Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/P6E1it89HIgLIF9ONw1xVf0429g.roa
File: P6E1it89HIgLIF9ONw1xVf0429g.roa (raw, json)
Hash identifier: nXKlmpX9NKxytZ2cvGpKOkD9F1vseXV8FabZWpNkMRg=
Subject key identifier: 3F:A1:35:8A:DF:3D:1C:88:0B:20:5F:4E:37:0D:71:55:FD:38:DB:D8
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 0190356D4EC78E734F2452BBEC53A07E1FE9
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/P6E1it89HIgLIF9ONw1xVf0429g.roa
Signing time: Thu 20 Jun 2024 11:34:34 +0000
ROA not before: Thu 20 Jun 2024 11:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3209
IP address blocks: 2a01:800::/24 maxlen: 24
2a01:860::/32 maxlen: 32
2a01:860:1::/48 maxlen: 48
2a01:860:2::/48 maxlen: 48
2a01:860:3::/48 maxlen: 48
2a01:860:4::/48 maxlen: 48
2a01:860:5::/48 maxlen: 48
2a01:860:6::/48 maxlen: 48
2a01:860:7::/48 maxlen: 48
2a01:860:8::/48 maxlen: 48
2a01:860:9::/48 maxlen: 48
2a01:860:a::/48 maxlen: 48
2a01:867::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:6d:4e:c7:8e:73:4f:24:52:bb:ec:53:a0:7e:1f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Jun 20 11:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa1358adf3d1c880b205f4e370d7155fd38dbd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:22:95:5d:8d:c3:cb:da:21:bd:97:fb:4b:72:
af:9b:11:32:6d:3d:e1:31:f5:4f:1e:dc:0e:1a:ea:
73:7d:a6:27:c2:10:72:52:94:b1:58:95:70:40:dd:
9b:10:13:b4:3d:de:6e:ec:6c:de:ff:62:4a:91:57:
d9:a1:54:8c:41:d1:f2:f7:4a:98:34:e2:53:f8:90:
36:48:8a:80:ee:d4:bb:d0:bb:74:d9:3f:59:3f:9b:
bf:22:02:fc:94:bf:5b:6e:38:e1:87:87:bf:35:8c:
41:24:3e:79:a6:18:fb:c5:c8:79:93:43:1f:e0:ff:
b9:f5:49:52:de:23:35:95:41:19:ce:03:f9:be:10:
9b:34:53:1a:19:16:6d:65:d2:2e:fe:ce:a5:04:5d:
fa:df:9a:09:e5:c9:d9:29:7a:52:a9:31:16:5e:65:
9e:23:5c:14:f8:50:80:1e:f2:5e:2a:9c:62:14:50:
29:78:c1:0e:73:ff:8b:c0:a8:57:1a:e2:4b:35:0f:
5b:8d:27:7b:55:79:d2:6c:08:c2:ed:95:99:af:18:
f3:05:ee:73:5e:01:b4:03:be:54:e7:7e:05:73:5b:
9f:10:c2:4e:14:37:59:ca:71:90:ad:68:30:7b:27:
74:77:9b:51:8e:9d:11:dc:03:59:2f:7d:75:81:4b:
31:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A1:35:8A:DF:3D:1C:88:0B:20:5F:4E:37:0D:71:55:FD:38:DB:D8
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/P6E1it89HIgLIF9ONw1xVf0429g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:800::/24
Signature Algorithm: sha256WithRSAEncryption
55:91:55:49:9e:ec:b0:13:ca:90:30:54:98:5e:73:6d:21:99:
d1:26:36:1b:e4:1a:fc:50:26:6e:46:fb:1b:a9:b9:b7:58:60:
ea:79:28:61:9a:e0:7f:c3:93:aa:98:18:ec:a9:5d:37:a1:dc:
ce:d3:af:36:3d:17:aa:f7:03:99:34:b1:98:1c:a2:2d:37:d6:
e4:97:36:3e:85:d5:24:74:69:13:b2:80:57:d9:5f:84:ba:81:
9e:23:91:81:88:2c:5a:1f:94:c6:f7:8f:ce:79:c1:1f:e7:41:
60:78:4d:08:10:cc:48:89:a1:42:02:45:8f:12:a4:fa:fb:52:
59:fe:a8:6c:4a:d8:83:8d:77:04:c8:63:1c:20:43:13:4c:b0:
66:97:c7:d3:ea:01:a8:5c:8e:fb:e3:62:ae:de:fe:cf:a1:77:
d7:49:e9:41:5d:ec:74:4a:19:f1:2e:17:52:2d:91:53:b3:58:
91:32:13:8c:08:43:4f:d4:fe:e4:05:4f:09:c5:b4:c3:fb:37:
38:69:14:2a:24:67:31:8f:c9:a4:98:09:59:81:a9:a5:0a:b9:
aa:94:e5:a1:6a:e9:ed:83:09:90:23:34:3c:73:16:81:f0:43:
2b:3c:e9:58:bc:6a:cf:f5:70:92:13:2a:5d:6b:9c:63:76:4a:
94:79:3e:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZA1bU7HjnNPJFK77FOgfh/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjQwNjIwMTEzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmExMzU4YWRmM2QxYzg4MGIyMDVmNGUzNzBkNzE1NWZkMzhkYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSKVXY3Dy9ohvZf7S3KvmxEybT3h
MfVPHtwOGupzfaYnwhByUpSxWJVwQN2bEBO0Pd5u7Gze/2JKkVfZoVSMQdHy90qY
NOJT+JA2SIqA7tS70Lt02T9ZP5u/IgL8lL9bbjjhh4e/NYxBJD55phj7xch5k0Mf
4P+59UlS3iM1lUEZzgP5vhCbNFMaGRZtZdIu/s6lBF3635oJ5cnZKXpSqTEWXmWe
I1wU+FCAHvJeKpxiFFApeMEOc/+LwKhXGuJLNQ9bjSd7VXnSbAjC7ZWZrxjzBe5z
XgG0A75U534Fc1ufEMJOFDdZynGQrWgweyd0d5tRjp0R3ANZL311gUsx5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD+hNYrfPRyICyBfTjcNcVX9ONvYMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvUDZFMWl0ODlISWdMSUY5T053MXhWZjA0MjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQAKgEIMA0G
CSqGSIb3DQEBCwUAA4IBAQBVkVVJnuywE8qQMFSYXnNtIZnRJjYb5Br8UCZuRvsb
qbm3WGDqeShhmuB/w5OqmBjsqV03odzO0682PReq9wOZNLGYHKItN9bklzY+hdUk
dGkTsoBX2V+EuoGeI5GBiCxaH5TG94/OecEf50FgeE0IEMxIiaFCAkWPEqT6+1JZ
/qhsStiDjXcEyGMcIEMTTLBml8fT6gGoXI7742Ku3v7PoXfXSelBXex0ShnxLhdS
LZFTs1iRMhOMCENP1P7kBU8JxbTD+zc4aRQqJGcxj8mkmAlZgamlCrmqlOWhaunt
gwmQIzQ8cxaB8EMrPOlYvGrP9XCSEypda5xjdkqUeT47
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:01:26 2024 by rpki-client on console-fra.rpki-client.org