18oDA1mz5k5Y92clo3+E0SShAebWBjIk+mgd
ddHLwh2guZBmWBYwK/tVhwmIgnLukn79E5jfe7rmaxD0rswhssphtIjAUwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA/QS4SH5qmvDgrn67XalT5fuQn2MB8GA1UdIwQY
MBaAFAxxYeYi9jwNuFaNjLTE18DZgINGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAt
YjE1ZTNmMDllMDFiLzEvRDlCTGhJZm1xYThPQ3VmcnRkcVZQbC01Q2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMWYwOGMtMDY1ZS00YWMxLThlODAtYjE1ZTNmMDllMDFi
LzEvREhGaDVpTDJQQTI0Vm8yTXRNVFh3Tm1BZzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg2YQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVqubuZTqWJhPT9z/z4+ykgPYGqLRu5ENGyU/gqw9
yg0faszqLpzOdV0mVktav7XMMfDvVPIxvbDVKTTgsydN5UmTrmqhVeooNa+d0f3K
AknCVfW1Dv8My1zzP7u1te/Mo8oVjiK4RDDyLaKaRspUYmufOw1G3LVpS/n/SiSc
kbpR+v5z2co+WavZhP1XmnojnuX+gqxpWs59wpY05JVA7pA6NOtvRziqbAgGxw5K
ceqQfgzt9JgwmIHnyNLFX9vEpico9/ClshX5HHeWjKgXKmWRLhdcvluqy6QDQ8Mc
pjmn9CmGtD2glpzTUeMASoU7Me7+r030EMb4DW/xc5krrQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:44 2024 by rpki-client on console-fra.rpki-client.org