Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/HIVaDPSx6Hlu7DfoL7MH0outhcY.roa
File: HIVaDPSx6Hlu7DfoL7MH0outhcY.roa (raw, json)
Hash identifier: AJeVOY0UsdUK4uQqVhpLHJBpFmAQ25c2VaYn5idu3CI=
Subject key identifier: 1C:85:5A:0C:F4:B1:E8:79:6E:EC:37:E8:2F:B3:07:D2:8B:AD:85:C6
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01930741F01939C9B1FFDAED2191B0E56151
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/HIVaDPSx6Hlu7DfoL7MH0outhcY.roa
Signing time: Thu 07 Nov 2024 15:33:01 +0000
ROA not before: Thu 07 Nov 2024 15:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208471
IP address blocks: 2a12:7a40:9907::/48 maxlen: 48
2a12:7a40:9917::/48 maxlen: 48
2a12:7a40:9927::/48 maxlen: 48
2a12:7a40:9937::/48 maxlen: 48
2a12:7a40:9947::/48 maxlen: 48
2a12:7a40:9957::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:41:f0:19:39:c9:b1:ff:da:ed:21:91:b0:e5:61:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 7 15:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c855a0cf4b1e8796eec37e82fb307d28bad85c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:37:cb:6d:c9:b1:42:ae:21:d7:e0:68:69:c4:
25:92:07:dc:a6:89:b1:a9:38:3f:ba:8e:35:33:62:
04:43:fd:4e:ce:24:11:18:b8:37:9a:d7:0a:e9:d7:
ac:ea:27:8f:7f:cb:28:bc:d1:fb:be:c8:3f:c6:0f:
61:85:d7:8d:46:9b:6d:6e:f7:a3:73:33:2a:93:fb:
2a:eb:80:a2:f4:17:01:fd:f2:f4:e0:c9:fb:e0:05:
14:4a:72:de:9f:70:8e:04:5e:9b:72:58:6c:86:2d:
ee:93:0a:c7:8d:4b:98:62:70:f6:6a:d2:34:7e:36:
f5:78:5a:6c:26:c8:dc:38:23:03:d2:6f:87:f5:89:
46:e6:3a:79:45:f2:2e:7e:45:53:6f:35:48:6c:4e:
93:3d:46:ee:2b:8a:18:9d:0a:63:64:84:4e:fc:c2:
63:f3:32:e8:74:fd:70:ea:13:5f:d8:0d:8e:9f:9e:
c7:1d:74:47:f5:49:47:55:94:6b:12:68:e5:66:a6:
a6:aa:23:27:bf:f7:a5:fd:ab:c2:62:35:20:68:67:
b5:74:04:36:37:1c:c7:8e:04:74:6c:df:fe:fd:02:
9f:de:d4:15:c6:a6:a2:74:3c:6f:40:68:3e:83:73:
0b:12:74:8d:07:26:1d:bf:4f:a8:9c:9c:28:c3:8b:
3d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:85:5A:0C:F4:B1:E8:79:6E:EC:37:E8:2F:B3:07:D2:8B:AD:85:C6
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/HIVaDPSx6Hlu7DfoL7MH0outhcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9907::/48
2a12:7a40:9917::/48
2a12:7a40:9927::/48
2a12:7a40:9937::/48
2a12:7a40:9947::/48
2a12:7a40:9957::/48
Signature Algorithm: sha256WithRSAEncryption
3e:54:df:bc:08:28:cf:38:a5:00:80:f9:ea:af:67:ac:06:d2:
24:bc:10:21:da:de:50:d2:bf:0e:23:15:1e:32:b3:e0:d5:52:
ac:75:dc:55:b4:7c:cf:80:a0:53:c3:c6:29:04:be:23:0b:ea:
04:19:90:91:af:e8:14:83:74:c5:a0:4e:cf:44:f9:4c:71:27:
b1:b2:f4:8d:78:76:9b:af:6c:5c:24:9d:f9:81:f6:b9:b4:de:
e7:8f:4b:69:29:d8:ac:49:1e:e1:28:9b:f5:9d:c6:47:6b:79:
5d:00:d2:2b:ed:0c:46:cd:a2:bd:3a:11:72:8c:6a:d5:1c:59:
07:72:e4:00:52:da:3e:18:2e:04:a2:3c:f5:c8:eb:c3:6e:ac:
a1:a1:83:62:74:67:50:0b:7f:62:f6:2e:cc:63:e5:fd:27:12:
8a:3a:d1:11:bc:3a:e1:e4:4b:2c:a1:53:5d:13:2a:51:4e:d5:
52:09:6b:c3:5d:af:a6:0f:20:52:81:e5:43:90:ee:04:b0:bf:
72:60:2f:e0:47:27:0a:ff:c4:63:ec:60:f7:a5:28:29:16:ee:
d2:88:b3:e8:4b:69:11:fc:18:9f:95:6e:49:21:29:88:a9:af:
ed:8a:7e:4c:bb:ea:99:a6:f3:85:31:9f:f6:eb:07:6f:a5:de:
f5:fb:04:3e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMHQfAZOcmx/9rtIZGw5WFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTA3MTUzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg1NWEwY2Y0YjFlODc5NmVlYzM3ZTgyZmIzMDdkMjhiYWQ4NWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDfLbcmxQq4h1+BoacQlkgfcpomx
qTg/uo41M2IEQ/1OziQRGLg3mtcK6des6iePf8sovNH7vsg/xg9hhdeNRpttbvej
czMqk/sq64Ci9BcB/fL04Mn74AUUSnLen3COBF6bclhshi3ukwrHjUuYYnD2atI0
fjb1eFpsJsjcOCMD0m+H9YlG5jp5RfIufkVTbzVIbE6TPUbuK4oYnQpjZIRO/MJj
8zLodP1w6hNf2A2On57HHXRH9UlHVZRrEmjlZqamqiMnv/el/avCYjUgaGe1dAQ2
NxzHjgR0bN/+/QKf3tQVxqaidDxvQGg+g3MLEnSNByYdv0+onJwow4s9ZwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFByFWgz0seh5buw36C+zB9KLrYXGMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvSElWYURQU3g2SGx1N0Rmb0w3TUgwb3V0aGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkH
AwcAKhJ6QJkXAwcAKhJ6QJknAwcAKhJ6QJk3AwcAKhJ6QJlHAwcAKhJ6QJlXMA0G
CSqGSIb3DQEBCwUAA4IBAQA+VN+8CCjPOKUAgPnqr2esBtIkvBAh2t5Q0r8OIxUe
MrPg1VKsddxVtHzPgKBTw8YpBL4jC+oEGZCRr+gUg3TFoE7PRPlMcSexsvSNeHab
r2xcJJ35gfa5tN7nj0tpKdisSR7hKJv1ncZHa3ldANIr7QxGzaK9OhFyjGrVHFkH
cuQAUto+GC4Eojz1yOvDbqyhoYNidGdQC39i9i7MY+X9JxKKOtERvDrh5EssoVNd
EypRTtVSCWvDXa+mDyBSgeVDkO4EsL9yYC/gRycK/8Rj7GD3pSgpFu7SiLPoS2kR
/BiflW5JISmIqa/tin5Mu+qZpvOFMZ/26wdvpd71+wQ+
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:10:44 2024 by rpki-client on console-ams.rpki-client.org