Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/nlxS1WBkpSqVdrVHB5cIP6cayy8.roa
File: nlxS1WBkpSqVdrVHB5cIP6cayy8.roa (raw, json)
Hash identifier: 4cxhwoFqKmdPmCW1DjAchMD9K2qNaiw5BSM8+7ZyGU8=
Subject key identifier: 9E:5C:52:D5:60:64:A5:2A:95:76:B5:47:07:97:08:3F:A7:1A:CB:2F
Certificate issuer: /CN=4b53f9567f6d6ad89412c0515f74647612dce04a
Certificate serial: 018CF83A5178756A76FED66D8975B0FDB976
Authority key identifier: 4B:53:F9:56:7F:6D:6A:D8:94:12:C0:51:5F:74:64:76:12:DC:E0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/nlxS1WBkpSqVdrVHB5cIP6cayy8.roa
Signing time: Thu 11 Jan 2024 11:13:40 +0000
ROA not before: Thu 11 Jan 2024 11:13:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213320
IP address blocks: 2a13:8a02::/32 maxlen: 36
2a13:8a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:3a:51:78:75:6a:76:fe:d6:6d:89:75:b0:fd:b9:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b53f9567f6d6ad89412c0515f74647612dce04a
Validity
Not Before: Jan 11 11:13:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e5c52d56064a52a9576b5470797083fa71acb2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:10:01:db:de:ff:bd:dc:2f:8e:e8:aa:e1:a9:
73:db:65:e8:c4:39:e7:92:dd:be:49:03:2d:67:3f:
89:b6:7e:45:a5:db:0b:27:e1:f9:76:e3:3e:c6:e0:
e8:0c:99:83:7d:ea:5d:b5:f0:f6:79:64:46:b3:85:
57:a0:82:46:80:3d:c8:26:bf:be:cb:10:dc:18:c7:
75:d7:b2:2f:65:5b:e3:4b:5f:fb:69:65:23:49:5b:
04:b4:f7:be:d7:f7:0f:5c:c9:5f:09:52:c0:f9:f5:
3c:ca:34:89:09:17:e9:02:ca:94:39:ec:03:23:d3:
33:cd:9e:ee:da:ee:b6:19:49:1d:b6:60:1c:ff:3d:
62:1a:59:53:ad:03:0a:08:e7:bd:2c:9d:0d:f4:69:
0f:6b:5c:8e:2a:76:81:80:01:c1:b3:b3:4c:77:34:
ab:36:ce:95:7d:5e:92:4a:fe:6c:af:00:52:f5:96:
ca:c0:4f:28:4b:f9:d8:2b:84:10:b9:85:bc:d9:b4:
b9:ed:00:02:f3:c9:db:94:5f:17:ba:67:9c:dc:b5:
7a:9a:18:9c:b9:9f:2a:25:bf:1e:c4:ed:42:05:7f:
93:33:60:dd:85:85:e8:dc:1a:a7:92:19:4e:3a:cf:
d4:73:b9:0f:f1:51:99:87:6f:d3:48:40:f0:96:e1:
7e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5C:52:D5:60:64:A5:2A:95:76:B5:47:07:97:08:3F:A7:1A:CB:2F
X509v3 Authority Key Identifier:
keyid:4B:53:F9:56:7F:6D:6A:D8:94:12:C0:51:5F:74:64:76:12:DC:E0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/nlxS1WBkpSqVdrVHB5cIP6cayy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
21:77:04:39:5b:69:25:3a:a2:24:c8:96:62:c7:5d:9c:e0:17:
94:ef:0d:7c:f7:ad:85:7b:f5:6d:44:96:d2:b6:70:8e:3d:cb:
3a:c2:21:04:f1:96:22:e9:cb:e2:12:67:0d:fe:14:7b:98:8a:
78:94:d1:d1:4b:84:25:ea:0e:c8:16:8e:9f:6d:12:87:f4:bf:
c6:50:b1:62:56:5a:49:af:77:bd:cd:e1:82:11:c7:d2:8e:34:
e2:a7:ed:3b:5e:eb:cf:5c:e1:01:b1:a3:9f:75:3e:dd:c4:f4:
2b:b4:64:87:02:bd:0b:3e:34:e4:b8:76:a9:f6:5a:a4:85:d3:
ed:3f:aa:f6:bb:16:8f:19:68:2a:fa:2d:3d:5e:39:f6:5d:de:
ca:4f:90:b0:52:a7:28:f1:2b:b5:e3:44:61:e4:57:9b:ce:d2:
87:bb:0c:f7:18:51:75:6a:1e:1e:33:7a:85:a9:0c:d3:f2:cb:
e9:a4:23:e9:b9:dc:36:24:e9:35:10:1d:a6:3a:a5:11:f1:eb:
f5:3c:8c:5e:7e:89:8b:eb:db:6c:f3:62:a8:89:00:7e:e0:cf:
8d:f2:07:b2:07:fd:2b:91:7d:03:5e:df:d1:a8:22:a0:dd:77:
25:76:5c:d2:1b:4c:f0:46:31:94:7f:cb:9c:87:db:f0:18:d9:
4b:0b:73:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYz4OlF4dWp2/tZtiXWw/bl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTNmOTU2N2Y2ZDZhZDg5NDEyYzA1MTVmNzQ2NDc2MTJk
Y2UwNGEwHhcNMjQwMTExMTExMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTVjNTJkNTYwNjRhNTJhOTU3NmI1NDcwNzk3MDgzZmE3MWFjYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxAB297/vdwvjuiq4alz22XoxDnn
kt2+SQMtZz+Jtn5FpdsLJ+H5duM+xuDoDJmDfepdtfD2eWRGs4VXoIJGgD3IJr++
yxDcGMd117IvZVvjS1/7aWUjSVsEtPe+1/cPXMlfCVLA+fU8yjSJCRfpAsqUOewD
I9MzzZ7u2u62GUkdtmAc/z1iGllTrQMKCOe9LJ0N9GkPa1yOKnaBgAHBs7NMdzSr
Ns6VfV6SSv5srwBS9ZbKwE8oS/nYK4QQuYW82bS57QAC88nblF8Xumec3LV6mhic
uZ8qJb8exO1CBX+TM2DdhYXo3BqnkhlOOs/Uc7kP8VGZh2/TSEDwluF+8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ5cUtVgZKUqlXa1RweXCD+nGssvMB8GA1UdIwQY
MBaAFEtT+VZ/bWrYlBLAUV90ZHYS3OBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFQNVZuOXRhdGlVRXNCUlgzUmtkaExjNEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82ZTk4MDQtOGEwNy00MjM4LWI5ZDEt
MWZhNTIyYTA1Nzk1LzEvbmx4UzFXQmtwU3FWZHJWSEI1Y0lQNmNheXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82ZTk4MDQtOGEwNy00MjM4LWI5ZDEtMWZhNTIyYTA1Nzk1
LzEvUzFQNVZuOXRhdGlVRXNCUlgzUmtkaExjNEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOKADAN
BgkqhkiG9w0BAQsFAAOCAQEAIXcEOVtpJTqiJMiWYsddnOAXlO8NfPethXv1bUSW
0rZwjj3LOsIhBPGWIunL4hJnDf4Ue5iKeJTR0UuEJeoOyBaOn20Sh/S/xlCxYlZa
Sa93vc3hghHH0o404qftO17rz1zhAbGjn3U+3cT0K7RkhwK9Cz405Lh2qfZapIXT
7T+q9rsWjxloKvotPV459l3eyk+QsFKnKPErteNEYeRXm87Sh7sM9xhRdWoeHjN6
hakM0/LL6aQj6bncNiTpNRAdpjqlEfHr9TyMXn6Ji+vbbPNiqIkAfuDPjfIHsgf9
K5F9A17f0agioN13JXZc0htM8EYxlH/LnIfb8BjZSwtziw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:38:42 2024 by rpki-client on console-ams.rpki-client.org