Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/U4hsS-9jfr52lqHezMKQlUP6Q-w.roa
File: U4hsS-9jfr52lqHezMKQlUP6Q-w.roa (raw, json)
Hash identifier: JqNc6V+Smt9vBB9H9+K4dFN6YTX32dRHbMwekxLtdoo=
Subject key identifier: 53:88:6C:4B:EF:63:7E:BE:76:96:A1:DE:CC:C2:90:95:43:FA:43:EC
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01930741F419AA04A606F1D4C72A0358FFFE
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/U4hsS-9jfr52lqHezMKQlUP6Q-w.roa
Signing time: Thu 07 Nov 2024 15:33:02 +0000
ROA not before: Thu 07 Nov 2024 15:33:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210348
IP address blocks: 2a12:7a40:990c::/48 maxlen: 48
2a12:7a40:991c::/48 maxlen: 48
2a12:7a40:992c::/48 maxlen: 48
2a12:7a40:993c::/48 maxlen: 48
2a12:7a40:994c::/48 maxlen: 48
2a12:7a40:995c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:41:f4:19:aa:04:a6:06:f1:d4:c7:2a:03:58:ff:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 7 15:33:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53886c4bef637ebe7696a1deccc2909543fa43ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:45:73:36:8d:b5:60:18:fe:52:7f:29:5f:6b:
42:8d:77:ab:ba:58:ea:64:a9:eb:a4:13:53:e2:8b:
53:9a:be:1f:d3:c3:08:44:cf:48:e9:2b:e4:02:cb:
bb:c6:4c:a6:27:0c:27:aa:e1:22:7e:11:5b:02:df:
0d:c2:ae:d6:85:f8:fb:92:d2:9b:87:37:90:3b:12:
c8:aa:3b:26:bc:db:05:04:c0:05:c7:c8:c4:66:56:
05:5b:59:b2:07:bd:ea:82:8f:93:50:c2:3f:ed:27:
5d:ea:30:8d:a5:85:95:83:d9:a8:60:6f:ff:7b:d4:
f9:d9:a8:83:1e:df:b9:59:4c:1f:d2:68:ac:09:2b:
02:2f:37:14:b0:81:0f:26:67:fb:76:ab:ac:ea:91:
30:91:ad:f9:69:b8:5c:07:02:a6:66:c6:eb:df:21:
2a:cb:b5:22:30:8b:84:ac:de:27:e4:e3:3e:cd:45:
84:61:be:e1:f6:15:16:a5:af:63:53:c6:1b:08:e6:
7c:12:dc:9a:27:d6:aa:ec:7d:2a:c2:6e:05:26:00:
8e:f1:a2:98:ee:e2:3d:e3:96:f5:09:75:12:e6:7d:
4c:f2:13:68:15:80:1b:e8:f5:85:fc:1f:39:03:ef:
ab:a5:82:f7:d3:d9:2c:d4:72:d1:ec:52:84:cb:de:
74:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:88:6C:4B:EF:63:7E:BE:76:96:A1:DE:CC:C2:90:95:43:FA:43:EC
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/U4hsS-9jfr52lqHezMKQlUP6Q-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:990c::/48
2a12:7a40:991c::/48
2a12:7a40:992c::/48
2a12:7a40:993c::/48
2a12:7a40:994c::/48
2a12:7a40:995c::/48
Signature Algorithm: sha256WithRSAEncryption
03:e3:fc:1a:42:ee:3f:6b:89:d3:05:1a:36:c0:43:01:72:05:
25:0b:57:5c:f9:03:9d:da:f4:2c:5e:6e:c5:38:7e:01:4b:ed:
c3:f1:3c:d4:bb:3c:5c:ba:a2:76:7a:5d:e8:91:66:55:c0:7d:
13:7c:4e:f2:48:55:83:e6:16:b6:32:9f:b4:b2:fe:f7:eb:99:
e0:96:15:64:c4:1d:6f:8e:58:dc:5c:d2:87:22:ac:f9:96:ef:
10:b3:b8:f3:bf:29:9b:2f:f1:a1:e3:a3:fc:c0:13:d0:20:52:
80:ef:6b:50:3f:e8:2b:c5:87:6f:47:0d:72:19:02:5a:41:15:
79:4c:8d:0d:22:eb:8f:e2:c5:44:d2:85:c6:f5:de:60:0f:fb:
a2:19:10:be:dc:4c:75:54:75:36:49:b1:d0:84:c9:b0:31:76:
65:ff:44:29:4d:21:10:b7:66:95:46:41:09:4c:5e:13:8a:cc:
df:2a:b6:e8:58:5d:47:d3:2e:c6:64:4f:ef:91:74:ff:a7:52:
95:d0:43:9f:ca:ba:49:bd:41:45:59:82:a2:b9:eb:59:81:bc:
3b:1c:2c:17:c9:78:e3:3d:65:e5:9f:68:49:af:78:64:7e:35:
b1:01:1d:c1:9e:b1:90:30:dd:fd:b0:8d:fb:a7:f0:8b:38:b8:
cf:c1:61:19
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMHQfQZqgSmBvHUxyoDWP/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTA3MTUzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg4NmM0YmVmNjM3ZWJlNzY5NmExZGVjY2MyOTA5NTQzZmE0M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkVzNo21YBj+Un8pX2tCjXeruljq
ZKnrpBNT4otTmr4f08MIRM9I6SvkAsu7xkymJwwnquEifhFbAt8Nwq7Whfj7ktKb
hzeQOxLIqjsmvNsFBMAFx8jEZlYFW1myB73qgo+TUMI/7Sdd6jCNpYWVg9moYG//
e9T52aiDHt+5WUwf0misCSsCLzcUsIEPJmf7dqus6pEwka35abhcBwKmZsbr3yEq
y7UiMIuErN4n5OM+zUWEYb7h9hUWpa9jU8YbCOZ8EtyaJ9aq7H0qwm4FJgCO8aKY
7uI945b1CXUS5n1M8hNoFYAb6PWF/B85A++rpYL309ks1HLR7FKEy950dwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFOIbEvvY36+dpah3szCkJVD+kPsMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvVTRoc1MtOWpmcjUybHFIZXpNS1FsVVA2US13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkM
AwcAKhJ6QJkcAwcAKhJ6QJksAwcAKhJ6QJk8AwcAKhJ6QJlMAwcAKhJ6QJlcMA0G
CSqGSIb3DQEBCwUAA4IBAQAD4/waQu4/a4nTBRo2wEMBcgUlC1dc+QOd2vQsXm7F
OH4BS+3D8TzUuzxcuqJ2el3okWZVwH0TfE7ySFWD5ha2Mp+0sv7365nglhVkxB1v
jljcXNKHIqz5lu8Qs7jzvymbL/Gh46P8wBPQIFKA72tQP+grxYdvRw1yGQJaQRV5
TI0NIuuP4sVE0oXG9d5gD/uiGRC+3Ex1VHU2SbHQhMmwMXZl/0QpTSEQt2aVRkEJ
TF4TiszfKrboWF1H0y7GZE/vkXT/p1KV0EOfyrpJvUFFWYKiuetZgbw7HCwXyXjj
PWXln2hJr3hkfjWxAR3BnrGQMN39sI37p/CLOLjPwWEZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:28 2024 by rpki-client on console-fra.rpki-client.org