Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/d99m0AGX8gonj6X-nSuDwAlfuLY.roa
File: d99m0AGX8gonj6X-nSuDwAlfuLY.roa (raw, json)
Hash identifier: vBRSZau+k4jzT6cKCrHZeTBkTVkrWWNag5ULF91apHQ=
Subject key identifier: 77:DF:66:D0:01:97:F2:0A:27:8F:A5:FE:9D:2B:83:C0:09:5F:B8:B6
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018F7A3D8F65BA912C64761A201A26D75BE3
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/d99m0AGX8gonj6X-nSuDwAlfuLY.roa
Signing time: Wed 15 May 2024 03:13:25 +0000
ROA not before: Wed 15 May 2024 03:13:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 2a0f:db80::/29 maxlen: 29
2a13:1340::/29 maxlen: 29
2a13:2980::/29 maxlen: 29
2a13:3880::/29 maxlen: 29
2a13:3b80::/29 maxlen: 29
2a13:3c80::/29 maxlen: 29
2a13:4fc0::/29 maxlen: 29
2a13:6e40::/29 maxlen: 29
2a13:8580::/29 maxlen: 29
2a13:8c40::/29 maxlen: 29
2a13:9340::/29 maxlen: 29
2a13:93c0::/29 maxlen: 29
2a13:ac80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7a:3d:8f:65:ba:91:2c:64:76:1a:20:1a:26:d7:5b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 15 03:13:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77df66d00197f20a278fa5fe9d2b83c0095fb8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:11:75:15:9c:09:fe:52:33:7e:33:5d:ff:f8:
4f:ca:59:2b:65:d0:c8:ac:55:d7:68:7c:55:67:6c:
b6:32:fc:f0:d0:1a:4b:97:cb:72:57:00:93:88:67:
66:0b:94:cb:65:f0:71:a0:0d:d3:ea:04:c0:1d:64:
1d:b7:e3:6d:b0:11:98:39:6b:70:b0:1f:ff:b0:cc:
33:a2:98:74:2a:df:9e:23:b9:21:4f:e9:90:a1:8c:
14:cc:ea:5f:70:a1:4e:54:23:18:12:3a:bb:54:9c:
51:6d:ad:44:e8:68:57:59:52:e9:b5:04:44:8d:a4:
4c:45:f1:5f:34:27:f4:be:11:8a:ac:19:31:2e:0f:
52:9c:1c:2f:60:49:ac:54:6e:e3:32:c7:76:a0:67:
d7:3f:7b:34:2e:7b:b9:f2:a9:96:93:c1:36:86:80:
27:ee:66:f4:bf:17:ac:c3:36:05:52:ed:1a:dc:ff:
a6:6a:41:95:a1:c9:98:b6:77:b2:6c:33:54:02:fd:
b2:10:14:b5:59:ee:70:b5:58:65:4f:d0:2c:13:7c:
3a:c7:b3:57:0c:33:79:a7:23:05:46:8a:51:47:3b:
68:cd:64:59:2b:19:eb:43:ac:ab:2f:28:dc:40:98:
31:bd:2b:79:28:79:3a:4d:62:a3:d6:2f:b2:39:a9:
4c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DF:66:D0:01:97:F2:0A:27:8F:A5:FE:9D:2B:83:C0:09:5F:B8:B6
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/d99m0AGX8gonj6X-nSuDwAlfuLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:db80::/29
2a13:1340::/29
2a13:2980::/29
2a13:3880::/29
2a13:3b80::/29
2a13:3c80::/29
2a13:4fc0::/29
2a13:6e40::/29
2a13:8580::/29
2a13:8c40::/29
2a13:9340::/29
2a13:93c0::/29
2a13:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
d3:0f:71:ec:02:3b:4a:54:a5:80:38:5d:74:ae:c6:14:dd:cc:
cd:50:cb:6d:15:de:8d:5a:6a:9e:a3:47:ae:c9:c1:19:9c:e0:
90:a3:d3:ea:2c:9e:b0:e1:1f:b4:5e:ad:4b:83:e4:49:01:44:
ed:7d:75:0d:73:59:ec:97:45:ad:26:0d:5f:b6:6e:b2:94:d3:
d3:86:9e:ee:5b:63:b4:f1:ae:f9:d0:ed:4d:80:1e:c4:6f:ce:
69:a8:4a:b4:59:80:f2:4a:20:44:90:fa:73:a1:c1:46:b5:d8:
6a:b4:2c:00:fe:10:de:61:2f:af:f1:6d:df:bf:e4:84:50:b8:
a8:66:de:c7:eb:25:e1:65:61:8a:57:c7:b1:3c:f8:f1:1b:1f:
f1:57:cc:44:1b:e1:7c:66:02:80:9d:01:27:d6:b1:8b:2a:cb:
ee:68:f3:84:59:d2:a7:9c:ea:61:4b:a0:02:88:7f:5c:8c:60:
30:e0:49:61:f2:7c:7a:8e:0e:de:6a:4f:a2:d7:24:58:61:5f:
1f:01:40:8f:b5:c0:91:1a:a0:8c:8a:71:39:5f:1c:39:18:a7:
aa:a4:ca:33:51:27:5f:35:44:e6:38:4e:06:4e:bb:bf:de:96:
a1:b9:e7:43:75:43:dc:f6:55:3f:b9:cd:6c:37:fe:18:92:1d:
aa:d4:d9:b7
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAY96PY9lupEsZHYaIBom11vjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNTE1MDMxMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2RmNjZkMDAxOTdmMjBhMjc4ZmE1ZmU5ZDJiODNjMDA5NWZiOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRF1FZwJ/lIzfjNd//hPylkrZdDI
rFXXaHxVZ2y2Mvzw0BpLl8tyVwCTiGdmC5TLZfBxoA3T6gTAHWQdt+NtsBGYOWtw
sB//sMwzoph0Kt+eI7khT+mQoYwUzOpfcKFOVCMYEjq7VJxRba1E6GhXWVLptQRE
jaRMRfFfNCf0vhGKrBkxLg9SnBwvYEmsVG7jMsd2oGfXP3s0Lnu58qmWk8E2hoAn
7mb0vxeswzYFUu0a3P+makGVocmYtneybDNUAv2yEBS1We5wtVhlT9AsE3w6x7NX
DDN5pyMFRopRRztozWRZKxnrQ6yrLyjcQJgxvSt5KHk6TWKj1i+yOalMkwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFHffZtABl/IKJ4+l/p0rg8AJX7i2MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvZDk5bTBBR1g4Z29uajZYLW5TdUR3QWxmdUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAAjBbAwUDKg/bgAMF
AyoTE0ADBQMqEymAAwUDKhM4gAMFAyoTO4ADBQMqEzyAAwUDKhNPwAMFAyoTbkAD
BQMqE4WAAwUDKhOMQAMFAyoTk0ADBQMqE5PAAwUDKhOsgDANBgkqhkiG9w0BAQsF
AAOCAQEA0w9x7AI7SlSlgDhddK7GFN3MzVDLbRXejVpqnqNHrsnBGZzgkKPT6iye
sOEftF6tS4PkSQFE7X11DXNZ7JdFrSYNX7ZuspTT04ae7ltjtPGu+dDtTYAexG/O
aahKtFmA8kogRJD6c6HBRrXYarQsAP4Q3mEvr/Ft37/khFC4qGbex+sl4WVhilfH
sTz48Rsf8VfMRBvhfGYCgJ0BJ9axiyrL7mjzhFnSp5zqYUugAoh/XIxgMOBJYfJ8
eo4O3mpPotckWGFfHwFAj7XAkRqgjIpxOV8cORinqqTKM1EnXzVE5jhOBk67v96W
obnnQ3VD3PZVP7nNbDf+GJIdqtTZtw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:29:41 2024 by rpki-client on console-ams.rpki-client.org