Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/CRLBWJjZriyPrYURMvIquLdPRys.roa
File: CRLBWJjZriyPrYURMvIquLdPRys.roa (raw, json)
Hash identifier: Cd/A940X3fuTYvBMwyqqOk4yQcscZ+5GV8h5Gt4WF0U=
Subject key identifier: 09:12:C1:58:98:D9:AE:2C:8F:AD:85:11:32:F2:2A:B8:B7:4F:47:2B
Certificate issuer: /CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Certificate serial: 0192CA64CE116CC128B15549464C7CDF2458
Authority key identifier: C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/CRLBWJjZriyPrYURMvIquLdPRys.roa
Signing time: Sat 26 Oct 2024 19:54:16 +0000
ROA not before: Sat 26 Oct 2024 19:54:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a07:2486::/48 maxlen: 48
2a07:2486:1::/48 maxlen: 48
2a07:2486:333::/48 maxlen: 48
2a07:2487::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ca:64:ce:11:6c:c1:28:b1:55:49:46:4c:7c:df:24:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c236e8c216f05a9d9e0327f1222bf12198aba5da
Validity
Not Before: Oct 26 19:54:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0912c15898d9ae2c8fad851132f22ab8b74f472b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:26:06:54:ab:81:4b:62:cb:ba:d1:c4:64:7e:
56:77:67:0a:ac:b0:d9:2f:52:06:b0:43:0e:ae:4d:
b3:42:fa:7d:1b:91:a2:32:61:0d:94:43:a8:b9:23:
47:85:ea:d5:ef:ea:8e:d6:78:4f:8f:2c:07:07:0e:
f2:92:49:69:17:9c:9e:ff:6c:57:93:f1:45:8a:b8:
e9:d3:94:eb:20:04:ee:e1:0c:d8:60:b8:c9:33:1c:
d1:01:81:ce:2a:a7:9d:a2:7b:93:db:e5:8f:fa:60:
51:70:51:1e:86:27:5c:b1:eb:fe:84:34:b9:c3:bc:
68:3a:58:94:10:ad:50:17:2a:8a:14:6b:c4:0b:c8:
a6:e9:63:25:d5:64:55:b8:43:d9:50:25:0a:ec:70:
c8:25:ce:0e:cd:d6:eb:95:f0:55:a1:48:11:5f:82:
bc:f8:1c:94:2d:21:cf:2f:c8:8c:9b:c5:5a:05:00:
c1:09:c8:e4:d7:50:d2:85:02:ca:ec:32:04:58:76:
85:2f:7c:b5:68:5e:52:b2:e7:71:bf:8a:2e:a6:7e:
c3:88:0d:8f:08:d6:83:2c:66:69:08:0f:0e:09:0e:
70:9b:2e:34:dd:a4:99:29:a0:7c:af:e5:35:69:3b:
f2:c0:c5:50:b6:0e:2a:10:58:69:37:04:9f:db:f7:
e2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:12:C1:58:98:D9:AE:2C:8F:AD:85:11:32:F2:2A:B8:B7:4F:47:2B
X509v3 Authority Key Identifier:
keyid:C2:36:E8:C2:16:F0:5A:9D:9E:03:27:F1:22:2B:F1:21:98:AB:A5:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjbowhbwWp2eAyfxIivxIZirpdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/CRLBWJjZriyPrYURMvIquLdPRys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2a413e-8974-4dc7-9ce8-384ffce77f52/1/wjbowhbwWp2eAyfxIivxIZirpdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486::/47
2a07:2486:333::/48
2a07:2487::/32
Signature Algorithm: sha256WithRSAEncryption
53:cb:98:ba:a3:2e:6a:86:ff:8c:2b:83:7b:30:2b:88:e2:a4:
55:ad:65:ab:3e:0a:92:b0:60:da:13:f6:66:42:dc:4f:b2:db:
aa:54:12:a3:b4:51:72:0f:37:1f:32:0e:cb:93:00:b3:f6:98:
26:a6:5c:6b:ba:18:b7:c5:7d:00:4f:80:8d:6b:ac:11:44:18:
4f:20:31:64:48:ed:4e:1c:3a:3f:10:b3:6d:67:70:ca:61:36:
1d:e5:26:cf:a3:10:45:d8:0c:09:ad:80:7c:f6:22:db:73:27:
ce:d4:bf:4c:50:51:de:dc:35:af:56:e4:3a:ec:5f:8d:3b:e7:
5b:41:c6:7e:6b:be:32:2e:6f:99:3b:1a:44:a6:a2:c8:aa:a9:
e7:7f:1e:10:46:bc:e1:b8:c4:83:af:ca:c2:52:a2:55:47:e3:
ad:fb:d9:7c:10:5f:44:f2:29:79:4a:5b:36:2a:5d:fd:b5:b4:
43:4d:19:61:9b:ec:52:b1:b2:f3:be:f9:e5:dc:36:4a:dd:6a:
b6:20:04:8c:6a:a0:12:8f:01:a8:9c:0a:fb:3e:d7:17:c7:85:
76:ce:f7:84:4b:a2:45:41:80:ed:e4:79:0a:ae:23:9e:ec:bb:
df:8e:cc:58:c2:75:37:39:7c:d4:c9:3e:7c:71:6d:4c:6c:85:
ce:0a:09:36
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZLKZM4RbMEosVVJRkx83yRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzZlOGMyMTZmMDVhOWQ5ZTAzMjdmMTIyMmJmMTIxOThh
YmE1ZGEwHhcNMjQxMDI2MTk1NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTEyYzE1ODk4ZDlhZTJjOGZhZDg1MTEzMmYyMmFiOGI3NGY0NzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyYGVKuBS2LLutHEZH5Wd2cKrLDZ
L1IGsEMOrk2zQvp9G5GiMmENlEOouSNHherV7+qO1nhPjywHBw7ykklpF5ye/2xX
k/FFirjp05TrIATu4QzYYLjJMxzRAYHOKqedonuT2+WP+mBRcFEehidcsev+hDS5
w7xoOliUEK1QFyqKFGvEC8im6WMl1WRVuEPZUCUK7HDIJc4OzdbrlfBVoUgRX4K8
+ByULSHPL8iMm8VaBQDBCcjk11DShQLK7DIEWHaFL3y1aF5Ssudxv4oupn7DiA2P
CNaDLGZpCA8OCQ5wmy403aSZKaB8r+U1aTvywMVQtg4qEFhpNwSf2/fiLwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFAkSwViY2a4sj62FETLyKri3T0crMB8GA1UdIwQY
MBaAFMI26MIW8FqdngMn8SIr8SGYq6XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgt
Mzg0ZmZjZTc3ZjUyLzEvQ1JMQldKalpyaXlQcllVUk12SXF1TGRQUnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yYTQxM2UtODk3NC00ZGM3LTljZTgtMzg0ZmZjZTc3ZjUy
LzEvd2pib3doYndXcDJlQXlmeElpdnhJWmlycGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwcBKgckhgAA
AwcAKgckhgMzAwUAKgckhzANBgkqhkiG9w0BAQsFAAOCAQEAU8uYuqMuaob/jCuD
ezAriOKkVa1lqz4KkrBg2hP2ZkLcT7LbqlQSo7RRcg83HzIOy5MAs/aYJqZca7oY
t8V9AE+AjWusEUQYTyAxZEjtThw6PxCzbWdwymE2HeUmz6MQRdgMCa2AfPYi23Mn
ztS/TFBR3tw1r1bkOuxfjTvnW0HGfmu+Mi5vmTsaRKaiyKqp538eEEa84bjEg6/K
wlKiVUfjrfvZfBBfRPIpeUpbNipd/bW0Q00ZYZvsUrGy87755dw2St1qtiAEjGqg
Eo8BqJwK+z7XF8eFds73hEuiRUGA7eR5Cq4jnuy7347MWMJ1Nzl81Mk+fHFtTGyF
zgoJNg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:06 2024 by rpki-client on console-ams.rpki-client.org