Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/birz4Ut0IdAeA4AG5Saz_dgkPzY.roa
File: birz4Ut0IdAeA4AG5Saz_dgkPzY.roa (raw, json)
Hash identifier: NFkOkkBJpfWDah6+4r0MNiX29vPes7DkDOfhwhOANMQ=
Subject key identifier: 6E:2A:F3:E1:4B:74:21:D0:1E:03:80:06:E5:26:B3:FD:D8:24:3F:36
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 018CC725F6842373127A63C8E580F2CE586F
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/birz4Ut0IdAeA4AG5Saz_dgkPzY.roa
Signing time: Mon 01 Jan 2024 22:30:03 +0000
ROA not before: Mon 01 Jan 2024 22:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a01:b960::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:f6:84:23:73:12:7a:63:c8:e5:80:f2:ce:58:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 22:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e2af3e14b7421d01e038006e526b3fdd8243f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2e:bd:a8:c1:7c:68:eb:fa:a3:42:cb:bf:17:
dc:50:7a:69:61:31:13:9b:70:fe:64:dd:49:5c:6e:
79:fb:6f:ac:8f:bb:38:95:59:4f:9d:72:13:f9:b5:
2f:95:37:38:a0:31:67:86:d8:3b:bc:2e:a7:f3:41:
51:64:c5:2d:dc:85:ff:f4:9f:92:3b:ac:b5:68:43:
f9:71:16:0a:fe:92:99:fc:75:3a:8d:fd:86:f3:86:
5e:78:03:0e:92:9f:97:25:6f:7d:48:5c:86:d7:ee:
09:05:18:42:60:79:2c:b3:31:88:6b:31:9f:64:a5:
f8:a0:21:7b:18:ed:22:c1:97:0a:47:9d:e8:8e:8f:
52:ec:2c:3c:30:44:12:cd:8e:12:6f:27:8d:af:2b:
3b:a8:04:6c:28:b0:81:78:50:40:19:78:2b:63:7f:
22:f2:01:1c:ec:50:f6:17:0d:ad:8c:b0:a3:ee:87:
25:47:6d:3b:a4:ed:5e:cb:88:33:5d:dd:72:bf:26:
d0:08:da:4f:34:9a:c7:62:09:75:12:aa:cb:36:df:
8b:ea:be:4a:01:73:16:09:0d:d2:63:22:04:a4:f9:
5d:a5:4d:3d:00:cc:9b:70:6e:d3:d2:07:95:a5:f9:
3a:33:93:ce:42:dc:2b:c0:88:aa:4c:30:42:66:bd:
a6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2A:F3:E1:4B:74:21:D0:1E:03:80:06:E5:26:B3:FD:D8:24:3F:36
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/birz4Ut0IdAeA4AG5Saz_dgkPzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960::/32
Signature Algorithm: sha256WithRSAEncryption
24:8a:5e:a0:24:e9:43:5e:32:ff:8a:cb:25:ee:80:0d:b1:94:
fb:e5:b8:13:39:01:2a:fa:62:60:08:70:0e:1c:a7:cc:a9:12:
10:7c:c5:04:78:79:14:e4:c8:fa:70:f9:b7:a7:76:aa:7f:a3:
3c:16:96:08:34:a6:ac:6f:fb:ad:9c:74:33:da:cb:29:7b:52:
20:ed:99:94:75:59:2d:a3:a7:22:41:b2:d6:dc:2a:aa:54:c2:
ad:6b:38:b2:48:db:6e:c0:a5:6d:23:00:87:16:cd:05:b0:61:
44:1c:6c:4e:e2:ec:f8:89:8f:56:d0:ec:8d:6f:3d:67:37:d8:
be:33:bc:bc:3e:ec:bb:df:f3:c9:0b:81:12:2c:af:d5:df:89:
3f:75:50:ed:06:11:49:22:ba:94:86:a4:f4:97:4a:1b:c9:d4:
56:78:6d:c4:30:5c:ca:53:3c:af:31:23:14:77:79:6d:fb:ec:
8c:29:8d:35:0b:4a:48:27:09:8e:7b:f4:0b:2a:88:dc:ed:e9:
18:27:e3:5e:0f:c3:5c:5f:6d:5b:01:11:54:66:8f:ac:aa:7f:
2d:d5:b1:da:d2:97:c1:99:63:bb:95:84:19:4f:59:51:8a:87:
7a:a2:7a:e8:28:b2:fb:ca:a4:c5:0b:3b:c4:a6:b5:91:28:88:
7f:7a:4c:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJfaEI3MSemPI5YDyzlhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjQwMTAxMjIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJhZjNlMTRiNzQyMWQwMWUwMzgwMDZlNTI2YjNmZGQ4MjQzZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi69qMF8aOv6o0LLvxfcUHppYTET
m3D+ZN1JXG55+2+sj7s4lVlPnXIT+bUvlTc4oDFnhtg7vC6n80FRZMUt3IX/9J+S
O6y1aEP5cRYK/pKZ/HU6jf2G84ZeeAMOkp+XJW99SFyG1+4JBRhCYHksszGIazGf
ZKX4oCF7GO0iwZcKR53ojo9S7Cw8MEQSzY4SbyeNrys7qARsKLCBeFBAGXgrY38i
8gEc7FD2Fw2tjLCj7oclR207pO1ey4gzXd1yvybQCNpPNJrHYgl1EqrLNt+L6r5K
AXMWCQ3SYyIEpPldpU09AMybcG7T0geVpfk6M5POQtwrwIiqTDBCZr2msQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG4q8+FLdCHQHgOABuUms/3YJD82MB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvYmlyejRVdDBJZEFlQTRBRzVTYXpfZGdrUHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgG5YDAN
BgkqhkiG9w0BAQsFAAOCAQEAJIpeoCTpQ14y/4rLJe6ADbGU++W4EzkBKvpiYAhw
DhynzKkSEHzFBHh5FOTI+nD5t6d2qn+jPBaWCDSmrG/7rZx0M9rLKXtSIO2ZlHVZ
LaOnIkGy1twqqlTCrWs4skjbbsClbSMAhxbNBbBhRBxsTuLs+ImPVtDsjW89ZzfY
vjO8vD7su9/zyQuBEiyv1d+JP3VQ7QYRSSK6lIak9JdKG8nUVnhtxDBcylM8rzEj
FHd5bfvsjCmNNQtKSCcJjnv0CyqI3O3pGCfjXg/DXF9tWwERVGaPrKp/LdWx2tKX
wZlju5WEGU9ZUYqHeqJ66Ciy+8qkxQs7xKa1kSiIf3pMSg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:30:21 2024 by rpki-client on console-fra.rpki-client.org