Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/T2fD2md61gG1rdGHpX-BBvegdn4.roa
File: T2fD2md61gG1rdGHpX-BBvegdn4.roa (raw, json)
Hash identifier: k6ZP4bbWH3OPU9zPqeZxZWCzMIcgKjm/Sa5O4lKrVjY=
Subject key identifier: 4F:67:C3:DA:67:7A:D6:01:B5:AD:D1:87:A5:7F:81:06:F7:A0:76:7E
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019333C94AFBA29862127CF74ECF92AB7A0C
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/T2fD2md61gG1rdGHpX-BBvegdn4.roa
Signing time: Sat 16 Nov 2024 07:04:10 +0000
ROA not before: Sat 16 Nov 2024 07:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 2a0f:db80::/29 maxlen: 29
2a13:3880::/29 maxlen: 29
2a13:8c40::/29 maxlen: 29
2a13:9340::/29 maxlen: 29
2a13:93c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:33:c9:4a:fb:a2:98:62:12:7c:f7:4e:cf:92:ab:7a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 16 07:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f67c3da677ad601b5add187a57f8106f7a0767e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d8:e3:a2:4c:cf:b0:7b:b6:d8:f8:2e:a9:10:
f9:29:1e:b6:16:6e:2e:58:87:24:01:87:d1:4c:6a:
1b:a7:8d:f3:1f:53:86:e2:d1:c1:21:86:4c:cd:36:
2d:00:49:b6:28:e2:07:5d:be:32:c6:41:b4:c0:cf:
ec:07:94:3c:b0:9b:c7:01:4f:55:7f:30:b3:6c:40:
a2:09:9e:1b:ab:6b:68:ae:85:7b:4e:28:66:f0:92:
c1:fd:65:02:77:96:65:60:dd:a2:fe:4f:ba:53:e0:
ac:d4:b4:96:72:23:b7:47:ef:dc:07:92:34:7c:92:
c9:e1:0c:e5:1b:cc:60:d6:d7:81:9d:ed:c1:61:58:
70:26:c8:77:1c:05:3e:78:c5:1c:7f:2c:03:75:3d:
12:25:00:88:ad:62:ce:e3:cf:31:fa:bf:f8:a5:23:
9a:38:fe:b8:1a:7d:a8:64:74:33:19:64:8d:1f:51:
0e:c2:de:bb:5e:2b:28:b6:cf:7a:31:90:f0:bd:07:
a2:0f:74:57:ae:2e:5d:69:54:be:b2:49:a7:ce:d5:
76:ed:68:9e:99:af:90:b6:72:93:47:58:ea:cb:a7:
93:42:6b:84:df:bb:fa:8f:a6:73:6a:15:f7:11:3a:
61:2e:81:04:8f:f9:8f:bb:ca:61:d2:9a:c7:96:73:
ef:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:67:C3:DA:67:7A:D6:01:B5:AD:D1:87:A5:7F:81:06:F7:A0:76:7E
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/T2fD2md61gG1rdGHpX-BBvegdn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:db80::/29
2a13:3880::/29
2a13:8c40::/29
2a13:9340::/29
2a13:93c0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:d3:22:6c:5c:90:63:41:66:0f:25:d6:ee:ac:fa:5f:a7:f5:
d4:d2:0d:54:ae:93:44:5a:15:eb:f7:25:3f:76:93:0d:48:84:
e9:ce:63:85:90:d8:33:d7:b0:c8:f4:1d:59:1b:ad:d7:1e:99:
78:65:67:c2:6c:dc:e8:c9:8f:3a:61:fc:8c:f0:73:d6:4d:8f:
f5:d7:de:e6:4c:63:52:e0:b8:a7:5f:19:b0:90:9d:3e:2a:e0:
41:60:a2:ce:99:df:96:96:95:91:c5:5a:16:43:a2:2c:ac:de:
86:f8:b5:61:6d:c9:86:2e:9a:51:b4:d1:00:a2:4f:a6:b8:ea:
63:c1:d5:58:69:18:2e:02:91:e1:92:8b:ec:19:f6:32:bc:13:
fc:ce:f0:5b:92:c1:ac:a7:b7:ce:7b:43:50:5f:72:9f:e0:90:
ae:e8:ee:9f:20:14:38:d6:8d:68:df:56:aa:92:4e:5b:06:d1:
dd:79:eb:a5:d1:b9:83:6c:7f:b9:27:d8:18:a3:23:6e:04:6f:
b1:95:72:4c:ac:1b:c8:1f:45:fe:c3:34:c5:c3:a2:e4:8f:b8:
0f:0a:b2:e4:db:36:be:b0:eb:7c:03:79:28:e3:c9:fa:8a:55:
e7:a2:f3:d4:dd:c7:a1:b0:0a:5b:a7:15:6b:b0:31:e3:93:58:
39:52:77:73
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZMzyUr7ophiEnz3Ts+Sq3oMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTE2MDcwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjY3YzNkYTY3N2FkNjAxYjVhZGQxODdhNTdmODEwNmY3YTA3NjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9jjokzPsHu22PguqRD5KR62Fm4u
WIckAYfRTGobp43zH1OG4tHBIYZMzTYtAEm2KOIHXb4yxkG0wM/sB5Q8sJvHAU9V
fzCzbECiCZ4bq2toroV7Tihm8JLB/WUCd5ZlYN2i/k+6U+Cs1LSWciO3R+/cB5I0
fJLJ4QzlG8xg1teBne3BYVhwJsh3HAU+eMUcfywDdT0SJQCIrWLO488x+r/4pSOa
OP64Gn2oZHQzGWSNH1EOwt67Xisots96MZDwvQeiD3RXri5daVS+skmnztV27Wie
ma+QtnKTR1jqy6eTQmuE37v6j6ZzahX3ETphLoEEj/mPu8ph0prHlnPvPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFE9nw9pnetYBta3Rh6V/gQb3oHZ+MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvVDJmRDJtZDYxZ0cxcmRHSHBYLUJCdmVnZG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg/bgAMF
AyoTOIADBQMqE4xAAwUDKhOTQAMFAyoTk8AwDQYJKoZIhvcNAQELBQADggEBALHT
ImxckGNBZg8l1u6s+l+n9dTSDVSuk0RaFev3JT92kw1IhOnOY4WQ2DPXsMj0HVkb
rdcemXhlZ8Js3OjJjzph/Izwc9ZNj/XX3uZMY1LguKdfGbCQnT4q4EFgos6Z35aW
lZHFWhZDoiys3ob4tWFtyYYumlG00QCiT6a46mPB1VhpGC4CkeGSi+wZ9jK8E/zO
8FuSwaynt857Q1Bfcp/gkK7o7p8gFDjWjWjfVqqSTlsG0d1566XRuYNsf7kn2Bij
I24Eb7GVckysG8gfRf7DNMXDouSPuA8KsuTbNr6w63wDeSjjyfqKVeei89Tdx6Gw
ClunFWuwMeOTWDlSd3M=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:28:57 2024 by rpki-client on console-fra.rpki-client.org