Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2Pvo-_DBsTd626nEMZTX0y7a8rs.roa
File: 2Pvo-_DBsTd626nEMZTX0y7a8rs.roa (raw, json)
Hash identifier: PbzEjvv/uBlnHcEbeZW5LbWCLVElJ6Dr9573LEJAcEQ=
Subject key identifier: D8:FB:E8:FB:F0:C1:B1:37:7A:DB:A9:C4:31:94:D7:D3:2E:DA:F2:BB
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0192633FA7BB70731F3A47D9118FAFCE2CCA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2Pvo-_DBsTd626nEMZTX0y7a8rs.roa
Signing time: Sun 06 Oct 2024 19:12:48 +0000
ROA not before: Sun 06 Oct 2024 19:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 2a07:9200::/32 maxlen: 32
2a07:9202::/32 maxlen: 32
2a07:9203::/32 maxlen: 32
2a07:9204::/32 maxlen: 32
2a07:9205::/32 maxlen: 32
2a0c:a582::/32 maxlen: 32
2a0c:a583::/32 maxlen: 32
2a0c:a585::/32 maxlen: 32
2a0c:a587::/32 maxlen: 32
2a10:dfc1::/32 maxlen: 32
2a10:dfc2::/32 maxlen: 32
2a10:dfc3::/32 maxlen: 32
2a10:dfc4::/32 maxlen: 32
2a10:dfc5::/32 maxlen: 32
2a10:dfc6::/32 maxlen: 32
2a10:dfc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:63:3f:a7:bb:70:73:1f:3a:47:d9:11:8f:af:ce:2c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 6 19:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8fbe8fbf0c1b1377adba9c43194d7d32edaf2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:89:34:2f:26:ec:1f:96:da:a3:57:6f:61:82:
52:e3:bc:d8:25:ee:a5:d8:da:58:37:6d:4f:db:d9:
d7:38:44:07:90:fb:89:5a:0f:9a:31:69:c2:52:0f:
b9:41:ff:25:01:94:dc:08:3f:ea:bb:86:23:5e:87:
f4:8e:b2:e7:8d:f8:52:6b:59:8c:58:2e:10:ec:6a:
74:24:95:e4:91:d9:f1:36:52:f7:59:7e:e0:e4:57:
39:d4:58:a1:24:a0:26:f8:b5:34:b3:40:5f:d9:54:
2b:f8:5e:77:d6:74:d6:60:11:7e:00:ca:ce:f9:b1:
c4:4f:68:2a:67:52:9b:70:94:80:6e:86:63:59:4d:
0c:5d:f0:7b:6c:9a:d8:4d:b2:ad:11:48:3e:d3:a5:
7f:3c:a9:99:19:87:4a:6d:eb:29:d7:ad:81:b9:c2:
03:4f:01:94:53:7f:1b:a7:58:87:4d:a5:9d:6a:80:
21:e9:0a:09:90:58:20:e8:55:b4:dd:67:db:b0:9a:
0a:ec:00:32:14:60:b2:1d:5a:10:8f:8c:c1:4f:51:
f1:16:b1:6d:72:6d:6a:ec:97:1b:1c:17:f2:69:d5:
c8:eb:a2:dd:7d:cc:13:c1:c4:3e:58:58:a6:f9:05:
9f:8d:fb:88:9c:82:a6:b4:7a:2f:6f:21:3e:bc:b4:
21:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FB:E8:FB:F0:C1:B1:37:7A:DB:A9:C4:31:94:D7:D3:2E:DA:F2:BB
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2Pvo-_DBsTd626nEMZTX0y7a8rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:9200::/32
2a07:9202::-2a07:9205:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:a582::/31
2a0c:a585::/32
2a0c:a587::/32
2a10:dfc1::-2a10:dfc7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:59:1f:d2:f7:28:a9:11:80:f0:5e:21:95:41:b1:c3:a1:4c:
77:0b:de:34:dc:f4:73:2d:ed:f4:e1:16:b5:26:56:c2:e8:6a:
47:fb:48:af:4a:aa:ee:90:53:f9:48:61:51:d0:b4:56:ab:ac:
fa:14:b0:da:14:1c:81:11:2c:55:96:2e:83:1e:77:e7:74:5c:
9e:a6:7c:cd:0c:8d:c3:31:ad:ab:c9:2a:5e:eb:06:de:54:b7:
82:d6:6c:a8:46:52:63:f4:09:80:57:69:19:82:7c:80:d0:07:
a8:0d:06:8d:4d:ba:5a:73:c6:85:b0:af:f9:3e:ba:50:f5:7a:
70:e8:aa:0d:8f:1d:1b:ab:79:14:f4:c0:21:87:c6:a7:39:51:
00:61:ba:62:3b:29:fa:47:96:18:f2:50:21:a8:42:dc:50:89:
5a:7a:ae:a1:51:d0:20:ce:f7:71:14:83:63:c8:45:f8:87:b8:
4c:ec:fe:31:20:cb:b5:1b:78:5a:6c:ef:78:27:6c:b4:25:f1:
3d:aa:01:12:0b:04:2d:37:62:f7:6c:4c:cf:bf:88:02:a1:35:
aa:8c:bc:65:47:b2:fb:53:f8:58:2b:39:c0:0f:05:58:22:c1:
d2:53:b6:1c:cc:c0:4a:0e:c2:c5:53:70:d1:db:e7:a6:d0:69:
c7:1a:e1:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZJjP6e7cHMfOkfZEY+vzizKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMDA2MTkxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZiZThmYmYwYzFiMTM3N2FkYmE5YzQzMTk0ZDdkMzJlZGFmMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4k0LybsH5bao1dvYYJS47zYJe6l
2NpYN21P29nXOEQHkPuJWg+aMWnCUg+5Qf8lAZTcCD/qu4YjXof0jrLnjfhSa1mM
WC4Q7Gp0JJXkkdnxNlL3WX7g5Fc51FihJKAm+LU0s0Bf2VQr+F531nTWYBF+AMrO
+bHET2gqZ1KbcJSAboZjWU0MXfB7bJrYTbKtEUg+06V/PKmZGYdKbesp162BucID
TwGUU38bp1iHTaWdaoAh6QoJkFgg6FW03WfbsJoK7AAyFGCyHVoQj4zBT1HxFrFt
cm1q7JcbHBfyadXI66LdfcwTwcQ+WFim+QWfjfuInIKmtHovbyE+vLQh/QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNj76PvwwbE3etupxDGU19Mu2vK7MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMlB2by1fREJzVGQ2MjZuRU1aVFgweTdhOHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8AwUAKgeSADAO
AwUBKgeSAgMFASoHkgQDBQEqDKWCAwUAKgylhQMFACoMpYcwDgMFACoQ38EDBQMq
EN/AMA0GCSqGSIb3DQEBCwUAA4IBAQBQWR/S9yipEYDwXiGVQbHDoUx3C9403PRz
Le304Ra1JlbC6GpH+0ivSqrukFP5SGFR0LRWq6z6FLDaFByBESxVli6DHnfndFye
pnzNDI3DMa2rySpe6wbeVLeC1myoRlJj9AmAV2kZgnyA0AeoDQaNTbpac8aFsK/5
PrpQ9Xpw6KoNjx0bq3kU9MAhh8anOVEAYbpiOyn6R5YY8lAhqELcUIlaeq6hUdAg
zvdxFINjyEX4h7hM7P4xIMu1G3habO94J2y0JfE9qgESCwQtN2L3bEzPv4gCoTWq
jLxlR7L7U/hYKznADwVYIsHSU7YczMBKDsLFU3DR2+em0GnHGuF0
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:52:30 2024 by rpki-client on console-ams.rpki-client.org