Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/QmCluwkR9G_AmbVSKJsDRob_DjE.roa
File: QmCluwkR9G_AmbVSKJsDRob_DjE.roa (raw, json)
Hash identifier: Gy65977yjWg8eHxClJ7ZVQsxAuJnT0pq26eHWnT5/5Y=
Subject key identifier: 42:60:A5:BB:09:11:F4:6F:C0:99:B5:52:28:9B:03:46:86:FF:0E:31
Certificate issuer: /CN=e099ee07822ef2ace9c356f7b42caeaff25c9692
Certificate serial: 0191BC9E164E2302D3723EACB2823ACF2BDC
Authority key identifier: E0:99:EE:07:82:2E:F2:AC:E9:C3:56:F7:B4:2C:AE:AF:F2:5C:96:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JnuB4Iu8qzpw1b3tCyur_JclpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/QmCluwkR9G_AmbVSKJsDRob_DjE.roa
Signing time: Wed 04 Sep 2024 10:39:22 +0000
ROA not before: Wed 04 Sep 2024 10:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203226
IP address blocks: 2a14:6980:10::/44 maxlen: 44
2a14:6980:10::/48 maxlen: 48
2a14:6980:11::/48 maxlen: 48
2a14:6980:12::/48 maxlen: 48
2a14:6980:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/4JnuB4Iu8qzpw1b3tCyur_JclpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/4JnuB4Iu8qzpw1b3tCyur_JclpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/4JnuB4Iu8qzpw1b3tCyur_JclpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:9e:16:4e:23:02:d3:72:3e:ac:b2:82:3a:cf:2b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e099ee07822ef2ace9c356f7b42caeaff25c9692
Validity
Not Before: Sep 4 10:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4260a5bb0911f46fc099b552289b034686ff0e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:59:62:c7:86:a2:3a:0e:b0:72:5a:fa:b4:
f5:0a:2e:d7:bb:9c:0a:87:1a:be:06:46:b4:2a:5b:
58:d0:4a:50:66:d5:eb:72:81:c2:57:84:bc:3c:c6:
b1:0a:1d:32:3b:4e:5a:78:1d:ee:d8:1d:52:5c:2c:
49:c1:bb:63:c6:72:b5:74:48:9e:a8:1a:0f:42:f7:
e5:7a:af:34:7d:67:3d:bf:cf:5a:af:87:51:be:47:
15:54:03:c7:f8:81:83:69:cd:86:10:23:a0:b2:d0:
00:17:69:a5:f7:c4:be:57:be:32:a8:e8:00:04:57:
08:31:bc:36:06:50:4e:05:33:c2:87:c9:ec:d4:c3:
70:fa:70:b4:62:8d:b6:77:30:50:2d:cc:ba:cd:2d:
82:4e:ea:9f:74:da:d0:27:9a:f2:a5:7d:d5:83:b8:
f1:75:f3:b1:39:fc:e8:a2:74:aa:34:02:87:74:ee:
90:32:51:6e:ca:c9:e6:cd:40:6b:4e:6f:c2:62:f7:
d2:f0:8b:ad:5e:b3:14:63:54:f4:9e:a2:28:ac:ec:
e6:bf:c2:d5:fb:35:d6:bf:2a:72:6c:23:67:1d:ef:
3b:05:b3:a9:20:56:db:0e:4a:37:89:9e:a5:41:a5:
bc:80:cc:1b:7f:bf:c7:c0:44:7a:87:9e:0d:76:db:
be:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:60:A5:BB:09:11:F4:6F:C0:99:B5:52:28:9B:03:46:86:FF:0E:31
X509v3 Authority Key Identifier:
keyid:E0:99:EE:07:82:2E:F2:AC:E9:C3:56:F7:B4:2C:AE:AF:F2:5C:96:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JnuB4Iu8qzpw1b3tCyur_JclpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/QmCluwkR9G_AmbVSKJsDRob_DjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/9732bb-f590-4194-85be-d069f17602b6/1/4JnuB4Iu8qzpw1b3tCyur_JclpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6980:10::/44
Signature Algorithm: sha256WithRSAEncryption
28:44:94:e3:51:26:4d:51:bd:59:27:fb:54:ff:f4:4e:11:3b:
f5:94:da:48:91:d6:2e:cc:10:8f:be:c3:2a:4b:84:cc:d1:f7:
23:7b:9a:4c:6d:62:d9:6e:b6:73:69:d2:d7:e1:ab:d9:d2:48:
a0:8d:e6:e0:3f:93:09:b3:13:30:b2:10:b5:17:d3:ba:8d:e1:
7c:de:d6:4a:4d:8e:28:c5:3e:6f:cf:cc:a5:9a:73:6f:72:7b:
2f:9b:6c:7d:98:f1:12:05:73:12:95:0b:26:c7:0f:c7:06:13:
41:56:de:64:a6:97:ca:76:ec:97:1e:a7:49:b4:b3:58:a3:dd:
7d:ef:f9:40:e5:2f:6a:bf:9a:c2:e2:a7:bc:c7:29:93:6a:19:
4c:21:9f:85:7e:45:67:60:ec:3f:2b:59:81:21:d6:41:00:14:
c0:6f:cd:40:9c:00:20:ea:dc:35:80:59:09:13:67:a5:62:72:
14:ed:7f:e7:56:7e:98:6c:41:39:a5:17:8f:e3:66:c9:3a:25:
e9:e2:f0:b6:16:dd:1f:1e:92:6e:55:03:1e:88:a0:16:56:bc:
61:19:fc:3b:1c:29:33:49:62:12:c5:38:80:fa:af:2b:c1:61:
2e:ac:1a:39:c0:3c:36:bd:2c:9e:52:54:6c:ae:4f:be:1e:c9:
48:ef:16:b3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZG8nhZOIwLTcj6ssoI6zyvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOTllZTA3ODIyZWYyYWNlOWMzNTZmN2I0MmNhZWFmZjI1
Yzk2OTIwHhcNMjQwOTA0MTAzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjYwYTViYjA5MTFmNDZmYzA5OWI1NTIyODliMDM0Njg2ZmYwZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ9ZYseGojoOsHJa+rT1Ci7Xu5wK
hxq+Bka0KltY0EpQZtXrcoHCV4S8PMaxCh0yO05aeB3u2B1SXCxJwbtjxnK1dEie
qBoPQvfleq80fWc9v89ar4dRvkcVVAPH+IGDac2GECOgstAAF2ml98S+V74yqOgA
BFcIMbw2BlBOBTPCh8ns1MNw+nC0Yo22dzBQLcy6zS2CTuqfdNrQJ5rypX3Vg7jx
dfOxOfzoonSqNAKHdO6QMlFuysnmzUBrTm/CYvfS8IutXrMUY1T0nqIorOzmv8LV
+zXWvypybCNnHe87BbOpIFbbDko3iZ6lQaW8gMwbf7/HwER6h54Ndtu+jwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEJgpbsJEfRvwJm1UiibA0aG/w4xMB8GA1UdIwQY
MBaAFOCZ7geCLvKs6cNW97Qsrq/yXJaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEpudUI0SXU4cXpwdzFiM3RDeXVyX0pjbHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NzMyYmItZjU5MC00MTk0LTg1YmUt
ZDA2OWYxNzYwMmI2LzEvUW1DbHV3a1I5R19BbWJWU0tKc0RSb2JfRGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NzMyYmItZjU5MC00MTk0LTg1YmUtZDA2OWYxNzYwMmI2
LzEvNEpudUI0SXU4cXpwdzFiM3RDeXVyX0pjbHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhRpgAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAoRJTjUSZNUb1ZJ/tU//ROETv1lNpIkdYuzBCP
vsMqS4TM0fcje5pMbWLZbrZzadLX4avZ0kigjebgP5MJsxMwshC1F9O6jeF83tZK
TY4oxT5vz8ylmnNvcnsvm2x9mPESBXMSlQsmxw/HBhNBVt5kppfKduyXHqdJtLNY
o9197/lA5S9qv5rC4qe8xymTahlMIZ+FfkVnYOw/K1mBIdZBABTAb81AnAAg6tw1
gFkJE2elYnIU7X/nVn6YbEE5pReP42bJOiXp4vC2Ft0fHpJuVQMeiKAWVrxhGfw7
HCkzSWISxTiA+q8rwWEurBo5wDw2vSyeUlRsrk++HslI7xaz
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:47 2024 by rpki-client on console-fra.rpki-client.org