Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/A0BoUEgni-5oAADP8a--bs0sLEs.roa
File: A0BoUEgni-5oAADP8a--bs0sLEs.roa (raw, json)
Hash identifier: wFPKZ1kXou+R7Gf5T1lT3rAXvnFVhtpFfJL/QksJCsw=
Subject key identifier: 03:40:68:50:48:27:8B:EE:68:00:00:CF:F1:AF:BE:6E:CD:2C:2C:4B
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01904A12A6A190E4B5A9C91543BFB956E771
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/A0BoUEgni-5oAADP8a--bs0sLEs.roa
Signing time: Mon 24 Jun 2024 11:47:34 +0000
ROA not before: Mon 24 Jun 2024 11:47:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:645::/32 maxlen: 32
2a11:b680::/32 maxlen: 32
2a11:b681::/32 maxlen: 32
2a11:b683::/32 maxlen: 32
2a11:b684::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4a:12:a6:a1:90:e4:b5:a9:c9:15:43:bf:b9:56:e7:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jun 24 11:47:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0340685048278bee680000cff1afbe6ecd2c2c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e5:31:1b:76:f4:8f:4b:21:84:59:83:4c:db:
0e:29:82:41:ad:81:42:ae:0a:45:52:61:e0:9c:4d:
54:9f:9d:9e:88:39:44:3c:67:b3:4b:9f:fe:40:15:
81:14:18:b1:0e:d0:d0:a3:32:4d:72:e8:1c:7a:f8:
53:de:e5:85:ce:4b:e8:fe:8f:b6:a4:d0:6c:ed:13:
15:b0:06:87:9a:64:a7:27:9c:10:4d:7a:5c:6d:d4:
a7:26:cf:23:04:bb:6e:ff:1f:db:47:05:7d:fc:99:
33:80:1f:ff:e3:7d:d0:1b:9d:59:dc:fd:21:ff:f7:
9d:9a:b7:95:49:2e:5b:9b:7d:88:00:2d:2d:9a:4e:
da:b6:27:ba:a6:53:4b:d7:a8:2b:1a:cb:7d:7e:39:
5f:a1:10:72:6a:94:c5:37:29:75:60:16:2e:18:71:
3d:fd:04:2b:71:8b:a4:59:f7:a1:56:a4:65:9d:87:
8a:e2:00:75:6a:bd:11:33:9d:77:7a:ee:7a:db:bf:
16:e5:cb:8c:1e:98:dc:b3:e7:42:3d:66:57:68:07:
53:13:22:16:eb:37:03:4a:10:c9:26:73:54:fb:d1:
1f:39:7c:6d:64:d7:ef:72:78:7a:b2:6c:85:68:cf:
1b:e9:6a:20:16:50:84:e4:94:7d:2c:ce:61:e9:c3:
2e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:40:68:50:48:27:8B:EE:68:00:00:CF:F1:AF:BE:6E:CD:2C:2C:4B
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/A0BoUEgni-5oAADP8a--bs0sLEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:645::/32
2a11:b680::/31
2a11:b683::-2a11:b684:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:22:db:4c:2e:bc:97:9a:ef:01:b8:6c:cf:29:9a:1d:17:ad:
30:0a:af:b5:82:ac:dd:e5:4b:51:29:bf:c0:7c:c7:e5:d8:7a:
b1:51:38:02:f6:16:13:71:ad:ab:a9:a4:03:f5:e6:14:8b:5b:
e8:cd:7a:33:29:22:66:a9:c3:e2:a7:49:af:3e:13:db:32:ef:
a7:ee:99:ea:85:a8:e1:c7:d7:14:fd:8b:6a:63:85:57:80:f1:
45:cf:35:79:56:bb:85:31:56:58:91:ae:9f:77:8d:ac:d9:f5:
62:54:a3:56:0f:c3:ee:ce:ab:d0:fc:36:d4:6d:c2:f2:f4:9d:
79:aa:86:39:9f:07:bf:67:d8:62:32:51:8c:8c:a2:24:cc:98:
0f:a2:3b:56:f9:cf:8c:5f:41:10:92:c5:83:2e:5a:d4:e8:db:
41:82:39:1b:d5:05:92:84:d3:15:39:ef:fd:a1:a8:de:d8:57:
44:f1:17:da:ee:c8:63:c8:cf:73:3a:bd:33:7b:4a:61:e1:f0:
4a:e3:46:8d:7e:39:ff:7d:1f:95:22:2f:59:ab:49:92:a0:37:
36:7a:06:17:c4:b5:f9:bd:e6:94:6a:43:e2:74:84:3c:7e:de:
72:37:8c:ab:fd:1f:f6:69:2a:5d:94:fd:99:c5:71:01:5f:90:
90:b0:f9:b3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZBKEqahkOS1qckVQ7+5VudxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwNjI0MTE0NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQwNjg1MDQ4Mjc4YmVlNjgwMDAwY2ZmMWFmYmU2ZWNkMmMyYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOUxG3b0j0shhFmDTNsOKYJBrYFC
rgpFUmHgnE1Un52eiDlEPGezS5/+QBWBFBixDtDQozJNcugcevhT3uWFzkvo/o+2
pNBs7RMVsAaHmmSnJ5wQTXpcbdSnJs8jBLtu/x/bRwV9/JkzgB//433QG51Z3P0h
//edmreVSS5bm32IAC0tmk7atie6plNL16grGst9fjlfoRByapTFNyl1YBYuGHE9
/QQrcYukWfehVqRlnYeK4gB1ar0RM513eu56278W5cuMHpjcs+dCPWZXaAdTEyIW
6zcDShDJJnNU+9EfOXxtZNfvcnh6smyFaM8b6WogFlCE5JR9LM5h6cMuxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFANAaFBIJ4vuaAAAz/Gvvm7NLCxLMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvQTBCb1VFZ25pLTVvQUFEUDhhLS1iczBzTEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKhEGRQMF
ASoRtoAwDgMFACoRtoMDBQAqEbaEMA0GCSqGSIb3DQEBCwUAA4IBAQBgIttMLryX
mu8BuGzPKZodF60wCq+1gqzd5UtRKb/AfMfl2HqxUTgC9hYTca2rqaQD9eYUi1vo
zXozKSJmqcPip0mvPhPbMu+n7pnqhajhx9cU/YtqY4VXgPFFzzV5VruFMVZYka6f
d42s2fViVKNWD8PuzqvQ/DbUbcLy9J15qoY5nwe/Z9hiMlGMjKIkzJgPojtW+c+M
X0EQksWDLlrU6NtBgjkb1QWShNMVOe/9oaje2FdE8Rfa7shjyM9zOr0ze0ph4fBK
40aNfjn/fR+VIi9Zq0mSoDc2egYXxLX5veaUakPidIQ8ft5yN4yr/R/2aSpdlP2Z
xXEBX5CQsPmz
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:47 2024 by rpki-client on console-fra.rpki-client.org