Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/woD2-S42iclmz88x2KRFRTbr39Q.roa
File: woD2-S42iclmz88x2KRFRTbr39Q.roa (raw, json)
Hash identifier: Qglf/9UPzur0UuWdnM9HCm0j768aWSmizS5qrflI9Ro=
Subject key identifier: C2:80:F6:F9:2E:36:89:C9:66:CF:CF:31:D8:A4:45:45:36:EB:DF:D4
Certificate issuer: /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial: 0191D4B34012A5AB0C04C7EE91ED5CFEEFB7
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/woD2-S42iclmz88x2KRFRTbr39Q.roa
Signing time: Mon 09 Sep 2024 02:53:22 +0000
ROA not before: Mon 09 Sep 2024 02:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:50::/48 maxlen: 48
2a12:f8c1:51::/48 maxlen: 48
2a12:f8c1:52::/48 maxlen: 48
2a12:f8c1:53::/48 maxlen: 48
2a12:f8c1:54::/48 maxlen: 48
2a12:f8c1:55::/48 maxlen: 48
2a12:f8c1:56::/48 maxlen: 48
2a12:f8c1:57::/48 maxlen: 48
2a12:f8c1:58::/48 maxlen: 48
2a13:fc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d4:b3:40:12:a5:ab:0c:04:c7:ee:91:ed:5c:fe:ef:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Validity
Not Before: Sep 9 02:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c280f6f92e3689c966cfcf31d8a4454536ebdfd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:13:83:d8:e6:a3:8b:a5:ba:26:89:f6:74:98:
9e:5c:c3:b7:22:2b:cd:5b:92:88:be:b5:7a:2f:85:
bf:31:39:71:6c:52:24:c0:c1:ca:10:9d:f1:5b:1b:
8c:69:47:e9:f6:3a:84:23:99:c3:81:d8:53:79:9b:
f6:60:e5:0b:98:33:85:bd:54:7e:74:95:c7:c4:17:
4a:46:42:dc:28:eb:c3:5c:40:00:be:f1:25:60:9d:
e4:29:3f:c0:54:01:88:99:ff:b9:a0:f8:3a:d8:72:
7a:27:09:09:3e:d0:e7:df:47:13:c2:da:86:fc:d4:
84:33:53:95:43:f6:ce:56:03:92:af:71:2a:1c:39:
85:15:10:f0:33:a4:9f:9e:e5:7f:6c:3b:84:90:7c:
35:bf:0c:64:80:89:b7:03:84:fc:18:7c:f5:c4:6b:
d2:42:67:12:33:1c:e8:a0:e2:b8:06:ef:7c:a8:cb:
21:b9:b2:0d:1d:29:cf:f2:aa:bc:04:b1:ec:59:32:
25:07:df:1c:7d:89:a5:54:12:4a:a1:48:34:8e:69:
e0:9d:eb:5f:65:b0:b6:34:ce:77:84:36:b7:92:e2:
d0:59:fe:37:3d:ee:01:4f:6f:2a:26:a5:7f:0f:26:
97:91:9e:00:0b:aa:e4:cf:1f:55:50:2e:b1:a0:cd:
34:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:80:F6:F9:2E:36:89:C9:66:CF:CF:31:D8:A4:45:45:36:EB:DF:D4
X509v3 Authority Key Identifier:
keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/woD2-S42iclmz88x2KRFRTbr39Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::-2a12:f8c1:58:ffff:ffff:ffff:ffff:ffff
2a13:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
75:82:9e:b8:e7:b7:3c:2f:6c:e8:a6:0e:4e:ae:6e:cd:90:dd:
d6:27:5b:00:cd:78:7a:5a:d3:70:ec:29:a2:59:38:4a:d9:ae:
5a:f0:d4:38:ed:d6:81:26:5b:5b:05:49:c7:f6:90:db:1f:fc:
ac:d5:5d:f7:8a:14:eb:59:1f:05:5b:a3:4e:30:0a:cb:09:4d:
74:ef:28:6a:60:33:e6:7a:e1:8b:3a:2f:77:52:97:72:a2:94:
99:8a:bd:a9:10:0e:55:cc:19:a4:e4:13:14:c8:d5:4c:22:9e:
3b:3b:c0:d4:9c:4c:46:08:d7:e3:05:92:00:3b:ae:51:cc:8e:
bc:5a:13:6b:07:6d:89:a1:9e:9b:9d:b4:23:3f:a9:37:8f:f8:
7d:39:1b:0e:3a:fa:66:91:6a:3b:ca:c8:64:98:25:ce:e7:db:
88:b3:00:d3:d0:87:6b:c8:79:f3:28:33:12:87:c5:33:64:d2:
87:21:c9:d7:2b:06:a2:1f:dc:79:2e:20:ba:22:7e:bc:b7:0a:
b9:55:1b:01:69:16:ca:10:3b:2f:5e:26:7a:63:ea:9c:f8:5c:
30:68:36:9e:56:6b:0a:a1:6b:4b:40:6b:b6:8d:71:df:94:ed:
0b:bd:56:c4:e4:73:35:e5:25:3d:dd:9d:3e:db:4c:a5:49:a5:
f5:21:21:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZHUs0ASpasMBMfuke1c/u+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjQwOTA5MDI1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjgwZjZmOTJlMzY4OWM5NjZjZmNmMzFkOGE0NDU0NTM2ZWJkZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hOD2Oaji6W6Jon2dJieXMO3IivN
W5KIvrV6L4W/MTlxbFIkwMHKEJ3xWxuMaUfp9jqEI5nDgdhTeZv2YOULmDOFvVR+
dJXHxBdKRkLcKOvDXEAAvvElYJ3kKT/AVAGImf+5oPg62HJ6JwkJPtDn30cTwtqG
/NSEM1OVQ/bOVgOSr3EqHDmFFRDwM6SfnuV/bDuEkHw1vwxkgIm3A4T8GHz1xGvS
QmcSMxzooOK4Bu98qMshubINHSnP8qq8BLHsWTIlB98cfYmlVBJKoUg0jmngnetf
ZbC2NM53hDa3kuLQWf43Pe4BT28qJqV/DyaXkZ4AC6rkzx9VUC6xoM008QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMKA9vkuNonJZs/PMdikRUU269/UMB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEvd29EMi1TNDJpY2xtejg4eDJLUkZSVGJyMzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBIDBwQqEvjB
AFADBwAqEvjBAFgDBQMqEw/AMA0GCSqGSIb3DQEBCwUAA4IBAQB1gp6457c8L2zo
pg5Orm7NkN3WJ1sAzXh6WtNw7CmiWThK2a5a8NQ47daBJltbBUnH9pDbH/ys1V33
ihTrWR8FW6NOMArLCU107yhqYDPmeuGLOi93UpdyopSZir2pEA5VzBmk5BMUyNVM
Ip47O8DUnExGCNfjBZIAO65RzI68WhNrB22JoZ6bnbQjP6k3j/h9ORsOOvpmkWo7
yshkmCXO59uIswDT0IdryHnzKDMSh8UzZNKHIcnXKwaiH9x5LiC6In68twq5VRsB
aRbKEDsvXiZ6Y+qc+FwwaDaeVmsKoWtLQGu2jXHflO0LvVbE5HM15SU93Z0+20yl
SaX1ISHc
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:28 2024 by rpki-client on console-fra.rpki-client.org