Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/sQFx683CxXcR28flVAkjdjE5umQ.roa
File: sQFx683CxXcR28flVAkjdjE5umQ.roa (raw, json)
Hash identifier: 3XN6F/x8ISkS/WzsFnBdacVAQiUEtXBTdwgbPUNPxXA=
Subject key identifier: B1:01:71:EB:CD:C2:C5:77:11:DB:C7:E5:54:09:23:76:31:39:BA:64
Certificate issuer: /CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Certificate serial: 018CCA29F89FE8B76402D196316628BAAF3B
Authority key identifier: 7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/sQFx683CxXcR28flVAkjdjE5umQ.roa
Signing time: Tue 02 Jan 2024 12:33:17 +0000
ROA not before: Tue 02 Jan 2024 12:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200056
IP address blocks: 2a13:79c7:1700::/40 maxlen: 48
2a13:79c7:17a0::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.mft
rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f8:9f:e8:b7:64:02:d1:96:31:66:28:ba:af:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d965ea6b39c22aec2ad2d4d4c0a3a313df1defa
Validity
Not Before: Jan 2 12:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b10171ebcdc2c57711dbc7e5540923763139ba64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:42:c2:66:4d:8b:f6:b3:1d:54:d2:25:b5:98:
64:e3:c8:f0:5c:33:5f:e7:df:a3:81:c2:b3:27:07:
11:9b:39:7e:d3:60:10:6d:8e:2e:53:39:98:5c:ca:
31:8f:d3:5f:fd:51:4f:d3:ff:df:55:f2:d2:a0:6f:
44:34:f3:0a:f8:d2:0e:62:43:9d:07:17:ec:ef:2e:
d4:af:8b:c3:6a:03:1b:a4:1c:a2:52:bb:32:7e:5b:
a9:58:2e:1d:03:5c:84:04:7d:6f:90:69:be:2c:67:
15:8a:93:c0:10:1d:67:d6:28:21:9c:4f:ae:ac:90:
7c:53:dd:22:45:5c:b7:0b:24:a0:46:c8:32:1e:59:
18:96:3a:e2:4f:a9:9a:9e:2d:66:7b:df:0b:45:56:
a1:bc:f7:28:50:35:1a:2a:88:c6:05:ed:76:b0:00:
93:0c:df:9a:6b:8a:5d:42:9d:5b:c4:71:cc:15:96:
32:4e:19:c2:60:ce:da:38:48:91:7a:b1:4d:85:30:
84:c3:8c:b2:5b:f9:a3:b1:28:04:67:15:97:20:82:
e8:f2:75:c0:77:db:53:52:ca:f2:48:f1:26:ca:b4:
ca:d2:7c:34:06:f5:82:c9:54:02:2e:ab:05:f4:66:
50:91:18:49:cb:14:e8:38:ce:e8:97:c9:dd:d1:36:
c1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:01:71:EB:CD:C2:C5:77:11:DB:C7:E5:54:09:23:76:31:39:BA:64
X509v3 Authority Key Identifier:
keyid:7D:96:5E:A6:B3:9C:22:AE:C2:AD:2D:4D:4C:0A:3A:31:3D:F1:DE:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fZZeprOcIq7CrS1NTAo6MT3x3vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/sQFx683CxXcR28flVAkjdjE5umQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dbb22b-2a1a-4762-a0f7-32f5a9507731/1/fZZeprOcIq7CrS1NTAo6MT3x3vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:79c7:1700::/40
Signature Algorithm: sha256WithRSAEncryption
47:11:5b:db:1d:8a:2c:ee:b4:43:83:76:fc:d4:3d:25:0a:38:
d5:61:6e:6a:dd:2b:89:eb:e9:7c:15:23:c3:e2:af:5a:e2:b5:
8e:4b:b2:ad:23:9b:bb:2b:d5:c8:d7:4e:0d:49:96:15:6f:5d:
02:47:d7:35:c8:09:a7:ab:5c:06:a4:1f:63:28:a8:b7:af:dc:
9a:fd:82:1c:0f:32:71:04:f3:5f:57:67:57:64:9a:77:f4:2a:
18:e1:7f:ad:a1:3f:82:25:d7:c1:38:0c:f2:d2:26:f0:95:7f:
a5:f3:ee:93:c1:ee:93:d3:4a:37:43:16:5f:cc:5f:c0:02:4a:
fe:a5:0b:61:39:68:cc:d8:33:73:54:73:51:9e:70:cb:3d:ad:
9b:95:40:38:f7:b1:47:11:a2:74:68:61:ea:7c:3e:e6:d7:49:
ff:5e:13:f9:df:aa:4b:bc:3a:10:86:e7:9f:c0:83:ff:bd:f9:
49:32:e4:a8:e5:a0:fb:60:be:57:48:a8:8a:60:8b:76:44:53:
0c:a8:a1:8f:35:10:4c:ef:ae:aa:1a:76:87:55:9d:ed:77:bf:
cd:1e:51:6b:85:68:b0:f3:ba:f1:ee:d7:ea:79:f9:b3:e2:63:
88:d9:b5:f9:6d:30:ab:e5:78:dd:7d:e9:53:d6:c8:eb:7d:d3:
7b:34:86:53
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzKKfif6LdkAtGWMWYouq87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkOTY1ZWE2YjM5YzIyYWVjMmFkMmQ0ZDRjMGEzYTMxM2Rm
MWRlZmEwHhcNMjQwMTAyMTIzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTAxNzFlYmNkYzJjNTc3MTFkYmM3ZTU1NDA5MjM3NjMxMzliYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjELCZk2L9rMdVNIltZhk48jwXDNf
59+jgcKzJwcRmzl+02AQbY4uUzmYXMoxj9Nf/VFP0//fVfLSoG9ENPMK+NIOYkOd
Bxfs7y7Ur4vDagMbpByiUrsyflupWC4dA1yEBH1vkGm+LGcVipPAEB1n1ighnE+u
rJB8U90iRVy3CySgRsgyHlkYljriT6mani1me98LRVahvPcoUDUaKojGBe12sACT
DN+aa4pdQp1bxHHMFZYyThnCYM7aOEiRerFNhTCEw4yyW/mjsSgEZxWXIILo8nXA
d9tTUsrySPEmyrTK0nw0BvWCyVQCLqsF9GZQkRhJyxToOM7ol8nd0TbBWwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLEBcevNwsV3EdvH5VQJI3YxObpkMB8GA1UdIwQY
MBaAFH2WXqaznCKuwq0tTUwKOjE98d76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjct
MzJmNWE5NTA3NzMxLzEvc1FGeDY4M0N4WGNSMjhmbFZBa2pkakU1dW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kYmIyMmItMmExYS00NzYyLWEwZjctMzJmNWE5NTA3NzMx
LzEvZlpaZXByT2NJcTdDclMxTlRBbzZNVDN4M3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN5xxcw
DQYJKoZIhvcNAQELBQADggEBAEcRW9sdiizutEODdvzUPSUKONVhbmrdK4nr6XwV
I8Pir1ritY5Lsq0jm7sr1cjXTg1JlhVvXQJH1zXICaerXAakH2MoqLev3Jr9ghwP
MnEE819XZ1dkmnf0Khjhf62hP4Il18E4DPLSJvCVf6Xz7pPB7pPTSjdDFl/MX8AC
Sv6lC2E5aMzYM3NUc1GecMs9rZuVQDj3sUcRonRoYep8PubXSf9eE/nfqku8OhCG
55/Ag/+9+Uky5KjloPtgvldIqIpgi3ZEUwyooY81EEzvrqoadodVne13v80eUWuF
aLDzuvHu1+p5+bPiY4jZtfltMKvleN196VPWyOt903s0hlM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:59:43 2024 by rpki-client on console-fra.rpki-client.org