Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/LaE4j-P_SmpC8EKJKgLtfTwh25o.roa
File: LaE4j-P_SmpC8EKJKgLtfTwh25o.roa (raw, json)
Hash identifier: 1454HYUUTR+AP8XuuWDcl6omHwykw/FDUxRzpxIKYj8=
Subject key identifier: 2D:A1:38:8F:E3:FF:4A:6A:42:F0:42:89:2A:02:ED:7D:3C:21:DB:9A
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018CC64B3AF8BB11356CAA96834960921EA1
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/LaE4j-P_SmpC8EKJKgLtfTwh25o.roa
Signing time: Mon 01 Jan 2024 18:31:08 +0000
ROA not before: Mon 01 Jan 2024 18:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202888
IP address blocks: 2a12:3fc2:bb00::/40 maxlen: 48
2a12:3fc2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:3a:f8:bb:11:35:6c:aa:96:83:49:60:92:1e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 18:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2da1388fe3ff4a6a42f042892a02ed7d3c21db9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:01:f4:58:3e:e2:1f:27:d6:9c:53:78:74:43:
16:2c:ee:26:b0:c6:d9:99:04:e6:44:ff:f8:82:40:
a4:cf:2a:60:c3:5f:9e:49:e6:81:74:0b:fd:bf:a1:
60:0b:35:93:fd:29:51:1a:21:ed:27:6f:26:f6:2d:
6e:bc:ad:97:de:9b:7f:01:e4:ad:73:20:49:17:27:
8c:97:71:0e:a8:58:eb:87:4a:bb:fd:62:cc:2a:a5:
48:78:5c:c3:b7:38:3c:c3:ee:e2:12:c1:47:19:af:
54:5b:21:ec:13:7a:27:86:7a:30:74:3b:80:19:42:
28:20:c3:43:e0:6d:ce:01:99:77:37:ba:a0:34:21:
a7:0a:7c:bf:06:6d:2a:de:e3:72:60:51:32:41:46:
59:3f:c5:5a:cd:92:7d:0e:5a:6c:e1:8a:e9:ed:4d:
be:96:17:66:85:aa:ca:7d:85:1c:5a:4b:b9:f7:c8:
f6:ea:f3:4a:66:37:c1:e4:7c:28:58:4b:1d:56:b7:
a0:e0:fe:2a:ee:cc:1d:f6:d3:94:ab:82:7a:d1:4e:
07:8f:5f:d5:52:14:ce:b9:cb:d3:8e:bf:9a:93:91:
c9:33:01:ed:8f:9a:26:7b:33:3b:d4:63:9f:da:94:
f5:cf:05:32:ee:54:b1:a7:d7:d0:42:ce:21:46:fa:
3a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A1:38:8F:E3:FF:4A:6A:42:F0:42:89:2A:02:ED:7D:3C:21:DB:9A
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/LaE4j-P_SmpC8EKJKgLtfTwh25o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2::/32
Signature Algorithm: sha256WithRSAEncryption
56:2d:d4:0f:1d:f2:80:07:f1:d8:85:f6:05:ca:0e:aa:5f:18:
c3:4c:ac:9e:6f:37:83:a2:ed:b9:18:6d:9a:eb:92:16:01:66:
95:ad:2c:c3:23:0b:09:44:9b:cb:12:3c:b3:0b:74:71:af:2b:
36:66:85:fd:a1:47:bf:83:d5:41:83:69:40:34:9a:e1:7a:e7:
aa:f3:83:e9:cc:7e:55:82:41:2e:35:1b:64:9a:fb:a2:4b:3d:
11:de:4e:09:dc:61:38:f0:84:14:0b:6c:fb:cf:05:fc:7f:1f:
90:67:9e:4c:da:bc:7d:6a:7e:b9:39:c8:5e:ea:f4:b1:ce:48:
07:33:e6:49:09:79:d3:29:3f:30:ec:8e:bd:37:0a:12:a4:23:
89:03:1e:af:a4:10:eb:1e:e2:eb:c8:19:1e:8d:7d:01:94:ca:
37:43:42:a4:a8:b0:eb:7a:b0:5c:b0:11:15:36:13:ed:3c:2f:
8d:c3:a7:7f:fe:23:a6:a0:c8:a7:1d:bd:aa:ca:86:8f:cb:48:
98:6b:50:d7:f3:8d:d7:77:24:ee:16:59:a0:04:7a:b8:a9:df:
1d:5f:4f:d5:bd:8b:3a:f3:de:52:75:5e:2d:ef:95:f5:e5:0f:
71:db:ca:dd:8c:a6:5b:4a:b4:e5:06:53:27:5c:09:f6:1c:6c:
0a:dd:52:a5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSzr4uxE1bKqWg0lgkh6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwMTAxMTgzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGExMzg4ZmUzZmY0YTZhNDJmMDQyODkyYTAyZWQ3ZDNjMjFkYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQH0WD7iHyfWnFN4dEMWLO4msMbZ
mQTmRP/4gkCkzypgw1+eSeaBdAv9v6FgCzWT/SlRGiHtJ28m9i1uvK2X3pt/AeSt
cyBJFyeMl3EOqFjrh0q7/WLMKqVIeFzDtzg8w+7iEsFHGa9UWyHsE3onhnowdDuA
GUIoIMND4G3OAZl3N7qgNCGnCny/Bm0q3uNyYFEyQUZZP8VazZJ9Dlps4Yrp7U2+
lhdmharKfYUcWku598j26vNKZjfB5HwoWEsdVreg4P4q7swd9tOUq4J60U4Hj1/V
UhTOucvTjr+ak5HJMwHtj5omezM71GOf2pT1zwUy7lSxp9fQQs4hRvo6TQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC2hOI/j/0pqQvBCiSoC7X08IduaMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvTGFFNGotUF9TbXBDOEVLSktnTHRmVHdoMjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhI/wjAN
BgkqhkiG9w0BAQsFAAOCAQEAVi3UDx3ygAfx2IX2BcoOql8Yw0ysnm83g6LtuRht
muuSFgFmla0swyMLCUSbyxI8swt0ca8rNmaF/aFHv4PVQYNpQDSa4XrnqvOD6cx+
VYJBLjUbZJr7oks9Ed5OCdxhOPCEFAts+88F/H8fkGeeTNq8fWp+uTnIXur0sc5I
BzPmSQl50yk/MOyOvTcKEqQjiQMer6QQ6x7i68gZHo19AZTKN0NCpKiw63qwXLAR
FTYT7TwvjcOnf/4jpqDIpx29qsqGj8tImGtQ1/ON13ck7hZZoAR6uKnfHV9P1b2L
OvPeUnVeLe+V9eUPcdvK3YymW0q05QZTJ1wJ9hxsCt1SpQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:05:45 2024 by rpki-client on console-ams.rpki-client.org