Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/U3k56iaI-MtFLsfxrvUPZLoRZzw.roa
File: U3k56iaI-MtFLsfxrvUPZLoRZzw.roa (raw, json)
Hash identifier: TVa07s87cr44pia1Hqi1X1+Yg0pIzmIDGCoGVMB5HQY=
Subject key identifier: 53:79:39:EA:26:88:F8:CB:45:2E:C7:F1:AE:F5:0F:64:BA:11:67:3C
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018E8B9424395E05D5C84D0FDA020181CACE
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/U3k56iaI-MtFLsfxrvUPZLoRZzw.roa
Signing time: Fri 29 Mar 2024 18:58:45 +0000
ROA not before: Fri 29 Mar 2024 18:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216253
IP address blocks: 2a12:bec0:480::/44 maxlen: 48
2a12:bec4:1140::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 15:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8b:94:24:39:5e:05:d5:c8:4d:0f:da:02:01:81:ca:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Mar 29 18:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=537939ea2688f8cb452ec7f1aef50f64ba11673c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:e9:81:61:2b:1a:96:82:31:3a:89:c2:89:
4d:39:7f:81:31:3a:e0:8a:0e:5e:58:79:92:06:97:
37:87:64:2b:97:43:fc:97:fe:95:a8:73:a6:c5:69:
4d:d6:0a:24:cb:d8:97:4a:8e:74:d0:92:52:3f:d9:
3a:fb:a7:b7:ca:c3:1a:53:4c:4c:af:63:56:2b:9e:
f5:30:bb:c5:53:b5:70:6b:7d:2b:81:28:13:ed:fe:
82:a5:32:71:e9:23:d1:dc:ea:00:57:75:56:08:45:
75:b9:bd:48:ae:7f:67:03:71:ad:bc:8a:8b:b7:68:
f4:7e:4b:97:c0:ab:b6:e1:39:e4:ac:f3:65:be:88:
8f:47:12:c8:d3:e9:8b:80:f5:a0:39:e7:6b:d8:a8:
d6:27:74:55:28:6b:e6:78:5f:83:e5:d8:d2:27:ef:
06:0c:ef:d4:29:43:37:5a:ce:ef:47:b9:b9:2b:b6:
fa:d7:60:f3:49:7e:92:97:cc:ed:bf:5e:91:6c:27:
8c:a5:86:59:e9:7f:7b:15:7d:af:dc:6d:79:e2:47:
f9:af:9f:a9:32:fa:ae:a1:6a:1e:18:40:e5:3b:6a:
f4:0a:61:94:e9:ca:d6:7e:a2:6c:f1:6e:66:9b:71:
27:59:b0:21:b0:8c:f1:f3:a5:07:c9:95:c1:21:e9:
83:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:79:39:EA:26:88:F8:CB:45:2E:C7:F1:AE:F5:0F:64:BA:11:67:3C
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/U3k56iaI-MtFLsfxrvUPZLoRZzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:480::/44
2a12:bec4:1140::/44
Signature Algorithm: sha256WithRSAEncryption
25:d1:21:f8:04:3c:73:95:cc:50:21:27:f8:26:66:7d:48:0f:
fe:1b:8d:32:60:31:f7:ca:4f:0a:c5:9f:4c:76:5d:b8:50:29:
11:40:ff:2b:32:37:1d:49:13:e2:50:ab:aa:0d:e1:d0:f2:8b:
ce:35:7d:41:32:0e:e1:ca:4b:fa:fa:d8:9e:56:35:9e:4e:85:
c5:f3:c4:59:c5:81:d6:ae:2e:02:9e:5b:ef:0c:74:a0:26:d2:
ba:bf:db:ef:67:ad:c0:4b:bf:bb:00:52:7c:4e:fc:7e:8e:22:
6f:0b:5f:2d:8c:d4:82:6e:1e:3b:38:17:87:4e:34:59:c6:50:
2b:f8:dd:f8:85:1d:73:f9:1d:b7:59:75:f3:0f:59:f2:1c:29:
20:c6:62:6c:17:3d:ce:25:63:cc:91:b5:02:01:4a:6e:dd:4b:
c8:e9:f1:d6:9d:55:85:37:b9:59:80:71:db:ae:ed:f8:5f:23:
bf:b8:be:fa:7f:af:73:ae:f8:1a:20:c0:19:f4:99:f3:b8:e5:
e6:5d:05:19:70:26:48:ac:83:b6:d1:8c:ab:38:a2:96:db:49:
4a:17:3f:c4:13:ab:76:55:42:4b:e2:9d:16:58:1f:ba:80:3a:
3b:2b:83:ed:27:83:30:76:11:22:6a:02:fc:89:24:00:b2:eb:
6d:44:6b:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6LlCQ5XgXVyE0P2gIBgcrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMzI5MTg1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc5MzllYTI2ODhmOGNiNDUyZWM3ZjFhZWY1MGY2NGJhMTE2NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhrpgWErGpaCMTqJwolNOX+BMTrg
ig5eWHmSBpc3h2Qrl0P8l/6VqHOmxWlN1goky9iXSo500JJSP9k6+6e3ysMaU0xM
r2NWK571MLvFU7Vwa30rgSgT7f6CpTJx6SPR3OoAV3VWCEV1ub1Irn9nA3GtvIqL
t2j0fkuXwKu24TnkrPNlvoiPRxLI0+mLgPWgOedr2KjWJ3RVKGvmeF+D5djSJ+8G
DO/UKUM3Ws7vR7m5K7b612DzSX6Sl8ztv16RbCeMpYZZ6X97FX2v3G154kf5r5+p
MvquoWoeGEDlO2r0CmGU6crWfqJs8W5mm3EnWbAhsIzx86UHyZXBIemDsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFN5OeomiPjLRS7H8a71D2S6EWc8MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvVTNrNTZpYUktTXRGTHNmeHJ2VVBaTG9SWnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhK+wASA
AwcEKhK+xBFAMA0GCSqGSIb3DQEBCwUAA4IBAQAl0SH4BDxzlcxQISf4JmZ9SA/+
G40yYDH3yk8KxZ9Mdl24UCkRQP8rMjcdSRPiUKuqDeHQ8ovONX1BMg7hykv6+tie
VjWeToXF88RZxYHWri4CnlvvDHSgJtK6v9vvZ63AS7+7AFJ8Tvx+jiJvC18tjNSC
bh47OBeHTjRZxlAr+N34hR1z+R23WXXzD1nyHCkgxmJsFz3OJWPMkbUCAUpu3UvI
6fHWnVWFN7lZgHHbru34XyO/uL76f69zrvgaIMAZ9JnzuOXmXQUZcCZIrIO20Yyr
OKKW20lKFz/EE6t2VUJL4p0WWB+6gDo7K4PtJ4MwdhEiagL8iSQAsuttRGsC
-----END CERTIFICATE-----
Generated at Thu Jun 13 21:58:08 2024 by rpki-client on console-fra.rpki-client.org