Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/5iwH8Hc5OLWpWJBRoNBwV-4RGz8.roa
File: 5iwH8Hc5OLWpWJBRoNBwV-4RGz8.roa (raw, json)
Hash identifier: 0xWkcEj6nqvmCPEMzIn6z3JacDxRBbemf2GkKrC+XeE=
Subject key identifier: E6:2C:07:F0:77:39:38:B5:A9:58:90:51:A0:D0:70:57:EE:11:1B:3F
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01930741F351F70B51FBBB4445E4D7863041
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/5iwH8Hc5OLWpWJBRoNBwV-4RGz8.roa
Signing time: Thu 07 Nov 2024 15:33:02 +0000
ROA not before: Thu 07 Nov 2024 15:33:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210344
IP address blocks: 2a12:7a40:9904::/48 maxlen: 48
2a12:7a40:9914::/48 maxlen: 48
2a12:7a40:9924::/48 maxlen: 48
2a12:7a40:9934::/48 maxlen: 48
2a12:7a40:9944::/48 maxlen: 48
2a12:7a40:9954::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:41:f3:51:f7:0b:51:fb:bb:44:45:e4:d7:86:30:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 7 15:33:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e62c07f0773938b5a9589051a0d07057ee111b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5c:bd:f1:f9:eb:b7:4e:47:04:6f:8c:75:01:
d0:f5:cb:be:ac:eb:7a:88:fb:0a:7d:ca:03:0e:3f:
ab:18:3e:f8:9d:57:de:04:f9:48:38:c8:01:15:f6:
96:c6:3d:3b:95:39:d0:b2:59:e7:dc:2d:5c:1c:af:
08:a2:fb:d3:fc:3c:ff:a6:e4:a9:fd:0a:05:12:85:
36:a6:7c:4f:2f:f5:7a:85:a8:ea:af:53:30:bf:1d:
5e:32:db:5d:9f:60:06:1d:0d:f9:72:05:09:be:20:
d2:34:d4:04:ba:70:e8:3c:fb:00:7b:7e:e3:00:b4:
0c:c0:e4:2d:a0:f1:ad:ee:3e:27:e1:77:b4:35:0f:
b1:68:8b:67:03:d8:ba:51:1f:c6:a9:05:5d:5f:4d:
d3:02:71:57:f3:3b:37:38:70:d5:9b:ba:b6:8b:f3:
f7:e1:59:4a:12:89:f2:06:a7:3e:ec:6a:a5:75:51:
be:4a:1a:29:ad:63:74:d1:7a:b3:c5:2c:fd:99:98:
d8:05:e8:46:87:bf:6c:d9:97:b1:97:41:f2:d2:0f:
de:e1:5a:4d:09:dc:5d:30:3b:27:1e:09:60:0b:ef:
64:99:e6:08:55:64:f0:14:f9:85:3d:a2:53:b4:a4:
55:d6:29:25:df:7c:ea:7a:66:f0:de:a4:84:76:00:
7f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2C:07:F0:77:39:38:B5:A9:58:90:51:A0:D0:70:57:EE:11:1B:3F
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/5iwH8Hc5OLWpWJBRoNBwV-4RGz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9904::/48
2a12:7a40:9914::/48
2a12:7a40:9924::/48
2a12:7a40:9934::/48
2a12:7a40:9944::/48
2a12:7a40:9954::/48
Signature Algorithm: sha256WithRSAEncryption
96:50:ce:ed:63:65:b9:7f:81:1e:05:ad:05:3b:56:67:54:b0:
90:fb:20:e4:08:9a:a9:2d:4d:04:a6:d7:4d:d4:dd:b6:ae:1c:
35:76:ee:31:54:b2:81:c1:74:8f:6d:99:0d:0b:64:4a:0b:5f:
fd:c0:33:ed:c4:12:87:66:15:d7:ae:3e:03:55:85:94:0c:3c:
ce:56:9c:bb:4d:46:f7:6d:85:2f:04:f2:b2:39:3c:63:5e:44:
fc:92:94:10:01:27:3b:f6:b1:a2:5f:38:ef:47:dd:96:5d:7a:
af:0c:04:5e:bd:69:0a:04:58:d4:07:bb:c6:57:8c:91:1f:37:
20:85:15:6c:dc:cc:46:63:eb:5c:fa:6c:6d:f8:84:b6:af:2d:
36:e4:90:63:be:c9:1f:37:af:dd:fe:fe:17:dd:1b:7a:3b:29:
42:03:60:3f:a5:cd:6b:4f:e1:46:a6:9b:04:87:97:24:4d:54:
21:f4:1f:7e:7a:29:18:48:91:ae:df:f4:80:5d:71:b6:0b:64:
39:a9:ea:70:ab:7f:8e:89:16:b5:15:f1:56:13:cd:69:16:3b:
95:2f:0f:84:c4:15:6e:8d:78:5d:8b:b5:ec:ac:5a:4d:64:a8:
c4:c8:57:33:4f:10:bc:e4:2e:bf:5a:96:91:e3:31:1f:ab:3a:
4e:e6:b0:ae
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMHQfNR9wtR+7tEReTXhjBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTA3MTUzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJjMDdmMDc3MzkzOGI1YTk1ODkwNTFhMGQwNzA1N2VlMTExYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFy98fnrt05HBG+MdQHQ9cu+rOt6
iPsKfcoDDj+rGD74nVfeBPlIOMgBFfaWxj07lTnQslnn3C1cHK8IovvT/Dz/puSp
/QoFEoU2pnxPL/V6hajqr1Mwvx1eMttdn2AGHQ35cgUJviDSNNQEunDoPPsAe37j
ALQMwOQtoPGt7j4n4Xe0NQ+xaItnA9i6UR/GqQVdX03TAnFX8zs3OHDVm7q2i/P3
4VlKEonyBqc+7GqldVG+ShoprWN00XqzxSz9mZjYBehGh79s2Zexl0Hy0g/e4VpN
CdxdMDsnHglgC+9kmeYIVWTwFPmFPaJTtKRV1ikl33zqembw3qSEdgB/hQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOYsB/B3OTi1qViQUaDQcFfuERs/MB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvNWl3SDhIYzVPTFdwV0pCUm9OQndWLTRSR3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkE
AwcAKhJ6QJkUAwcAKhJ6QJkkAwcAKhJ6QJk0AwcAKhJ6QJlEAwcAKhJ6QJlUMA0G
CSqGSIb3DQEBCwUAA4IBAQCWUM7tY2W5f4EeBa0FO1ZnVLCQ+yDkCJqpLU0EptdN
1N22rhw1du4xVLKBwXSPbZkNC2RKC1/9wDPtxBKHZhXXrj4DVYWUDDzOVpy7TUb3
bYUvBPKyOTxjXkT8kpQQASc79rGiXzjvR92WXXqvDARevWkKBFjUB7vGV4yRHzcg
hRVs3MxGY+tc+mxt+IS2ry025JBjvskfN6/d/v4X3Rt6OylCA2A/pc1rT+FGppsE
h5ckTVQh9B9+eikYSJGu3/SAXXG2C2Q5qepwq3+OiRa1FfFWE81pFjuVLw+ExBVu
jXhdi7XsrFpNZKjEyFczTxC85C6/WpaR4zEfqzpO5rCu
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:51:07 2024 by rpki-client on console-ams.rpki-client.org