Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/khVhXc0JxaKSr1WfAAZk-A9Mlpc.roa
File: khVhXc0JxaKSr1WfAAZk-A9Mlpc.roa (raw, json)
Hash identifier: eDK+VQRukAZ3FXzWH/oA0h3Jce9OKsY7WwIXopn9tMQ=
Subject key identifier: 92:15:61:5D:CD:09:C5:A2:92:AF:55:9F:00:06:64:F8:0F:4C:96:97
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01930741F481929DE260E3255AA1D8FCD954
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/khVhXc0JxaKSr1WfAAZk-A9Mlpc.roa
Signing time: Thu 07 Nov 2024 15:33:03 +0000
ROA not before: Thu 07 Nov 2024 15:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211891
IP address blocks: 2a12:7a40:9903::/48 maxlen: 48
2a12:7a40:9913::/48 maxlen: 48
2a12:7a40:9923::/48 maxlen: 48
2a12:7a40:9933::/48 maxlen: 48
2a12:7a40:9943::/48 maxlen: 48
2a12:7a40:9953::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:41:f4:81:92:9d:e2:60:e3:25:5a:a1:d8:fc:d9:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 7 15:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9215615dcd09c5a292af559f000664f80f4c9697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:14:3e:f7:9e:1b:2e:d8:ea:df:90:cf:c9:73:
31:2f:93:55:17:90:d9:24:7a:bc:c9:e9:b3:8a:ba:
f6:44:4d:d2:e0:62:81:99:bc:27:6f:90:bd:37:4e:
98:54:09:76:15:27:2d:93:7c:34:ed:8b:33:37:25:
48:25:a4:15:57:3e:ed:df:ee:2c:ee:07:f7:2b:de:
a7:32:60:a6:0c:cf:33:e4:f2:81:09:cd:2c:69:8f:
70:fb:b6:38:3c:0c:ca:d5:6c:46:2a:e8:fd:32:23:
e0:ae:63:b1:95:c4:cd:50:14:86:2e:56:30:ee:f0:
63:b4:da:91:21:44:4f:a0:63:42:a5:e9:0f:cb:22:
25:65:f7:b0:09:e3:33:27:9a:29:c3:64:96:d2:6b:
8a:0a:06:76:49:1d:49:be:4e:79:13:40:4e:64:51:
85:23:70:dc:8a:97:23:1c:af:00:75:19:07:4b:3b:
09:eb:ab:28:2d:6e:56:90:6e:f6:59:97:14:d2:e4:
a8:d5:73:87:4c:68:9e:c7:fb:48:c1:67:37:07:73:
df:8d:3f:53:49:ec:66:70:48:eb:37:ef:1e:e8:69:
ec:46:42:9f:cf:0a:4a:86:76:89:a4:87:8d:30:7b:
6a:8f:84:fc:63:7b:da:71:10:55:8e:59:28:22:5c:
c7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:15:61:5D:CD:09:C5:A2:92:AF:55:9F:00:06:64:F8:0F:4C:96:97
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/khVhXc0JxaKSr1WfAAZk-A9Mlpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9903::/48
2a12:7a40:9913::/48
2a12:7a40:9923::/48
2a12:7a40:9933::/48
2a12:7a40:9943::/48
2a12:7a40:9953::/48
Signature Algorithm: sha256WithRSAEncryption
4a:3c:2b:92:cf:8b:be:ff:60:34:e8:9d:56:63:d8:95:58:28:
57:d0:54:75:15:7b:1e:67:6c:4a:4d:d0:da:09:0a:b3:d3:04:
b6:06:57:61:18:87:55:7f:ee:f9:3c:58:04:b4:37:87:36:fa:
1a:c9:16:cd:d1:4c:c1:79:4a:48:ac:95:36:99:69:f2:9c:9b:
7d:fd:bd:d8:e6:7b:72:da:29:cd:c9:c5:4c:db:95:c3:aa:71:
12:74:52:5d:48:cf:d6:c5:e9:98:03:2f:e9:b7:fb:39:98:d8:
77:cf:69:5f:c8:95:d4:9f:0a:a4:89:5a:63:3a:66:0b:24:d2:
15:12:9a:76:ad:b7:2d:c4:ce:79:03:47:59:4b:63:fd:a5:ba:
6e:3c:53:b2:df:69:4d:71:fc:7f:96:63:f8:fe:14:66:07:95:
bf:5c:ad:c6:16:34:b6:5f:99:df:f5:5c:74:21:17:a4:ca:3f:
63:7a:17:e7:eb:34:db:ce:06:51:79:4f:1f:49:b1:86:bd:11:
1a:45:e6:2e:28:6e:43:16:fb:5e:39:2c:0f:d1:b0:8c:63:cb:
1e:30:17:07:ff:6f:38:e4:58:40:e5:f7:99:2f:10:07:a4:65:
c0:c7:85:4f:a1:53:94:f0:4a:ce:31:75:f5:2c:a3:eb:2a:0e:
31:ef:c4:31
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMHQfSBkp3iYOMlWqHY/NlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTA3MTUzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE1NjE1ZGNkMDljNWEyOTJhZjU1OWYwMDA2NjRmODBmNGM5Njk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBQ+954bLtjq35DPyXMxL5NVF5DZ
JHq8yemzirr2RE3S4GKBmbwnb5C9N06YVAl2FSctk3w07YszNyVIJaQVVz7t3+4s
7gf3K96nMmCmDM8z5PKBCc0saY9w+7Y4PAzK1WxGKuj9MiPgrmOxlcTNUBSGLlYw
7vBjtNqRIURPoGNCpekPyyIlZfewCeMzJ5opw2SW0muKCgZ2SR1Jvk55E0BOZFGF
I3DcipcjHK8AdRkHSzsJ66soLW5WkG72WZcU0uSo1XOHTGiex/tIwWc3B3PfjT9T
SexmcEjrN+8e6GnsRkKfzwpKhnaJpIeNMHtqj4T8Y3vacRBVjlkoIlzHPwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJIVYV3NCcWikq9VnwAGZPgPTJaXMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEva2hWaFhjMEp4YUtTcjFXZkFBWmstQTlNbHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkD
AwcAKhJ6QJkTAwcAKhJ6QJkjAwcAKhJ6QJkzAwcAKhJ6QJlDAwcAKhJ6QJlTMA0G
CSqGSIb3DQEBCwUAA4IBAQBKPCuSz4u+/2A06J1WY9iVWChX0FR1FXseZ2xKTdDa
CQqz0wS2BldhGIdVf+75PFgEtDeHNvoayRbN0UzBeUpIrJU2mWnynJt9/b3Y5nty
2inNycVM25XDqnESdFJdSM/WxemYAy/pt/s5mNh3z2lfyJXUnwqkiVpjOmYLJNIV
Epp2rbctxM55A0dZS2P9pbpuPFOy32lNcfx/lmP4/hRmB5W/XK3GFjS2X5nf9Vx0
IRekyj9jehfn6zTbzgZReU8fSbGGvREaReYuKG5DFvteOSwP0bCMY8seMBcH/284
5FhA5feZLxAHpGXAx4VPoVOU8ErOMXX1LKPrKg4x78Qx
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:10:44 2024 by rpki-client on console-ams.rpki-client.org