Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/O-mAPST0FN58L5jRkvgI8xiAcBE.roa
File: O-mAPST0FN58L5jRkvgI8xiAcBE.roa (raw, json)
Hash identifier: RByIgnCHT/60xFNI31BXAltoeFs+AJZ0Z2jKpTVb0ug=
Subject key identifier: 3B:E9:80:3D:24:F4:14:DE:7C:2F:98:D1:92:F8:08:F3:18:80:70:11
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01933601D5D58C2E79F52A1BD97DBA3BAADB
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/O-mAPST0FN58L5jRkvgI8xiAcBE.roa
Signing time: Sat 16 Nov 2024 17:25:10 +0000
ROA not before: Sat 16 Nov 2024 17:25:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214168
IP address blocks: 2a0e:9c0::/29 maxlen: 29
2a0e:91c0::/29 maxlen: 29
2a11:6700::/29 maxlen: 29
2a11:8c80::/29 maxlen: 29
2a11:8cc0::/29 maxlen: 29
2a12:1ec0::/29 maxlen: 29
2a12:1f40::/29 maxlen: 29
2a12:3240::/29 maxlen: 29
2a12:4680::/29 maxlen: 29
2a12:4980::/29 maxlen: 29
2a12:6980::/29 maxlen: 29
2a12:7d00::/29 maxlen: 29
2a12:9180::/29 maxlen: 29
2a12:be00::/29 maxlen: 29
2a12:da00::/29 maxlen: 29
2a12:e900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:36:01:d5:d5:8c:2e:79:f5:2a:1b:d9:7d:ba:3b:aa:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Nov 16 17:25:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3be9803d24f414de7c2f98d192f808f318807011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d7:4c:fe:71:ae:0b:c0:ad:50:ba:9b:7e:a5:
39:b1:eb:6d:31:a9:2c:45:c4:15:d5:c6:a0:e4:e6:
db:ad:5b:58:12:38:dc:ea:68:09:84:c0:f2:ca:33:
a1:80:bd:62:ae:c4:0d:76:0c:ca:57:33:1d:7e:06:
9f:66:a4:6a:ef:44:f5:39:9e:cd:f0:4b:b6:a4:62:
da:e6:bd:62:2b:c4:4b:0c:01:d9:05:23:5c:54:64:
a1:bd:c3:c6:68:c9:09:08:23:a7:d4:be:88:c6:32:
28:a4:0d:b1:8d:68:08:c0:87:20:c5:1d:d2:58:89:
3e:69:8a:a2:c8:5c:63:9f:0b:de:d0:39:3f:5e:0f:
d6:8b:c5:37:d4:28:2e:ad:d0:c8:fc:7d:24:ed:e6:
4b:7e:fd:b3:4a:b9:d2:be:4b:97:02:e3:4c:1f:22:
11:12:e8:27:f5:05:8a:4a:0f:fd:43:34:24:a2:6c:
d7:db:b6:e8:88:50:8c:69:fd:76:26:08:0a:32:90:
71:a3:37:d0:ef:71:f5:49:d3:aa:7f:54:ed:69:b8:
26:00:df:6f:a1:99:b2:94:58:4b:ba:5f:65:59:49:
96:6a:6b:f5:e1:94:eb:f1:1f:90:8a:24:30:19:8b:
54:fb:e0:c6:ad:f3:5a:eb:e0:08:47:b5:ec:4b:fa:
8c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E9:80:3D:24:F4:14:DE:7C:2F:98:D1:92:F8:08:F3:18:80:70:11
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/O-mAPST0FN58L5jRkvgI8xiAcBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9c0::/29
2a0e:91c0::/29
2a11:6700::/29
2a11:8c80::/29
2a11:8cc0::/29
2a12:1ec0::/29
2a12:1f40::/29
2a12:3240::/29
2a12:4680::/29
2a12:4980::/29
2a12:6980::/29
2a12:7d00::/29
2a12:9180::/29
2a12:be00::/29
2a12:da00::/29
2a12:e900::/29
Signature Algorithm: sha256WithRSAEncryption
86:ab:b5:87:e7:02:fd:48:78:de:87:55:c1:54:25:e6:06:7c:
1f:b7:ae:07:a0:f0:04:f7:82:27:b2:6b:9c:53:d5:3b:b2:67:
3e:15:4b:00:29:85:cb:f2:9b:3b:f7:8c:2b:9f:50:07:88:f2:
7e:10:4d:d5:bb:5d:8a:05:bf:f1:60:3c:36:5d:31:11:4f:d1:
5f:73:a3:df:6c:c1:e7:01:e8:55:99:03:e2:0c:79:a1:ac:ac:
10:f4:10:62:d0:f0:dd:16:cf:26:90:b1:aa:a0:16:f6:56:0e:
be:53:0d:92:fd:cf:7f:c9:22:ae:09:45:75:f9:e3:3c:20:42:
43:1d:d9:a5:e9:16:8d:ad:06:f6:36:1a:51:a4:63:b0:6c:3d:
ec:e4:f5:4d:7c:63:83:6c:59:bd:2c:61:c5:65:1e:14:9f:e5:
a9:df:cf:df:63:89:04:ca:c1:9f:50:86:89:6c:63:f1:69:86:
61:7a:d0:31:5a:cc:5f:58:97:49:d8:ae:dc:01:74:15:1f:81:
d4:e7:90:66:67:d3:2d:bf:3c:4d:f2:d4:6e:f5:4f:5d:cd:51:
b9:af:26:a9:64:62:98:36:de:dc:dc:81:50:a4:20:0d:df:a4:
9f:41:c5:09:cd:06:08:b2:6c:e6:c2:7b:f9:8d:b0:38:4f:15:
b5:d4:7f:0d
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZM2AdXVjC559Sob2X26O6rbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQxMTE2MTcyNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU5ODAzZDI0ZjQxNGRlN2MyZjk4ZDE5MmY4MDhmMzE4ODA3MDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9dM/nGuC8CtULqbfqU5settMaks
RcQV1cag5ObbrVtYEjjc6mgJhMDyyjOhgL1irsQNdgzKVzMdfgafZqRq70T1OZ7N
8Eu2pGLa5r1iK8RLDAHZBSNcVGShvcPGaMkJCCOn1L6IxjIopA2xjWgIwIcgxR3S
WIk+aYqiyFxjnwve0Dk/Xg/Wi8U31CgurdDI/H0k7eZLfv2zSrnSvkuXAuNMHyIR
Eugn9QWKSg/9QzQkomzX27boiFCMaf12JggKMpBxozfQ73H1SdOqf1TtabgmAN9v
oZmylFhLul9lWUmWamv14ZTr8R+QiiQwGYtU++DGrfNa6+AIR7XsS/qMcQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFDvpgD0k9BTefC+Y0ZL4CPMYgHARMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvTy1tQVBTVDBGTjU4TDVqUmt2Z0k4eGlBY0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAIwcAMFAyoOCcAD
BQMqDpHAAwUDKhFnAAMFAyoRjIADBQMqEYzAAwUDKhIewAMFAyoSH0ADBQMqEjJA
AwUDKhJGgAMFAyoSSYADBQMqEmmAAwUDKhJ9AAMFAyoSkYADBQMqEr4AAwUDKhLa
AAMFAyoS6QAwDQYJKoZIhvcNAQELBQADggEBAIartYfnAv1IeN6HVcFUJeYGfB+3
rgeg8AT3gieya5xT1TuyZz4VSwAphcvymzv3jCufUAeI8n4QTdW7XYoFv/FgPDZd
MRFP0V9zo99swecB6FWZA+IMeaGsrBD0EGLQ8N0WzyaQsaqgFvZWDr5TDZL9z3/J
Iq4JRXX54zwgQkMd2aXpFo2tBvY2GlGkY7BsPezk9U18Y4NsWb0sYcVlHhSf5anf
z99jiQTKwZ9QholsY/FphmF60DFazF9Yl0nYrtwBdBUfgdTnkGZn0y2/PE3y1G71
T13NUbmvJqlkYpg23tzcgVCkIA3fpJ9BxQnNBgiybObCe/mNsDhPFbXUfw0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:37:47 2024 by rpki-client on console-fra.rpki-client.org