Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/onrrEp75ZAMrbjjtnncjKrAY58s.roa
File: onrrEp75ZAMrbjjtnncjKrAY58s.roa (raw, json)
Hash identifier: C6DWyNsiVe0jQCExgYgY/KB8SvP3S5HSkAURFsiZJDs=
Subject key identifier: A2:7A:EB:12:9E:F9:64:03:2B:6E:38:ED:9E:77:23:2A:B0:18:E7:CB
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01913C64CDFDEE82EA9935E19621F3C1E287
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/onrrEp75ZAMrbjjtnncjKrAY58s.roa
Signing time: Sat 10 Aug 2024 13:05:24 +0000
ROA not before: Sat 10 Aug 2024 13:05:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2a11:5780::/30 maxlen: 30
2a11:5784::/30 maxlen: 30
2a12:5a00::/30 maxlen: 30
2a12:5a04::/30 maxlen: 30
2a12:8100::/30 maxlen: 30
2a12:8104::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3c:64:cd:fd:ee:82:ea:99:35:e1:96:21:f3:c1:e2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 10 13:05:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a27aeb129ef964032b6e38ed9e77232ab018e7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:f7:27:8b:a3:8a:e9:51:55:f1:ec:ff:e9:
d9:ce:a3:47:bd:0e:92:66:71:9a:c6:3a:e4:c0:c7:
f6:16:23:70:12:49:e2:1f:53:8e:23:ea:69:7b:d3:
f6:11:91:8d:e8:0e:7a:0f:65:99:00:76:f0:ee:fe:
6b:81:ca:ba:af:ef:a2:4e:80:bb:71:ed:19:39:15:
86:35:5a:68:e1:bc:14:9f:46:5f:7f:4b:cd:f4:53:
2b:77:87:21:ad:ab:3c:e8:a0:26:81:6a:f0:f3:07:
d6:f6:93:67:73:94:ec:af:e9:20:77:d5:e5:45:64:
2d:8d:04:b0:34:8c:a5:72:2c:70:a4:40:4d:f9:80:
6c:4c:fc:74:ab:96:04:35:a4:47:af:11:b6:25:2f:
00:ec:a9:39:62:a8:a5:34:3c:18:b3:43:2a:73:2b:
68:33:25:52:9e:18:41:ab:86:44:9d:b3:e7:60:cf:
b6:58:a8:7c:95:91:c6:85:16:9e:97:0b:f5:7a:23:
e9:ba:5b:e9:66:5b:13:83:80:b1:73:d0:98:5a:5e:
a5:23:39:95:41:9a:06:53:25:e0:24:86:f1:86:cc:
0c:16:fb:8b:ee:3f:b0:4a:b7:8a:be:17:5a:a4:19:
d6:6b:6d:c2:72:34:3c:5d:e9:83:c7:a9:96:64:fe:
0d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7A:EB:12:9E:F9:64:03:2B:6E:38:ED:9E:77:23:2A:B0:18:E7:CB
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/onrrEp75ZAMrbjjtnncjKrAY58s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5780::/29
2a12:5a00::/29
2a12:8100::/29
Signature Algorithm: sha256WithRSAEncryption
99:47:b6:c4:37:be:38:95:28:2b:11:e7:75:1b:6f:c6:07:bd:
b3:f1:08:fd:89:a3:26:7b:c8:a0:14:6e:21:26:7e:61:09:fb:
58:b3:b2:98:97:e0:d8:46:10:73:90:ad:37:2e:50:f8:ea:ee:
94:8c:fa:4b:3f:0f:ad:d1:11:89:6f:ec:72:c6:6c:3c:88:97:
68:f2:10:56:5f:c1:c8:02:b5:1e:6f:17:42:dd:9b:17:67:d6:
5e:9b:e2:a7:7e:d6:a0:81:30:55:fa:0a:0f:0c:18:e3:32:da:
a7:8f:22:59:7a:87:23:e8:a1:00:02:10:61:fb:d9:5d:73:df:
99:12:c0:c6:35:8e:75:2b:aa:e6:66:46:b1:5b:69:2c:19:bc:
da:4f:75:31:2f:04:b2:69:9b:2c:08:b1:15:7d:2f:de:fc:9d:
31:34:1e:a2:1c:7e:3c:82:c6:be:6a:45:7c:37:81:9c:73:b9:
dc:56:41:d6:70:fb:70:31:05:b2:3a:be:40:09:f1:e2:f0:c6:
c7:79:f6:41:54:09:6c:63:ae:53:70:eb:6c:90:a1:23:ed:1a:
f2:03:4f:60:9d:00:7e:e2:cb:d6:c2:16:bd:92:a2:17:6c:7d:
67:01:21:41:bc:9e:55:de:78:ca:64:e4:84:8b:62:37:f6:56:
84:8e:6e:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZE8ZM397oLqmTXhliHzweKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwODEwMTMwNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdhZWIxMjllZjk2NDAzMmI2ZTM4ZWQ5ZTc3MjMyYWIwMThlN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslv3J4ujiulRVfHs/+nZzqNHvQ6S
ZnGaxjrkwMf2FiNwEkniH1OOI+ppe9P2EZGN6A56D2WZAHbw7v5rgcq6r++iToC7
ce0ZORWGNVpo4bwUn0Zff0vN9FMrd4chras86KAmgWrw8wfW9pNnc5Tsr+kgd9Xl
RWQtjQSwNIylcixwpEBN+YBsTPx0q5YENaRHrxG2JS8A7Kk5YqilNDwYs0Mqcyto
MyVSnhhBq4ZEnbPnYM+2WKh8lZHGhRaelwv1eiPpulvpZlsTg4Cxc9CYWl6lIzmV
QZoGUyXgJIbxhswMFvuL7j+wSreKvhdapBnWa23CcjQ8XemDx6mWZP4N/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKJ66xKe+WQDK2447Z53IyqwGOfLMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvb25yckVwNzVaQU1yYmpqdG5uY2pLckFZNThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhFXgAMF
AyoSWgADBQMqEoEAMA0GCSqGSIb3DQEBCwUAA4IBAQCZR7bEN744lSgrEed1G2/G
B72z8Qj9iaMme8igFG4hJn5hCftYs7KYl+DYRhBzkK03LlD46u6UjPpLPw+t0RGJ
b+xyxmw8iJdo8hBWX8HIArUebxdC3ZsXZ9Zem+KnftaggTBV+goPDBjjMtqnjyJZ
eocj6KEAAhBh+9ldc9+ZEsDGNY51K6rmZkaxW2ksGbzaT3UxLwSyaZssCLEVfS/e
/J0xNB6iHH48gsa+akV8N4Gcc7ncVkHWcPtwMQWyOr5ACfHi8MbHefZBVAlsY65T
cOtskKEj7RryA09gnQB+4svWwha9kqIXbH1nASFBvJ5V3njKZOSEi2I39laEjm4e
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:14:01 2024 by rpki-client on console-ams.rpki-client.org