Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/3U67JVDpA8mUTURSr9Algxuc0wo.roa
File: 3U67JVDpA8mUTURSr9Algxuc0wo.roa (raw, json)
Hash identifier: T4bRqefF4AWwXdi5sx0JkcVQWuufmzssf/q775taBhY=
Subject key identifier: DD:4E:BB:25:50:E9:03:C9:94:4D:44:52:AF:D0:25:83:1B:9C:D3:0A
Certificate issuer: /CN=785840e3a0f0474a4acce45ed5fc9cff77858d93
Certificate serial: 018CC6B80F7EF458B7E5B52CF204C00214F9
Authority key identifier: 78:58:40:E3:A0:F0:47:4A:4A:CC:E4:5E:D5:FC:9C:FF:77:85:8D:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFhA46DwR0pKzORe1fyc_3eFjZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/3U67JVDpA8mUTURSr9Algxuc0wo.roa
Signing time: Mon 01 Jan 2024 20:30:00 +0000
ROA not before: Mon 01 Jan 2024 20:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48329
IP address blocks: 2a10:9640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/eFhA46DwR0pKzORe1fyc_3eFjZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/eFhA46DwR0pKzORe1fyc_3eFjZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/eFhA46DwR0pKzORe1fyc_3eFjZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:0f:7e:f4:58:b7:e5:b5:2c:f2:04:c0:02:14:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785840e3a0f0474a4acce45ed5fc9cff77858d93
Validity
Not Before: Jan 1 20:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd4ebb2550e903c9944d4452afd025831b9cd30a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:36:88:e2:a9:22:45:68:ca:10:d9:02:dc:84:
8d:d8:f0:6d:7e:0e:42:e1:4a:cd:33:6b:4e:cf:7d:
f9:56:50:3f:3c:10:73:9c:c5:7b:d5:5d:54:ae:4c:
2f:39:d8:f9:76:6a:8d:79:eb:82:61:71:7d:44:91:
a4:b5:14:b8:4c:48:eb:52:b2:7d:8c:27:b0:61:b6:
77:10:92:19:b3:f2:b9:8d:04:56:1e:08:4f:38:dc:
19:00:fd:17:9a:8a:c4:85:c7:90:75:90:ee:68:82:
86:9c:cf:1d:bb:91:4d:cb:1e:37:e5:9d:d6:3e:76:
80:fa:65:2a:ce:44:16:bb:4a:9b:51:2f:73:94:f8:
1a:82:c8:a2:09:ae:54:83:2a:12:4a:81:3c:7b:68:
aa:dc:5b:19:23:13:8e:12:f5:36:36:74:9b:b9:48:
94:9d:ba:1b:4a:f4:cd:37:e3:39:3f:dc:51:0e:17:
58:97:8b:8f:44:62:c2:9c:9a:48:de:e9:8d:0b:ef:
1d:1d:d4:ec:cd:1f:0e:a6:bd:ca:db:ed:bd:b0:85:
36:63:95:43:ca:bc:4c:fa:0a:af:c6:9d:35:d2:1b:
9f:0c:26:97:e5:1a:e5:14:fc:66:26:17:46:db:b0:
cc:b9:df:de:77:97:8b:7b:fe:ff:85:a4:ca:ae:02:
55:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4E:BB:25:50:E9:03:C9:94:4D:44:52:AF:D0:25:83:1B:9C:D3:0A
X509v3 Authority Key Identifier:
keyid:78:58:40:E3:A0:F0:47:4A:4A:CC:E4:5E:D5:FC:9C:FF:77:85:8D:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFhA46DwR0pKzORe1fyc_3eFjZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/3U67JVDpA8mUTURSr9Algxuc0wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/eFhA46DwR0pKzORe1fyc_3eFjZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9640::/29
Signature Algorithm: sha256WithRSAEncryption
00:67:28:09:26:43:aa:9a:8a:6c:24:14:9e:e3:07:45:f2:42:
27:4f:4e:27:9f:92:eb:0f:5c:38:e9:aa:ca:23:cf:a1:19:fb:
5f:b9:a2:f1:2f:5d:1d:b2:42:ea:f6:10:12:df:03:99:7f:0e:
65:ff:70:0e:16:d8:c0:ad:9f:d9:f1:74:ad:d1:c0:cc:2c:a4:
b7:9b:3c:b2:3f:07:d5:44:c8:bd:d7:49:fc:78:ce:4b:87:08:
03:ba:f5:87:e8:f6:a9:ab:4c:a5:0a:cf:5b:1b:12:2b:de:2e:
3d:1a:5b:06:44:fb:7c:a0:cb:94:e1:f2:26:04:ba:2c:ae:f4:
2a:11:bb:4a:ec:b5:f0:99:9f:fd:83:9c:38:d1:c8:1c:ec:11:
57:f2:87:25:7b:08:32:88:05:41:c9:bf:a9:c0:b1:f2:e9:2e:
88:d3:5b:b2:95:67:c2:b6:ff:c0:1e:1c:30:94:a2:5c:74:08:
e4:37:6f:26:93:52:cc:8c:ea:91:bb:0a:15:a2:00:f8:d6:fc:
6a:c2:af:be:ac:14:5d:af:ca:e4:1f:9a:bd:9b:13:6b:81:4e:
6c:5f:7f:98:ec:c5:68:79:86:48:e0:52:70:e5:ea:41:fb:00:
47:9c:47:38:4c:07:50:fb:37:5d:ee:8f:23:7f:8c:7b:56:1e:
6f:e8:92:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGuA9+9Fi35bUs8gTAAhT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NTg0MGUzYTBmMDQ3NGE0YWNjZTQ1ZWQ1ZmM5Y2ZmNzc4
NThkOTMwHhcNMjQwMTAxMjAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRlYmIyNTUwZTkwM2M5OTQ0ZDQ0NTJhZmQwMjU4MzFiOWNkMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTaI4qkiRWjKENkC3ISN2PBtfg5C
4UrNM2tOz335VlA/PBBznMV71V1UrkwvOdj5dmqNeeuCYXF9RJGktRS4TEjrUrJ9
jCewYbZ3EJIZs/K5jQRWHghPONwZAP0XmorEhceQdZDuaIKGnM8du5FNyx435Z3W
PnaA+mUqzkQWu0qbUS9zlPgagsiiCa5UgyoSSoE8e2iq3FsZIxOOEvU2NnSbuUiU
nbobSvTNN+M5P9xRDhdYl4uPRGLCnJpI3umNC+8dHdTszR8Opr3K2+29sIU2Y5VD
yrxM+gqvxp010hufDCaX5RrlFPxmJhdG27DMud/ed5eLe/7/haTKrgJVOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN1OuyVQ6QPJlE1EUq/QJYMbnNMKMB8GA1UdIwQY
MBaAFHhYQOOg8EdKSszkXtX8nP93hY2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZoQTQ2RHdSMHBLek9SZTFmeWNfM2VGalpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xNDI2NjQtNGMzMy00NDJhLWI0MzIt
ZmFmYjEyYTE2YzMxLzEvM1U2N0pWRHBBOG1VVFVSU3I5QWxneHVjMHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xNDI2NjQtNGMzMy00NDJhLWI0MzItZmFmYjEyYTE2YzMx
LzEvZUZoQTQ2RHdSMHBLek9SZTFmeWNfM2VGalpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhCWQDAN
BgkqhkiG9w0BAQsFAAOCAQEAAGcoCSZDqpqKbCQUnuMHRfJCJ09OJ5+S6w9cOOmq
yiPPoRn7X7mi8S9dHbJC6vYQEt8DmX8OZf9wDhbYwK2f2fF0rdHAzCykt5s8sj8H
1UTIvddJ/HjOS4cIA7r1h+j2qatMpQrPWxsSK94uPRpbBkT7fKDLlOHyJgS6LK70
KhG7Suy18Jmf/YOcONHIHOwRV/KHJXsIMogFQcm/qcCx8ukuiNNbspVnwrb/wB4c
MJSiXHQI5DdvJpNSzIzqkbsKFaIA+Nb8asKvvqwUXa/K5B+avZsTa4FObF9/mOzF
aHmGSOBScOXqQfsAR5xHOEwHUPs3Xe6PI3+Me1Yeb+iSKA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:56:38 2024 by rpki-client on console-ams.rpki-client.org