Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PtIS6CdYuG2yN8fpnrulmMLu-8I.roa
File: PtIS6CdYuG2yN8fpnrulmMLu-8I.roa (raw, json)
Hash identifier: 9X2bIYMvIMuqQnd5J5K04K/g/jAC59Eynh5wXb0IGLo=
Subject key identifier: 3E:D2:12:E8:27:58:B8:6D:B2:37:C7:E9:9E:BB:A5:98:C2:EE:FB:C2
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019224904A0320568C5459D9863E0FC307FA
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PtIS6CdYuG2yN8fpnrulmMLu-8I.roa
Signing time: Tue 24 Sep 2024 15:04:48 +0000
ROA not before: Tue 24 Sep 2024 15:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:8c40::/29 maxlen: 29
2a11:a0c0::/29 maxlen: 29
2a11:a800::/29 maxlen: 29
2a12:20c0::/29 maxlen: 29
2a12:d180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:90:4a:03:20:56:8c:54:59:d9:86:3e:0f:c3:07:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Sep 24 15:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ed212e82758b86db237c7e99ebba598c2eefbc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:bf:27:b5:9d:77:f9:c5:a4:9c:7f:b7:ca:
10:ab:43:09:a8:7f:0b:87:8d:6d:62:77:c4:6e:ac:
ac:85:45:6b:3f:2d:3c:ab:62:c6:af:c1:e5:87:7f:
6e:0c:c4:b3:90:71:d6:2f:db:ba:44:e6:fc:51:68:
d9:92:8d:6f:2c:86:14:a2:d4:68:8d:0b:c6:3d:88:
bc:ad:77:ec:52:6a:46:51:d5:36:27:ee:40:61:a9:
93:d0:46:02:a6:7c:05:d1:25:4f:73:c0:9a:00:2a:
47:4a:89:98:a6:d1:6c:16:89:b2:df:df:c5:78:c7:
1d:7f:c3:e7:74:43:e7:43:78:80:3f:89:94:fa:9c:
72:9a:a9:b1:7e:00:1c:c4:77:26:79:b6:48:8b:11:
f0:d9:15:2f:a8:41:03:29:8e:a7:75:16:11:90:37:
a1:6d:da:55:06:f2:09:06:5d:15:fb:74:03:ef:a3:
64:c6:2b:31:36:6e:da:d0:35:61:5e:de:7b:fa:14:
5a:83:72:f6:41:96:d4:23:e8:7b:b3:6a:19:85:82:
b5:34:90:4b:dc:d9:34:43:09:a9:12:e9:6a:04:eb:
50:ac:a1:59:13:78:c5:f6:dc:03:ee:47:01:d5:bb:
b8:09:87:dd:fc:b6:72:cf:1d:86:1d:16:00:bf:3b:
43:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D2:12:E8:27:58:B8:6D:B2:37:C7:E9:9E:BB:A5:98:C2:EE:FB:C2
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PtIS6CdYuG2yN8fpnrulmMLu-8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8c40::/29
2a11:a0c0::/29
2a11:a800::/29
2a12:20c0::/29
2a12:d180::/29
Signature Algorithm: sha256WithRSAEncryption
72:de:21:7d:b6:fe:8e:86:8a:1f:1f:e6:e6:6c:1c:99:dd:52:
25:cb:34:43:d8:7d:35:08:69:ae:55:30:21:e8:33:2b:51:70:
60:3f:d5:0f:4e:68:40:07:0a:da:dc:b6:5e:b5:55:e0:34:55:
fb:ec:6c:0c:b4:26:cd:d8:09:88:65:4d:65:21:c3:ff:8f:ef:
60:6e:38:b4:5c:d2:d5:49:1e:dd:2c:99:67:72:f5:64:5e:6d:
49:ef:8e:ac:c9:42:2e:05:19:ea:13:76:14:29:22:5e:be:90:
66:d4:be:52:8d:98:33:c7:47:69:c0:7f:d8:72:d5:7f:4a:94:
d8:9d:c4:e4:14:b2:ec:bb:1c:cc:1f:21:92:3b:2e:60:e9:8c:
56:4c:d3:60:fa:42:65:c9:90:ab:47:ea:ad:f8:91:ef:50:c7:
08:c5:13:e3:24:be:62:25:b5:87:f0:92:d9:2a:2d:25:c2:fe:
d8:35:b6:6f:8f:00:2d:ef:80:de:ac:dc:9d:c6:9e:bc:7c:74:
3e:40:d1:cc:2a:81:98:82:9d:12:a0:9b:1a:c3:66:d9:97:da:
90:78:ab:54:b5:05:95:9e:6e:1c:36:68:45:e4:e3:2e:ba:d0:
9d:b5:60:1b:d0:31:4b:91:44:ff:69:d7:2f:d2:41:1d:38:21:
c2:a8:b8:ca
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZIkkEoDIFaMVFnZhj4Pwwf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwOTI0MTUwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQyMTJlODI3NThiODZkYjIzN2M3ZTk5ZWJiYTU5OGMyZWVmYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhC/J7Wdd/nFpJx/t8oQq0MJqH8L
h41tYnfEbqyshUVrPy08q2LGr8Hlh39uDMSzkHHWL9u6ROb8UWjZko1vLIYUotRo
jQvGPYi8rXfsUmpGUdU2J+5AYamT0EYCpnwF0SVPc8CaACpHSomYptFsFomy39/F
eMcdf8PndEPnQ3iAP4mU+pxymqmxfgAcxHcmebZIixHw2RUvqEEDKY6ndRYRkDeh
bdpVBvIJBl0V+3QD76NkxisxNm7a0DVhXt57+hRag3L2QZbUI+h7s2oZhYK1NJBL
3Nk0QwmpEulqBOtQrKFZE3jF9twD7kcB1bu4CYfd/LZyzx2GHRYAvztDTwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD7SEugnWLhtsjfH6Z67pZjC7vvCMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUHRJUzZDZFl1RzJ5TjhmcG5ydWxtTUx1LThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhGMQAMF
AyoRoMADBQMqEagAAwUDKhIgwAMFAyoS0YAwDQYJKoZIhvcNAQELBQADggEBAHLe
IX22/o6Gih8f5uZsHJndUiXLNEPYfTUIaa5VMCHoMytRcGA/1Q9OaEAHCtrctl61
VeA0VfvsbAy0Js3YCYhlTWUhw/+P72BuOLRc0tVJHt0smWdy9WRebUnvjqzJQi4F
GeoTdhQpIl6+kGbUvlKNmDPHR2nAf9hy1X9KlNidxOQUsuy7HMwfIZI7LmDpjFZM
02D6QmXJkKtH6q34ke9QxwjFE+MkvmIltYfwktkqLSXC/tg1tm+PAC3vgN6s3J3G
nrx8dD5A0cwqgZiCnRKgmxrDZtmX2pB4q1S1BZWebhw2aEXk4y660J21YBvQMUuR
RP9p1y/SQR04IcKouMo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:02:48 2024 by rpki-client on console-fra.rpki-client.org