Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/PT2U70hZCuZnaYziH6MoTZd24LI.roa
File: PT2U70hZCuZnaYziH6MoTZd24LI.roa (raw, json)
Hash identifier: X0h4jJds2AEW8Bu/ILBnzPT0GXMkGXVc5PPzRuCvChU=
Subject key identifier: 3D:3D:94:EF:48:59:0A:E6:67:69:8C:E2:1F:A3:28:4D:97:76:E0:B2
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 018CC725F89CFE8B45EB3E2F42408C0C14FD
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/PT2U70hZCuZnaYziH6MoTZd24LI.roa
Signing time: Mon 01 Jan 2024 22:30:03 +0000
ROA not before: Mon 01 Jan 2024 22:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207134
IP address blocks: 2a01:b960:2305::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:f8:9c:fe:8b:45:eb:3e:2f:42:40:8c:0c:14:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 22:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d3d94ef48590ae667698ce21fa3284d9776e0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e6:0e:b2:b3:57:79:3c:2f:7c:c4:9e:cc:1f:
f8:e5:53:a9:27:09:60:a2:ff:44:be:88:71:4d:fe:
18:b1:40:af:7e:11:32:f7:9e:c0:ba:49:2f:b2:7c:
2b:61:36:39:de:54:e6:84:f5:d3:ff:9c:fd:85:05:
e3:09:56:be:4b:02:d3:28:a4:95:b9:d4:98:6f:67:
37:00:f2:80:fb:ad:03:bf:89:dd:b0:4a:e2:ef:d7:
f8:68:c0:1e:35:6a:0d:a7:7e:dd:b8:4b:2a:db:30:
a4:ae:89:03:a2:e7:79:85:29:9c:7e:91:20:76:9c:
1f:ba:15:a4:c7:6d:a7:90:27:4c:22:1f:8c:aa:ad:
8a:91:0d:cb:44:5a:13:ab:e7:25:ad:50:28:2f:d0:
42:bd:23:b5:91:a3:28:3d:0b:2d:a2:07:cf:9f:ec:
4b:f5:29:0a:4c:f2:72:4f:15:82:3a:49:8e:9d:f9:
7f:f6:a6:8e:07:55:30:22:5d:9f:b3:74:ec:6b:b8:
37:2e:bb:86:35:0a:af:c1:a1:a9:35:25:6a:83:ac:
bc:79:47:b1:a0:3a:ce:43:ad:8b:01:ba:41:f7:e7:
40:93:01:88:c4:e3:54:90:bd:b6:b5:e1:b2:5a:67:
a5:c4:60:30:cd:b9:83:0b:12:e6:5a:2e:30:a8:10:
1b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3D:94:EF:48:59:0A:E6:67:69:8C:E2:1F:A3:28:4D:97:76:E0:B2
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/PT2U70hZCuZnaYziH6MoTZd24LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2305::/48
Signature Algorithm: sha256WithRSAEncryption
8d:ad:5b:a5:bb:0d:16:82:0e:7b:b3:74:5a:ea:56:41:ad:54:
f7:0b:05:96:27:8f:2b:5f:b4:7a:c6:4d:ab:32:f5:e8:85:dd:
06:b2:97:a0:8a:21:bc:37:11:a4:d3:60:05:8a:28:7a:78:1e:
1a:d8:7c:3e:d5:fe:c8:bf:1e:7c:84:69:bb:f2:de:07:3c:71:
8a:e2:93:93:e1:86:a7:82:b6:10:77:5c:97:9c:87:7f:86:b6:
3c:da:0c:73:d0:c4:31:19:da:bc:53:a2:82:98:e2:c5:54:ae:
d0:d0:be:63:7c:70:24:88:df:9e:77:51:54:64:7b:1a:af:e4:
25:6f:67:a3:e2:ff:ef:10:f4:3f:f5:46:15:01:fa:d6:60:87:
40:7f:05:51:f0:5f:d4:4b:05:f1:fc:28:07:bd:3e:0a:85:b6:
05:c8:10:8a:87:d6:21:33:3d:c4:4e:9a:36:80:12:ca:38:98:
96:a7:61:12:b7:f3:ce:98:73:34:a1:94:69:37:3e:b9:32:ed:
30:e5:c8:e4:5e:6d:ef:08:d0:b4:82:b8:a2:61:37:d2:aa:3c:
0c:97:a4:cb:1f:88:55:68:12:b5:fe:6a:79:e4:d9:46:cd:98:
de:89:b6:57:89:01:a7:3e:5b:ee:c5:98:c8:e8:34:d8:f4:f0:
4e:53:45:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJfic/otF6z4vQkCMDBT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjQwMTAxMjIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDNkOTRlZjQ4NTkwYWU2Njc2OThjZTIxZmEzMjg0ZDk3NzZlMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OYOsrNXeTwvfMSezB/45VOpJwlg
ov9EvohxTf4YsUCvfhEy957AukkvsnwrYTY53lTmhPXT/5z9hQXjCVa+SwLTKKSV
udSYb2c3APKA+60Dv4ndsEri79f4aMAeNWoNp37duEsq2zCkrokDoud5hSmcfpEg
dpwfuhWkx22nkCdMIh+Mqq2KkQ3LRFoTq+clrVAoL9BCvSO1kaMoPQstogfPn+xL
9SkKTPJyTxWCOkmOnfl/9qaOB1UwIl2fs3Tsa7g3LruGNQqvwaGpNSVqg6y8eUex
oDrOQ62LAbpB9+dAkwGIxONUkL22teGyWmelxGAwzbmDCxLmWi4wqBAbeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD09lO9IWQrmZ2mM4h+jKE2XduCyMB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvUFQyVTcwaFpDdVpuYVl6aUg2TW9UWmQyNExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMF
MA0GCSqGSIb3DQEBCwUAA4IBAQCNrVuluw0Wgg57s3Ra6lZBrVT3CwWWJ48rX7R6
xk2rMvXohd0GspegiiG8NxGk02AFiih6eB4a2Hw+1f7Ivx58hGm78t4HPHGK4pOT
4YangrYQd1yXnId/hrY82gxz0MQxGdq8U6KCmOLFVK7Q0L5jfHAkiN+ed1FUZHsa
r+Qlb2ej4v/vEPQ/9UYVAfrWYIdAfwVR8F/USwXx/CgHvT4KhbYFyBCKh9YhMz3E
Tpo2gBLKOJiWp2ESt/POmHM0oZRpNz65Mu0w5cjkXm3vCNC0griiYTfSqjwMl6TL
H4hVaBK1/mp55NlGzZjeibZXiQGnPlvuxZjI6DTY9PBOU0XT
-----END CERTIFICATE-----
Generated at Wed May 29 07:49:25 2024 by rpki-client on console-ams.rpki-client.org