Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/PswHu72EXw-9uVwXFSkur3b8WUo.roa
File: PswHu72EXw-9uVwXFSkur3b8WUo.roa (raw, json)
Hash identifier: U1MGzETJsMRdLoLvQpIYrFdD62RfExlGvaak4z7I4Cg=
Subject key identifier: 3E:CC:07:BB:BD:84:5F:0F:BD:B9:5C:17:15:29:2E:AF:76:FC:59:4A
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 018CC26D33D4924AE45F735FD2716DD9698D
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/PswHu72EXw-9uVwXFSkur3b8WUo.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 2a0d:3900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:33:d4:92:4a:e4:5f:73:5f:d2:71:6d:d9:69:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ecc07bbbd845f0fbdb95c1715292eaf76fc594a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:a0:d8:1a:98:00:42:6b:a6:2e:3e:51:2e:
9c:d0:19:3f:b5:48:5d:98:7c:b3:79:33:d1:c2:b8:
53:04:d0:8b:9c:7e:09:c6:66:dc:44:00:ef:ad:09:
e6:7c:0d:9b:61:f4:ac:67:18:bd:7d:e3:ad:50:41:
72:1d:14:7e:d8:c0:f2:96:d1:b2:8e:02:c1:2d:38:
0a:e1:16:ad:84:ca:ca:01:0f:b6:ff:ed:5d:97:f6:
08:4e:e1:57:a0:27:b3:aa:c5:0f:28:d8:a8:10:a0:
48:88:d3:ed:7b:f3:e0:a8:83:5d:cc:db:b1:72:dc:
22:38:35:62:74:ce:7a:cd:fc:1b:1a:34:fb:6a:78:
12:59:27:50:be:2a:68:07:fd:d2:5a:69:c4:80:f6:
9e:bf:e5:5b:a7:6f:4e:3d:51:f4:1e:7f:f9:1e:a3:
15:a8:1c:f8:88:b4:70:24:47:aa:5a:d0:a0:95:4b:
bd:62:ac:fe:20:98:79:04:1e:c6:5f:b9:dd:75:da:
a6:a9:5a:8f:ac:28:6c:1f:06:17:36:07:b6:61:21:
cc:18:0e:30:d8:d7:c3:29:ce:b2:ec:cf:09:c9:1b:
3b:00:09:4a:1f:d0:71:6e:e8:1b:70:04:0d:92:e6:
d5:ce:22:90:79:28:52:8b:57:d6:bd:0d:72:64:c4:
9c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CC:07:BB:BD:84:5F:0F:BD:B9:5C:17:15:29:2E:AF:76:FC:59:4A
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/PswHu72EXw-9uVwXFSkur3b8WUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3900::/29
Signature Algorithm: sha256WithRSAEncryption
88:26:4e:dc:c9:44:57:07:fc:97:25:67:f6:e3:af:2c:53:b4:
f0:88:49:ec:2c:13:44:1b:85:a3:c8:d5:be:3a:f2:6f:2b:c2:
77:2e:fc:f0:13:ff:5f:7c:0d:78:d3:b4:89:c0:08:21:af:eb:
ba:b3:d5:55:22:8b:9b:de:0d:24:fb:01:35:c0:b6:68:69:97:
ef:0b:d0:13:47:fc:05:6d:11:7b:e6:e7:a4:9e:51:e5:c8:6f:
dc:28:6a:97:02:d0:41:24:a6:ba:94:60:7a:d9:93:04:a3:2d:
3f:79:f2:44:69:a0:62:a5:28:c4:8c:d9:66:41:8d:7b:2f:37:
5b:16:d2:1f:f5:06:88:16:7f:42:f9:24:ac:dd:b8:ee:81:bd:
f3:0c:7e:15:f8:6a:bd:c4:ef:dd:85:d8:ca:9e:0b:32:89:e9:
4b:e3:d2:3b:3c:03:6e:2c:3d:79:69:b8:1e:2a:f3:92:02:1f:
87:d2:2d:35:fd:ec:49:32:20:0a:49:51:d5:06:e5:33:fb:55:
53:27:df:c3:eb:28:07:35:aa:71:4f:32:d4:91:2c:e9:8c:d1:
21:72:fb:fe:57:59:6f:74:29:30:95:4d:86:50:3b:57:83:fe:
be:38:52:25:99:2e:76:a2:ca:e6:d0:83:96:bd:b5:36:89:4a:
30:7d:33:b7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzCbTPUkkrkX3Nf0nFt2WmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWNjMDdiYmJkODQ1ZjBmYmRiOTVjMTcxNTI5MmVhZjc2ZmM1OTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxWg2BqYAEJrpi4+US6c0Bk/tUhd
mHyzeTPRwrhTBNCLnH4JxmbcRADvrQnmfA2bYfSsZxi9feOtUEFyHRR+2MDyltGy
jgLBLTgK4RathMrKAQ+2/+1dl/YITuFXoCezqsUPKNioEKBIiNPte/PgqINdzNux
ctwiODVidM56zfwbGjT7angSWSdQvipoB/3SWmnEgPaev+Vbp29OPVH0Hn/5HqMV
qBz4iLRwJEeqWtCglUu9Yqz+IJh5BB7GX7ndddqmqVqPrChsHwYXNge2YSHMGA4w
2NfDKc6y7M8JyRs7AAlKH9BxbugbcAQNkubVziKQeShSi1fWvQ1yZMScaQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD7MB7u9hF8PvblcFxUpLq92/FlKMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvUHN3SHU3MkVYdy05dVZ3WEZTa3VyM2I4V1VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg05ADAN
BgkqhkiG9w0BAQsFAAOCAQEAiCZO3MlEVwf8lyVn9uOvLFO08IhJ7CwTRBuFo8jV
vjrybyvCdy788BP/X3wNeNO0icAIIa/rurPVVSKLm94NJPsBNcC2aGmX7wvQE0f8
BW0Re+bnpJ5R5chv3ChqlwLQQSSmupRgetmTBKMtP3nyRGmgYqUoxIzZZkGNey83
WxbSH/UGiBZ/QvkkrN247oG98wx+FfhqvcTv3YXYyp4LMonpS+PSOzwDbiw9eWm4
HirzkgIfh9ItNf3sSTIgCklR1QblM/tVUyffw+soBzWqcU8y1JEs6YzRIXL7/ldZ
b3QpMJVNhlA7V4P+vjhSJZkudqLK5tCDlr21NolKMH0ztw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:29 2024 by rpki-client on console-ams.rpki-client.org