Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/6jpH2KmKxuq3d_1EkMkP-EV3Zko.roa
File: 6jpH2KmKxuq3d_1EkMkP-EV3Zko.roa (raw, json)
Hash identifier: 979mEEIF1tLZhw707hThJyXLiJyvcSryUYj09453KMY=
Subject key identifier: EA:3A:47:D8:A9:8A:C6:EA:B7:77:FD:44:90:C9:0F:F8:45:77:66:4A
Certificate issuer: /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial: 0191D4B34455844F372892F84A719959A64A
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/6jpH2KmKxuq3d_1EkMkP-EV3Zko.roa
Signing time: Mon 09 Sep 2024 02:53:23 +0000
ROA not before: Mon 09 Sep 2024 02:53:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216447
IP address blocks: 2a12:f8c2:900::/40 maxlen: 40
2a12:f8c2:900::/44 maxlen: 44
2a12:f8c2:9e0::/44 maxlen: 44
2a12:f8c2:9f0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d4:b3:44:55:84:4f:37:28:92:f8:4a:71:99:59:a6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Validity
Not Before: Sep 9 02:53:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea3a47d8a98ac6eab777fd4490c90ff84577664a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0c:cf:8d:11:9e:ec:ab:dd:23:0b:a3:68:d9:
59:4c:02:cb:01:fb:dc:6d:7f:9d:27:48:ca:98:75:
fd:30:3b:ad:a7:fd:32:b0:e7:af:45:d6:07:3c:3a:
40:8c:86:60:be:52:2a:1a:e1:d2:fb:50:61:50:51:
02:10:be:e0:1c:25:49:f9:23:47:a9:96:ad:f7:94:
53:3f:23:08:0c:f7:86:16:86:f2:98:6c:07:7e:f6:
5e:76:04:2b:8a:47:2e:9d:2e:dd:ef:5d:e7:95:cd:
dc:a5:23:d8:a6:32:42:93:0b:1e:39:5e:5e:45:dd:
eb:66:73:bb:f1:65:25:4d:d6:96:ba:82:27:7b:55:
42:ee:c3:73:45:89:86:e3:f6:fa:34:f5:e8:89:80:
e3:cb:3a:56:5b:e3:d7:e0:40:51:97:e6:85:e4:98:
69:c4:82:43:66:43:08:c5:93:af:e1:3e:c7:a1:9a:
97:58:81:85:8d:8e:9e:45:ee:77:3f:6a:9c:84:ce:
2f:90:3d:09:7f:1c:f5:44:d2:08:e4:cd:ae:0a:4f:
d7:6e:6d:15:51:54:84:25:4a:d0:b0:de:24:1e:12:
5e:d1:cf:64:44:62:ed:27:e0:b6:96:6c:88:51:e3:
5c:86:e7:10:c4:da:e2:86:c4:bf:e4:cf:e5:4b:4b:
ba:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3A:47:D8:A9:8A:C6:EA:B7:77:FD:44:90:C9:0F:F8:45:77:66:4A
X509v3 Authority Key Identifier:
keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/6jpH2KmKxuq3d_1EkMkP-EV3Zko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:900::/40
Signature Algorithm: sha256WithRSAEncryption
18:94:c6:72:34:fd:c7:73:b5:03:bf:30:61:93:51:99:1a:d8:
b6:6a:ed:06:19:95:31:52:e4:73:4d:2c:0c:c5:e3:75:00:1c:
03:72:d4:98:73:fe:d6:9c:79:5f:c2:06:55:89:69:46:34:5b:
a2:2f:2a:34:94:31:b3:c5:47:f9:b6:d5:e9:27:b3:81:8f:cc:
07:f4:03:fc:f6:f4:11:b5:03:85:46:4c:78:74:73:53:2e:19:
e3:f1:5d:82:1f:71:a5:c9:aa:52:78:ce:4f:46:05:73:9a:ed:
7a:33:3f:a8:81:78:bc:74:a5:0d:5b:f8:9f:96:21:ec:89:be:
d4:20:17:b0:cb:71:59:05:25:89:4c:e4:48:e9:5f:c2:48:d2:
26:93:5e:f0:5a:5c:2c:74:6b:79:9f:8b:4a:02:a8:7a:7c:29:
69:e8:25:d2:d5:d7:e6:02:c8:9b:16:72:e7:5e:7f:35:6c:b0:
d1:55:c2:15:14:49:66:14:1c:75:17:e0:75:01:f7:3f:7b:b9:
24:db:e4:78:7c:56:4a:45:0d:75:07:fa:13:83:b9:b2:43:80:
0f:84:fa:d6:ff:16:b1:8d:7e:04:39:9a:cc:bf:07:3e:0f:0e:
0a:87:35:ff:3e:a4:13:0c:cd:d8:bc:35:e8:8f:0c:5c:e2:14:
89:10:c6:62
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZHUs0RVhE83KJL4SnGZWaZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjQwOTA5MDI1MzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTNhNDdkOGE5OGFjNmVhYjc3N2ZkNDQ5MGM5MGZmODQ1Nzc2NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAzPjRGe7KvdIwujaNlZTALLAfvc
bX+dJ0jKmHX9MDutp/0ysOevRdYHPDpAjIZgvlIqGuHS+1BhUFECEL7gHCVJ+SNH
qZat95RTPyMIDPeGFobymGwHfvZedgQrikcunS7d713nlc3cpSPYpjJCkwseOV5e
Rd3rZnO78WUlTdaWuoIne1VC7sNzRYmG4/b6NPXoiYDjyzpWW+PX4EBRl+aF5Jhp
xIJDZkMIxZOv4T7HoZqXWIGFjY6eRe53P2qchM4vkD0Jfxz1RNII5M2uCk/Xbm0V
UVSEJUrQsN4kHhJe0c9kRGLtJ+C2lmyIUeNchucQxNrihsS/5M/lS0u6BwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOo6R9ipisbqt3f9RJDJD/hFd2ZKMB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEvNmpwSDJLbUt4dXEzZF8xRWtNa1AtRVYzWmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgkw
DQYJKoZIhvcNAQELBQADggEBABiUxnI0/cdztQO/MGGTUZka2LZq7QYZlTFS5HNN
LAzF43UAHANy1Jhz/taceV/CBlWJaUY0W6IvKjSUMbPFR/m21ekns4GPzAf0A/z2
9BG1A4VGTHh0c1MuGePxXYIfcaXJqlJ4zk9GBXOa7XozP6iBeLx0pQ1b+J+WIeyJ
vtQgF7DLcVkFJYlM5EjpX8JI0iaTXvBaXCx0a3mfi0oCqHp8KWnoJdLV1+YCyJsW
cudefzVssNFVwhUUSWYUHHUX4HUB9z97uSTb5Hh8VkpFDXUH+hODubJDgA+E+tb/
FrGNfgQ5msy/Bz4PDgqHNf8+pBMMzdi8NeiPDFziFIkQxmI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:42 2024 by rpki-client on console-ams.rpki-client.org