Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/OOxGYQDR4ORyhZy2gS6ho-5fpyo.roa
File: OOxGYQDR4ORyhZy2gS6ho-5fpyo.roa (raw, json)
Hash identifier: DG9wqws/Tg8PXDPKxYkJkjmLjOxqOtjZfa4Ew6XPkQ8=
Subject key identifier: 38:EC:46:61:00:D1:E0:E4:72:85:9C:B6:81:2E:A1:A3:EE:5F:A7:2A
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01930741EE33FEF69F33BBE28F88F17FF955
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/OOxGYQDR4ORyhZy2gS6ho-5fpyo.roa
Signing time: Thu 07 Nov 2024 15:33:01 +0000
ROA not before: Thu 07 Nov 2024 15:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206058
IP address blocks: 2a12:7a40:990d::/48 maxlen: 48
2a12:7a40:991d::/48 maxlen: 48
2a12:7a40:992d::/48 maxlen: 48
2a12:7a40:993d::/48 maxlen: 48
2a12:7a40:994d::/48 maxlen: 48
2a12:7a40:995d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:41:ee:33:fe:f6:9f:33:bb:e2:8f:88:f1:7f:f9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 7 15:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38ec466100d1e0e472859cb6812ea1a3ee5fa72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:15:71:4f:da:8b:87:a1:fe:96:c5:73:40:6c:
8c:08:70:12:a9:c4:ea:26:b0:85:25:bb:e9:c1:ca:
9f:ee:43:97:22:59:ef:1b:c6:5a:e1:0e:0a:24:fb:
0e:cd:fe:1a:1a:e2:7e:b5:da:94:58:66:44:51:5b:
2d:cb:e1:5d:c4:23:56:1c:e3:35:04:d4:b0:ff:05:
d1:25:46:fb:4d:4d:cb:e2:8e:17:bd:a9:3f:c6:90:
96:c0:13:4e:d4:e6:83:37:6f:73:3e:62:b5:f2:8b:
dd:8f:52:b6:0c:53:45:cd:30:97:3a:02:38:89:e0:
be:7d:87:e3:76:80:84:28:b4:85:43:8d:40:77:82:
13:46:97:5d:4c:b1:2a:7b:5c:8b:2d:63:a2:d9:be:
16:82:ab:d1:b5:8c:6b:84:89:5c:2e:21:4c:e2:d6:
2f:39:90:da:b6:2b:c5:06:c4:bf:1d:23:9b:45:c2:
46:42:7a:a2:c9:64:9e:95:40:77:63:5d:c5:8e:e4:
b0:0b:2e:ca:43:e9:4f:3c:ef:d0:e7:71:1e:0c:33:
fe:22:6e:82:cb:91:e1:01:85:fb:a3:4f:c3:ff:29:
31:f5:c8:9a:9d:66:e4:90:23:9d:bd:ae:72:43:d6:
dc:b0:2e:78:29:cc:11:eb:8a:d8:a4:50:f9:3b:23:
18:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EC:46:61:00:D1:E0:E4:72:85:9C:B6:81:2E:A1:A3:EE:5F:A7:2A
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/OOxGYQDR4ORyhZy2gS6ho-5fpyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:990d::/48
2a12:7a40:991d::/48
2a12:7a40:992d::/48
2a12:7a40:993d::/48
2a12:7a40:994d::/48
2a12:7a40:995d::/48
Signature Algorithm: sha256WithRSAEncryption
b0:d6:0a:8f:09:76:30:8e:98:f9:9d:ac:51:a1:e6:ef:cf:0b:
db:f6:98:f6:77:57:97:4b:b6:2c:dd:cd:cb:ab:58:b4:99:6d:
bc:ed:9f:d9:25:82:e9:75:93:a4:50:92:20:2f:88:99:07:68:
61:93:f6:80:f2:58:b8:30:a2:70:ba:2d:dd:e6:b4:60:14:1a:
de:c4:03:d9:aa:5d:43:8c:f9:2d:18:36:19:b5:1a:6d:3c:84:
2f:aa:12:c6:22:f2:bf:6d:5a:85:32:56:dc:d6:29:61:59:e8:
9a:60:37:91:d3:b7:04:96:bf:ca:93:20:e4:b8:61:9d:b7:08:
53:bc:8d:82:7c:22:e7:3b:c9:cb:8a:93:e7:d5:b7:0c:3f:2c:
5a:5f:9f:ef:d4:23:7a:2a:ad:bd:02:b2:d1:ae:56:65:27:3f:
24:74:f3:ea:60:3f:f4:ec:ff:d1:00:16:cf:f5:29:b4:eb:b0:
3f:14:8f:cf:1d:e6:be:bc:68:2e:ea:42:67:ad:17:52:a7:79:
2e:54:75:82:f6:e8:69:af:12:5b:7a:37:36:8f:e2:5f:24:1e:
77:59:c9:64:81:3e:79:d4:0a:f0:82:03:06:f3:1e:5c:f0:4d:
4e:5e:be:e6:ae:ec:e3:c4:b2:f9:df:b7:8c:58:ba:59:9b:bf:
75:1e:18:f2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMHQe4z/vafM7vij4jxf/lVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTA3MTUzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGVjNDY2MTAwZDFlMGU0NzI4NTljYjY4MTJlYTFhM2VlNWZhNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshVxT9qLh6H+lsVzQGyMCHASqcTq
JrCFJbvpwcqf7kOXIlnvG8Za4Q4KJPsOzf4aGuJ+tdqUWGZEUVsty+FdxCNWHOM1
BNSw/wXRJUb7TU3L4o4Xvak/xpCWwBNO1OaDN29zPmK18ovdj1K2DFNFzTCXOgI4
ieC+fYfjdoCEKLSFQ41Ad4ITRpddTLEqe1yLLWOi2b4WgqvRtYxrhIlcLiFM4tYv
OZDativFBsS/HSObRcJGQnqiyWSelUB3Y13FjuSwCy7KQ+lPPO/Q53EeDDP+Im6C
y5HhAYX7o0/D/ykx9cianWbkkCOdva5yQ9bcsC54KcwR64rYpFD5OyMYKQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDjsRmEA0eDkcoWctoEuoaPuX6cqMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvT094R1lRRFI0T1J5aFp5MmdTNmhvLTVmcHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkN
AwcAKhJ6QJkdAwcAKhJ6QJktAwcAKhJ6QJk9AwcAKhJ6QJlNAwcAKhJ6QJldMA0G
CSqGSIb3DQEBCwUAA4IBAQCw1gqPCXYwjpj5naxRoebvzwvb9pj2d1eXS7Ys3c3L
q1i0mW287Z/ZJYLpdZOkUJIgL4iZB2hhk/aA8li4MKJwui3d5rRgFBrexAPZql1D
jPktGDYZtRptPIQvqhLGIvK/bVqFMlbc1ilhWeiaYDeR07cElr/KkyDkuGGdtwhT
vI2CfCLnO8nLipPn1bcMPyxaX5/v1CN6Kq29ArLRrlZlJz8kdPPqYD/07P/RABbP
9Sm067A/FI/PHea+vGgu6kJnrRdSp3kuVHWC9uhprxJbejc2j+JfJB53WclkgT55
1ArwggMG8x5c8E1OXr7mruzjxLL537eMWLpZm791Hhjy
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:01 2024 by rpki-client on console-fra.rpki-client.org