Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/EFqz7lx9I4P_kfwri9FSWNBahXg.roa
File: EFqz7lx9I4P_kfwri9FSWNBahXg.roa (raw, json)
Hash identifier: We3JwkjHovpi6e4tGxCGtco2K9kE2lyKSPcGvk/s6n0=
Subject key identifier: 10:5A:B3:EE:5C:7D:23:83:FF:91:FC:2B:8B:D1:52:58:D0:5A:85:78
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018CE912B7AB49C2E9522AF786285732D249
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/EFqz7lx9I4P_kfwri9FSWNBahXg.roa
Signing time: Mon 08 Jan 2024 12:36:07 +0000
ROA not before: Mon 08 Jan 2024 12:36:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215889
IP address blocks: 2a11:a580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:12:b7:ab:49:c2:e9:52:2a:f7:86:28:57:32:d2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 8 12:36:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=105ab3ee5c7d2383ff91fc2b8bd15258d05a8578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:03:b6:fd:fb:12:a1:ac:b2:99:9f:69:04:ca:
ac:ed:94:c8:5c:21:bf:a7:9a:7d:c9:52:7c:13:ea:
8c:2d:b1:e7:0e:c6:78:f7:bd:f3:0b:5e:af:eb:3c:
55:e1:68:e9:14:1b:0e:40:7a:a7:04:f0:41:67:b9:
79:33:1f:34:3a:fa:c0:6a:a1:47:5a:65:49:11:13:
25:5a:3f:86:46:6d:8a:6f:45:51:e1:e9:24:8f:c0:
1e:6c:06:5c:79:d9:e8:94:52:8b:b2:90:5b:f4:0f:
58:60:40:0c:b7:ef:42:83:5d:00:7c:ff:32:fe:a5:
9d:f2:23:46:2b:16:d4:31:5a:71:d4:84:ec:cd:14:
4e:65:35:05:7c:02:d2:02:69:a4:70:6c:68:51:ce:
29:a8:0d:30:86:ce:d8:06:5b:b0:79:75:28:05:5a:
ff:52:bf:1d:bb:c4:36:5b:0c:b3:36:8e:60:19:ed:
ef:4c:d5:d3:b3:40:58:7f:6f:ad:c7:e6:eb:85:17:
08:19:35:3f:91:95:7c:25:2e:09:fd:c7:44:7d:a3:
9f:af:0e:a4:6d:dc:c4:2a:64:e4:8f:ce:66:47:8b:
4c:5b:7b:67:13:32:65:a1:45:4c:4a:ae:59:03:f6:
d6:e1:a1:51:0b:56:33:45:96:b9:ba:25:f6:81:eb:
f2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:5A:B3:EE:5C:7D:23:83:FF:91:FC:2B:8B:D1:52:58:D0:5A:85:78
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/EFqz7lx9I4P_kfwri9FSWNBahXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:a580::/32
Signature Algorithm: sha256WithRSAEncryption
07:07:3e:58:ea:b4:81:4e:76:f2:2a:e2:22:69:7c:5d:e1:ca:
12:e9:d3:d4:26:b4:57:13:68:18:6f:da:e6:bd:bf:ac:db:ff:
9f:81:d2:b5:71:23:de:9a:48:d7:aa:f8:c6:a4:18:db:87:c3:
50:f3:b9:36:cf:0f:9c:93:3c:c1:fb:53:92:73:41:34:c2:e5:
07:56:90:81:d0:5c:37:10:67:0e:cb:50:40:9c:c5:1e:42:83:
22:44:24:4b:6d:0d:b5:34:c5:fd:60:24:7e:21:88:51:01:35:
3e:1f:03:1d:26:62:77:f3:5e:0b:1f:d4:78:8a:e4:14:ee:13:
59:0a:14:d2:43:5e:20:91:da:5a:93:13:a0:4f:bd:e8:60:83:
f8:99:b0:63:f7:77:6c:16:30:7e:01:6d:f7:02:06:92:6b:c0:
d5:aa:34:59:dd:8b:18:f5:20:d8:40:73:35:d6:aa:3d:2d:d5:
6d:10:19:18:7f:8d:3a:86:44:0b:ae:c8:0d:f8:ac:e2:c0:b0:
6d:f6:57:d5:35:0e:e8:7e:af:03:9b:b8:8c:ca:7b:c7:1d:8c:
23:9e:c4:e7:d8:d1:16:87:92:6e:a7:9a:34:42:6b:3b:f5:52:
9e:29:2c:ad:fa:89:d7:dc:05:a0:1e:80:e4:3e:26:e1:c9:10:
54:4a:03:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzpErerScLpUir3hihXMtJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQwMTA4MTIzNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDVhYjNlZTVjN2QyMzgzZmY5MWZjMmI4YmQxNTI1OGQwNWE4NTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwO2/fsSoayymZ9pBMqs7ZTIXCG/
p5p9yVJ8E+qMLbHnDsZ4973zC16v6zxV4WjpFBsOQHqnBPBBZ7l5Mx80OvrAaqFH
WmVJERMlWj+GRm2Kb0VR4ekkj8AebAZcednolFKLspBb9A9YYEAMt+9Cg10AfP8y
/qWd8iNGKxbUMVpx1ITszRROZTUFfALSAmmkcGxoUc4pqA0whs7YBluweXUoBVr/
Ur8du8Q2WwyzNo5gGe3vTNXTs0BYf2+tx+brhRcIGTU/kZV8JS4J/cdEfaOfrw6k
bdzEKmTkj85mR4tMW3tnEzJloUVMSq5ZA/bW4aFRC1YzRZa5uiX2gevytQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBBas+5cfSOD/5H8K4vRUljQWoV4MB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvRUZxejdseDlJNFBfa2Z3cmk5RlNXTkJhaFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhGlgDAN
BgkqhkiG9w0BAQsFAAOCAQEABwc+WOq0gU528iriIml8XeHKEunT1Ca0VxNoGG/a
5r2/rNv/n4HStXEj3ppI16r4xqQY24fDUPO5Ns8PnJM8wftTknNBNMLlB1aQgdBc
NxBnDstQQJzFHkKDIkQkS20NtTTF/WAkfiGIUQE1Ph8DHSZid/NeCx/UeIrkFO4T
WQoU0kNeIJHaWpMToE+96GCD+JmwY/d3bBYwfgFt9wIGkmvA1ao0Wd2LGPUg2EBz
NdaqPS3VbRAZGH+NOoZEC67IDfis4sCwbfZX1TUO6H6vA5u4jMp7xx2MI57E59jR
FoeSbqeaNEJrO/VSniksrfqJ19wFoB6A5D4m4ckQVEoDsQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:03:18 2024 by rpki-client on console-fra.rpki-client.org