Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/2qE9ZWiu947kTtnHKyzq0BUJ8J4.roa
File: 2qE9ZWiu947kTtnHKyzq0BUJ8J4.roa (raw, json)
Hash identifier: UGMXOvlnnURDD/toBkppvm5R+zhbT9gpadAah0aydeg=
Subject key identifier: DA:A1:3D:65:68:AE:F7:8E:E4:4E:D9:C7:2B:2C:EA:D0:15:09:F0:9E
Certificate issuer: /CN=f9e0257d067ef8b85f620c67220cf977ddde3994
Certificate serial: 018CC26CFE5B00A9632C2978F1F2FD8F9F8D
Authority key identifier: F9:E0:25:7D:06:7E:F8:B8:5F:62:0C:67:22:0C:F9:77:DD:DE:39:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/2qE9ZWiu947kTtnHKyzq0BUJ8J4.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41884
IP address blocks: 195.200.72.0/23 maxlen: 23
2001:67c:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fe:5b:00:a9:63:2c:29:78:f1:f2:fd:8f:9f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9e0257d067ef8b85f620c67220cf977ddde3994
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=daa13d6568aef78ee44ed9c72b2cead01509f09e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dd:f7:97:d7:d0:69:ca:7b:c0:e4:df:6c:c3:
c4:e2:d9:21:7b:da:7a:51:70:1b:47:10:e0:e4:4b:
64:69:b4:30:f0:7c:89:82:0d:e4:2b:45:d7:65:f3:
c8:69:54:27:66:ef:5e:b3:f8:92:22:02:73:83:8c:
16:31:8d:ea:33:0d:24:22:14:e2:1e:ce:fb:fd:ee:
54:91:f4:60:0e:fc:38:e7:9f:6a:a4:d8:d8:d1:ef:
7a:6c:64:1d:e3:0d:e5:8b:ea:c4:b0:a5:8d:7d:01:
d6:66:c6:d5:ba:74:71:a7:4f:5b:0e:b8:9c:84:69:
a0:eb:b9:e0:6d:ef:93:7b:e0:95:97:e3:75:e2:04:
42:aa:16:88:53:1b:05:c6:6b:cd:a6:a2:73:2c:e9:
94:e2:e8:bb:b3:80:cf:c7:f1:ab:f8:90:85:ca:b7:
f8:69:66:27:4d:a4:cb:24:68:9d:48:7f:80:da:99:
ab:09:b2:df:af:f6:ee:3d:6d:e2:48:de:7e:79:75:
3c:f8:11:69:2d:15:2b:7f:2b:59:38:c5:18:2e:5d:
d6:7c:91:0e:bc:ef:ff:0f:5b:e3:44:f1:d0:88:46:
f7:bc:ea:38:9e:72:26:ab:ab:58:b5:39:e6:8a:39:
a4:c7:2c:e0:92:8a:bf:07:62:e8:e9:48:0e:cf:4c:
37:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A1:3D:65:68:AE:F7:8E:E4:4E:D9:C7:2B:2C:EA:D0:15:09:F0:9E
X509v3 Authority Key Identifier:
keyid:F9:E0:25:7D:06:7E:F8:B8:5F:62:0C:67:22:0C:F9:77:DD:DE:39:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/2qE9ZWiu947kTtnHKyzq0BUJ8J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/69194a-45a0-48ef-99bf-8e04887c0abf/1/1-eAlfQZ--LhfYgxnIgz5d93eOZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.72.0/23
IPv6:
2001:67c:1c::/48
Signature Algorithm: sha256WithRSAEncryption
58:74:db:46:17:a8:e8:9e:02:27:fb:3b:fb:82:64:b0:2a:b5:
f7:f1:08:0b:3c:49:12:5d:76:d0:ac:d4:3f:e5:d4:99:73:27:
2a:e5:df:cd:26:0c:0c:cb:80:f1:15:10:03:7f:42:9c:3d:87:
48:7c:49:bf:1f:2f:d8:5a:74:c9:54:a9:69:3f:82:f7:57:bd:
17:fa:b9:da:96:1a:91:e4:47:c5:d8:7d:48:e8:14:c3:85:f4:
35:9e:45:b0:69:2c:4e:a8:e8:39:f5:de:bf:82:b9:29:f5:cb:
e6:15:24:10:14:a8:b2:45:4b:5c:ff:73:88:97:69:ff:4a:03:
05:8c:4f:b9:b5:78:b6:40:f9:fc:42:f0:65:c8:c7:ba:f2:fb:
82:d5:b0:e0:d8:bf:25:ab:be:30:e0:fb:fc:94:d6:95:8c:a1:
a8:33:f3:b1:2a:ba:5c:ac:3f:38:b0:d7:5e:ed:b6:45:10:a5:
03:6e:c3:cb:32:72:e3:a3:ea:ee:3d:6d:00:8f:e7:df:61:32:
dd:08:74:3e:18:d0:1b:2a:82:b9:d7:89:0e:e7:57:10:ea:d0:
e3:f8:57:62:d2:1c:96:f1:96:75:7e:11:e2:39:e6:dc:33:69:
2f:a4:67:bf:94:49:b4:80:7c:1e:c9:74:a9:c9:a6:76:34:29:
3c:cd:cb:bb
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzCbP5bAKljLCl48fL9j5+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZTAyNTdkMDY3ZWY4Yjg1ZjYyMGM2NzIyMGNmOTc3ZGRk
ZTM5OTQwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWExM2Q2NTY4YWVmNzhlZTQ0ZWQ5YzcyYjJjZWFkMDE1MDlmMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN33l9fQacp7wOTfbMPE4tkhe9p6
UXAbRxDg5EtkabQw8HyJgg3kK0XXZfPIaVQnZu9es/iSIgJzg4wWMY3qMw0kIhTi
Hs77/e5UkfRgDvw4559qpNjY0e96bGQd4w3li+rEsKWNfQHWZsbVunRxp09bDric
hGmg67ngbe+Te+CVl+N14gRCqhaIUxsFxmvNpqJzLOmU4ui7s4DPx/Gr+JCFyrf4
aWYnTaTLJGidSH+A2pmrCbLfr/buPW3iSN5+eXU8+BFpLRUrfytZOMUYLl3WfJEO
vO//D1vjRPHQiEb3vOo4nnImq6tYtTnmijmkxyzgkoq/B2Lo6UgOz0w3dwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFNqhPWVorveO5E7Zxyss6tAVCfCeMB8GA1UdIwQY
MBaAFPngJX0Gfvi4X2IMZyIM+Xfd3jmUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1lQWxmUVotLUxoZllneG5JZ3o1ZDkzZU9aUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIvNjkxOTRhLTQ1YTAtNDhlZi05OWJm
LThlMDQ4ODdjMGFiZi8xLzJxRTlaV2l1OTQ3a1R0bkhLeXpxMEJVSjhKNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWIvNjkxOTRhLTQ1YTAtNDhlZi05OWJmLThlMDQ4ODdjMGFi
Zi8xLzEtZUFsZlFaLS1MaGZZZ3huSWd6NWQ5M2VPWlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAHDyEgw
DwQCAAIwCQMHACABBnwAHDANBgkqhkiG9w0BAQsFAAOCAQEAWHTbRheo6J4CJ/s7
+4JksCq19/EICzxJEl120KzUP+XUmXMnKuXfzSYMDMuA8RUQA39CnD2HSHxJvx8v
2Fp0yVSpaT+C91e9F/q52pYakeRHxdh9SOgUw4X0NZ5FsGksTqjoOfXev4K5KfXL
5hUkEBSoskVLXP9ziJdp/0oDBYxPubV4tkD5/ELwZcjHuvL7gtWw4Ni/Jau+MOD7
/JTWlYyhqDPzsSq6XKw/OLDXXu22RRClA27DyzJy46Pq7j1tAI/n32Ey3Qh0PhjQ
GyqCudeJDudXEOrQ4/hXYtIclvGWdX4R4jnm3DNpL6Rnv5RJtIB8Hsl0qcmmdjQp
PM3Luw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:02:20 2024 by rpki-client on console-fra.rpki-client.org