Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/xS_HcD_mfujR80it2n2oBr1mvns.roa
File: xS_HcD_mfujR80it2n2oBr1mvns.roa (raw, json)
Hash identifier: JqSKaenbgHdSPaACW99k5BV91n4o/wm0wIfF/H1+8WQ=
Subject key identifier: C5:2F:C7:70:3F:E6:7E:E8:D1:F3:48:AD:DA:7D:A8:06:BD:66:BE:7B
Certificate issuer: /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial: 0191D4B343C2D1B8FF44BD846FD4D57160C4
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/xS_HcD_mfujR80it2n2oBr1mvns.roa
Signing time: Mon 09 Sep 2024 02:53:23 +0000
ROA not before: Mon 09 Sep 2024 02:53:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151338
IP address blocks: 2a12:f8c1:40::/48 maxlen: 48
2a12:f8c1:41::/48 maxlen: 48
2a12:f8c1:42::/48 maxlen: 48
2a12:f8c1:43::/48 maxlen: 48
2a13:fc0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d4:b3:43:c2:d1:b8:ff:44:bd:84:6f:d4:d5:71:60:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Validity
Not Before: Sep 9 02:53:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c52fc7703fe67ee8d1f348adda7da806bd66be7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0d:32:68:3e:fc:17:33:dd:71:67:06:33:92:
02:2c:c1:f8:53:8f:17:d2:5d:1f:8e:d6:fd:3a:92:
9e:c6:43:ab:9b:2b:0d:57:8d:77:09:89:4f:5a:12:
f2:94:69:d8:26:91:ce:03:9a:8c:4a:9f:65:13:80:
a8:b0:69:eb:af:58:07:5e:8f:ea:46:6a:25:9c:c6:
87:52:69:48:74:0d:5c:4a:e4:27:3f:c9:48:78:d7:
3e:57:f2:dc:f5:93:77:1d:63:00:23:13:67:e5:b3:
d8:bf:b7:e2:41:20:2b:8b:eb:29:8b:0f:83:57:29:
6c:0a:81:a2:17:7c:99:60:1c:0b:9d:73:04:fb:ef:
5f:05:9c:a7:60:93:80:ce:c1:69:35:5a:2a:3b:83:
c9:9d:5b:6b:e6:fe:8b:6b:ab:06:91:c9:e3:1d:48:
a1:4d:e0:ab:7d:62:08:8d:a1:64:68:1b:55:3d:41:
0d:66:1f:9e:1c:55:ed:ea:49:5c:93:9f:30:2f:7a:
83:8f:c1:b8:5f:94:3c:cf:dd:89:5b:8c:44:53:35:
00:90:16:c8:d2:f8:7b:70:04:38:72:e9:33:46:f3:
0e:d4:23:77:a0:f5:95:4a:5c:fd:28:b6:20:53:9f:
47:c1:57:a1:6c:d3:d8:91:ad:3a:91:f2:8c:14:88:
2d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2F:C7:70:3F:E6:7E:E8:D1:F3:48:AD:DA:7D:A8:06:BD:66:BE:7B
X509v3 Authority Key Identifier:
keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/xS_HcD_mfujR80it2n2oBr1mvns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:40::/46
2a13:fc0::/44
Signature Algorithm: sha256WithRSAEncryption
27:c0:87:8a:de:0a:b4:83:8c:b3:8f:34:26:4c:0f:5e:d0:a1:
20:31:4f:2b:35:76:85:f5:dd:4b:c2:7b:00:77:0b:d2:70:4b:
6a:b4:7d:c8:ef:ba:57:b6:72:0e:8f:04:e9:6e:11:8c:09:a1:
41:68:3c:eb:f0:f9:e5:ad:05:6a:19:17:7e:a0:3d:ff:4d:90:
ea:f6:3a:27:39:f0:c1:37:f4:f3:e7:70:73:60:16:9b:36:39:
db:27:e5:cf:7a:b8:81:3e:20:bf:7f:e7:82:40:c5:54:76:3f:
36:1c:d2:1d:68:72:86:f8:f6:89:e0:0b:fc:ba:2e:61:5d:76:
fa:77:b3:64:76:a7:3c:3e:68:dd:08:7d:9d:3b:76:4a:d3:b8:
eb:20:80:1c:c2:a7:c8:b3:dd:e7:fc:b8:66:4b:99:60:83:ea:
51:08:dd:20:5f:07:27:81:35:84:e8:59:1f:a3:e0:be:7a:6f:
61:15:65:4a:3a:c6:a7:cc:a1:6b:2f:fa:dd:41:db:46:24:6b:
16:d6:c5:c4:6c:c4:d0:97:e9:76:ad:06:7e:16:80:93:ca:4c:
d1:8f:45:3d:11:a7:7e:e2:f2:3e:b8:19:f5:0c:97:01:78:b1:
29:9b:71:bd:bf:0e:f4:df:3d:f2:d0:12:28:e0:ed:68:f6:d4:
c4:04:7a:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHUs0PC0bj/RL2Eb9TVcWDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjQwOTA5MDI1MzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTJmYzc3MDNmZTY3ZWU4ZDFmMzQ4YWRkYTdkYTgwNmJkNjZiZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw0yaD78FzPdcWcGM5ICLMH4U48X
0l0fjtb9OpKexkOrmysNV413CYlPWhLylGnYJpHOA5qMSp9lE4CosGnrr1gHXo/q
RmolnMaHUmlIdA1cSuQnP8lIeNc+V/Lc9ZN3HWMAIxNn5bPYv7fiQSAri+spiw+D
VylsCoGiF3yZYBwLnXME++9fBZynYJOAzsFpNVoqO4PJnVtr5v6La6sGkcnjHUih
TeCrfWIIjaFkaBtVPUENZh+eHFXt6klck58wL3qDj8G4X5Q8z92JW4xEUzUAkBbI
0vh7cAQ4cukzRvMO1CN3oPWVSlz9KLYgU59HwVehbNPYka06kfKMFIgtvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMUvx3A/5n7o0fNIrdp9qAa9Zr57MB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEveFNfSGNEX21mdWpSODBpdDJuMm9CcjFtdm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKhL4wQBA
AwcEKhMPwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAnwIeK3gq0g4yzjzQmTA9e0KEg
MU8rNXaF9d1LwnsAdwvScEtqtH3I77pXtnIOjwTpbhGMCaFBaDzr8PnlrQVqGRd+
oD3/TZDq9jonOfDBN/Tz53BzYBabNjnbJ+XPeriBPiC/f+eCQMVUdj82HNIdaHKG
+PaJ4Av8ui5hXXb6d7Nkdqc8PmjdCH2dO3ZK07jrIIAcwqfIs93n/LhmS5lgg+pR
CN0gXwcngTWE6Fkfo+C+em9hFWVKOsanzKFrL/rdQdtGJGsW1sXEbMTQl+l2rQZ+
FoCTykzRj0U9Ead+4vI+uBn1DJcBeLEpm3G9vw703z3y0BIo4O1o9tTEBHpx
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:49:06 2024 by rpki-client on console-ams.rpki-client.org