Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/3G09IyofbjPhTbyAyhK87B00ESM.roa
File: 3G09IyofbjPhTbyAyhK87B00ESM.roa (raw, json)
Hash identifier: zdYKlIkCPcFDwBolAq096eji0RiSXv2/zRnrOHvAHs0=
Subject key identifier: DC:6D:3D:23:2A:1F:6E:33:E1:4D:BC:80:CA:12:BC:EC:1D:34:11:23
Certificate issuer: /CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Certificate serial: 0190DF962BA8BA9F85E07511EA5F69EC4AEE
Authority key identifier: 1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/3G09IyofbjPhTbyAyhK87B00ESM.roa
Signing time: Tue 23 Jul 2024 12:34:39 +0000
ROA not before: Tue 23 Jul 2024 12:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216054
IP address blocks: 2a14:4f80::/29 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.mft
rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:96:2b:a8:ba:9f:85:e0:75:11:ea:5f:69:ec:4a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fd0875cd0051d0c0925aca041034e7840a6770b
Validity
Not Before: Jul 23 12:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc6d3d232a1f6e33e14dbc80ca12bcec1d341123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:0f:e9:2b:37:02:f0:d9:25:5c:61:68:2f:
0b:64:79:dd:40:91:26:a7:0b:27:3b:00:e7:72:7a:
7b:60:e2:42:f8:62:53:9d:85:ae:fc:19:0a:70:38:
0f:db:53:9e:9f:9d:20:c8:70:b2:08:8f:0e:81:0e:
02:e6:79:41:24:fb:29:17:e3:0e:20:84:62:f7:26:
ae:55:b1:c1:9c:56:98:30:48:55:18:19:4f:c9:11:
25:e5:26:78:5c:80:24:42:27:ce:1c:19:59:aa:c9:
42:f1:a0:45:cd:cb:90:60:00:5c:00:c6:15:a8:be:
1f:e0:70:ae:64:16:65:b8:81:e9:dc:7e:eb:c9:6a:
3e:54:e3:4e:bc:d9:29:d4:a9:63:91:b8:0d:98:66:
be:f7:b4:3e:b8:b6:c8:6b:5c:f8:7d:0c:0c:c0:2e:
61:d2:08:02:16:63:ee:7b:90:75:e7:af:8b:d1:1d:
1d:b6:7b:fe:d7:26:fc:ad:be:04:81:a2:87:92:64:
db:14:12:eb:d8:b2:c6:82:86:61:3a:fb:72:d0:e8:
f0:b2:6d:1b:57:c0:93:a7:0e:ca:6d:ab:f7:bd:7f:
48:9a:51:ea:20:9c:b4:36:10:f1:3b:41:1d:66:92:
96:bf:df:d6:e0:7e:3e:59:61:6b:14:8f:13:8d:8e:
be:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6D:3D:23:2A:1F:6E:33:E1:4D:BC:80:CA:12:BC:EC:1D:34:11:23
X509v3 Authority Key Identifier:
keyid:1F:D0:87:5C:D0:05:1D:0C:09:25:AC:A0:41:03:4E:78:40:A6:77:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H9CHXNAFHQwJJaygQQNOeECmdws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/3G09IyofbjPhTbyAyhK87B00ESM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/221048-3bad-469c-b933-e0802f474444/1/H9CHXNAFHQwJJaygQQNOeECmdws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
88:27:e3:df:f2:0a:5e:65:3c:ed:be:9c:d1:50:35:31:3a:4b:
c6:81:60:e7:ea:89:25:d5:8f:be:4b:4d:27:19:c7:6b:71:5f:
07:4f:e1:2f:c1:99:02:bd:fe:cf:e7:af:2c:fd:d5:7b:25:3d:
75:a0:7c:27:0c:83:ce:8a:24:6a:38:5d:dd:1e:58:7f:a3:10:
43:c7:dd:ed:cf:aa:d7:a3:62:81:7b:62:d6:d4:0f:93:43:bf:
44:0a:9b:0f:eb:22:99:3b:da:3d:3b:43:d1:e5:9e:91:d9:32:
31:bd:aa:33:9f:96:83:01:89:33:ce:e4:e4:73:58:71:4a:8b:
0e:85:0c:0f:30:fa:43:7c:c2:aa:88:b9:e8:5f:92:77:9d:f4:
fa:b4:f2:ac:12:93:9f:10:1c:29:19:87:89:f0:63:4c:9a:d9:
cf:0b:9c:3f:77:71:9a:98:10:57:7b:b6:07:e4:22:f6:25:f0:
20:40:da:b4:94:8f:75:68:f9:a1:75:9d:33:44:ee:ec:ca:e6:
de:15:e2:b4:e5:2c:82:37:8c:d7:50:58:67:bf:2c:8c:16:30:
6d:3c:7f:57:3b:a2:76:d0:58:2a:4b:ce:17:cb:0e:27:a6:ba:
8e:ea:09:a2:d8:b1:79:f0:3f:79:10:5d:77:2c:e9:e3:15:42:
e6:86:e8:9e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZDfliuoup+F4HUR6l9p7EruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZDA4NzVjZDAwNTFkMGMwOTI1YWNhMDQxMDM0ZTc4NDBh
Njc3MGIwHhcNMjQwNzIzMTIzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZkM2QyMzJhMWY2ZTMzZTE0ZGJjODBjYTEyYmNlYzFkMzQxMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT8P6Ss3AvDZJVxhaC8LZHndQJEm
pwsnOwDncnp7YOJC+GJTnYWu/BkKcDgP21Oen50gyHCyCI8OgQ4C5nlBJPspF+MO
IIRi9yauVbHBnFaYMEhVGBlPyREl5SZ4XIAkQifOHBlZqslC8aBFzcuQYABcAMYV
qL4f4HCuZBZluIHp3H7ryWo+VONOvNkp1KljkbgNmGa+97Q+uLbIa1z4fQwMwC5h
0ggCFmPue5B156+L0R0dtnv+1yb8rb4EgaKHkmTbFBLr2LLGgoZhOvty0Ojwsm0b
V8CTpw7Kbav3vX9ImlHqIJy0NhDxO0EdZpKWv9/W4H4+WWFrFI8TjY6+yQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNxtPSMqH24z4U28gMoSvOwdNBEjMB8GA1UdIwQY
MBaAFB/Qh1zQBR0MCSWsoEEDTnhApncLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMt
ZTA4MDJmNDc0NDQ0LzEvM0cwOUl5b2ZialBoVGJ5QXloSzg3QjAwRVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yMjEwNDgtM2JhZC00NjljLWI5MzMtZTA4MDJmNDc0NDQ0
LzEvSDlDSFhOQUZIUXdKSmF5Z1FRTk9lRUNtZHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRPgDAN
BgkqhkiG9w0BAQsFAAOCAQEAiCfj3/IKXmU87b6c0VA1MTpLxoFg5+qJJdWPvktN
JxnHa3FfB0/hL8GZAr3+z+evLP3VeyU9daB8JwyDzookajhd3R5Yf6MQQ8fd7c+q
16NigXti1tQPk0O/RAqbD+simTvaPTtD0eWekdkyMb2qM5+WgwGJM87k5HNYcUqL
DoUMDzD6Q3zCqoi56F+Sd530+rTyrBKTnxAcKRmHifBjTJrZzwucP3dxmpgQV3u2
B+Qi9iXwIEDatJSPdWj5oXWdM0Tu7Mrm3hXitOUsgjeM11BYZ78sjBYwbTx/Vzui
dtBYKkvOF8sOJ6a6juoJotixefA/eRBddyzp4xVC5obong==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:01 2024 by rpki-client on console-fra.rpki-client.org