Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/iSa6D8K9RAoGPVyjfm0oekRz0_g.roa
File: iSa6D8K9RAoGPVyjfm0oekRz0_g.roa (raw, json)
Hash identifier: Vm7xk4NcVtI+LQyPzmk48y8aQXGegjYTDq0REFa+QZ4=
Subject key identifier: 89:26:BA:0F:C2:BD:44:0A:06:3D:5C:A3:7E:6D:28:7A:44:73:D3:F8
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018CC64B379029DF2DD3915AFA96749F0389
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/iSa6D8K9RAoGPVyjfm0oekRz0_g.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139328
IP address blocks: 2a12:3fc2:e72d::/48 maxlen: 48
2a12:3fc2:e800::/40 maxlen: 48
2a12:3fc2:8000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:37:90:29:df:2d:d3:91:5a:fa:96:74:9f:03:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8926ba0fc2bd440a063d5ca37e6d287a4473d3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ad:67:7d:9c:88:d0:8d:ca:5d:c0:57:af:67:
86:bc:94:7b:60:3b:5e:4a:d3:8d:87:77:8d:2d:3c:
95:fb:60:e8:f8:ba:20:cf:5c:95:77:a8:80:1e:ad:
38:01:38:6e:96:2a:7d:c9:64:d8:d4:71:e2:8a:51:
91:42:3c:72:fd:32:45:25:dd:78:ae:cb:3b:a4:98:
74:32:74:cf:fa:c7:5d:90:e6:15:6e:76:06:26:d5:
8c:7b:b1:cc:81:b9:0d:26:1c:2c:df:6e:2d:1b:0b:
9c:e2:b8:d9:ee:15:5a:cb:dc:e6:f3:34:6b:94:ff:
b0:35:50:b7:c8:11:b7:b0:5b:96:e6:47:da:9c:f3:
e8:46:2a:8a:3f:45:91:be:ad:1d:56:89:47:70:ca:
bb:89:8e:15:aa:2d:93:6d:93:01:be:9a:ba:af:09:
84:38:b5:19:92:45:1d:ae:d6:3d:1b:c7:66:dc:15:
e5:ef:c6:a9:f0:06:3c:ab:79:e0:b3:cb:3b:8e:d2:
75:d3:5d:e5:b6:d0:5a:f7:d5:08:31:81:1a:73:08:
bb:73:80:40:19:3b:1f:7b:3c:e0:8b:f1:c8:c9:1e:
96:ed:07:10:b7:26:72:e9:0f:8f:e9:ac:66:64:2f:
24:99:ed:d2:73:4a:d6:ec:39:27:8c:54:eb:32:b0:
06:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:26:BA:0F:C2:BD:44:0A:06:3D:5C:A3:7E:6D:28:7A:44:73:D3:F8
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/iSa6D8K9RAoGPVyjfm0oekRz0_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:8000::/36
2a12:3fc2:e72d::/48
2a12:3fc2:e800::/40
Signature Algorithm: sha256WithRSAEncryption
d5:99:50:cd:70:17:65:10:04:54:05:9c:9d:01:54:10:87:4d:
76:fe:33:fc:6c:b0:b9:84:d6:de:67:e1:5d:e4:ec:c4:3e:5a:
93:e6:94:8f:4d:7b:55:0a:0e:47:c3:17:a0:66:a0:0e:3a:df:
38:34:55:e7:6b:57:32:69:ba:5d:84:ab:dd:7d:91:94:6c:0c:
be:30:54:5a:1a:15:a4:75:b6:f0:86:11:6b:ef:b3:24:d3:f5:
92:f5:d3:6a:bc:23:86:7d:f7:af:d9:da:ee:bb:9a:f4:bf:8b:
83:27:ba:7f:40:ba:a8:9a:b9:ab:71:14:70:e2:cb:a1:4b:52:
67:e2:2e:6d:7e:f6:49:aa:7f:d2:b6:b4:2f:80:07:11:fc:2c:
45:3a:8f:54:0b:21:ef:bd:91:f6:7d:50:58:d1:b0:cc:27:14:
87:5f:80:28:bb:35:b9:b3:e0:6f:56:d7:2b:28:f6:3d:18:bb:
93:5d:81:7e:98:8b:76:e5:36:03:ce:0e:e0:57:6b:67:36:81:
a7:9f:d7:59:7d:c1:fa:b5:28:50:ef:02:27:ff:e7:41:39:91:
f5:25:c4:99:29:ff:de:9e:41:4d:23:38:5c:10:69:92:14:68:
ed:09:d2:f5:1c:21:79:68:61:ec:f4:39:82:f9:f9:19:e1:b6:
1e:ce:d3:f7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzGSzeQKd8t05Fa+pZ0nwOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI2YmEwZmMyYmQ0NDBhMDYzZDVjYTM3ZTZkMjg3YTQ0NzNkM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhq1nfZyI0I3KXcBXr2eGvJR7YDte
StONh3eNLTyV+2Do+Logz1yVd6iAHq04AThulip9yWTY1HHiilGRQjxy/TJFJd14
rss7pJh0MnTP+sddkOYVbnYGJtWMe7HMgbkNJhws324tGwuc4rjZ7hVay9zm8zRr
lP+wNVC3yBG3sFuW5kfanPPoRiqKP0WRvq0dVolHcMq7iY4Vqi2TbZMBvpq6rwmE
OLUZkkUdrtY9G8dm3BXl78ap8AY8q3ngs8s7jtJ1013lttBa99UIMYEacwi7c4BA
GTsfezzgi/HIyR6W7QcQtyZy6Q+P6axmZC8kme3Sc0rW7DknjFTrMrAGawIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFIkmug/CvUQKBj1co35tKHpEc9P4MB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvaVNhNkQ4SzlSQW9HUFZ5amZtMG9la1J6MF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYEKhI/woAD
BwAqEj/C5y0DBgAqEj/C6DANBgkqhkiG9w0BAQsFAAOCAQEA1ZlQzXAXZRAEVAWc
nQFUEIdNdv4z/GywuYTW3mfhXeTsxD5ak+aUj017VQoOR8MXoGagDjrfODRV52tX
Mmm6XYSr3X2RlGwMvjBUWhoVpHW28IYRa++zJNP1kvXTarwjhn33r9na7rua9L+L
gye6f0C6qJq5q3EUcOLLoUtSZ+IubX72Sap/0ra0L4AHEfwsRTqPVAsh772R9n1Q
WNGwzCcUh1+AKLs1ubPgb1bXKyj2PRi7k12BfpiLduU2A84O4FdrZzaBp5/XWX3B
+rUoUO8CJ//nQTmR9SXEmSn/3p5BTSM4XBBpkhRo7QnS9RwheWhh7PQ5gvn5GeG2
Hs7T9w==
-----END CERTIFICATE-----
Generated at Sat Apr 27 20:33:28 2024 by rpki-client on console-ams.rpki-client.org