Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/rOuM8R13EZwAt0tMOM6f11O-WmA.roa
File: rOuM8R13EZwAt0tMOM6f11O-WmA.roa (raw, json)
Hash identifier: dzNCtHJRySswhSYCH8zRcvcYniblkIGO2Sy7628+c2w=
Subject key identifier: AC:EB:8C:F1:1D:77:11:9C:00:B7:4B:4C:38:CE:9F:D7:53:BE:5A:60
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01930741F1172B1EC255A5636A183734F830
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/rOuM8R13EZwAt0tMOM6f11O-WmA.roa
Signing time: Thu 07 Nov 2024 15:33:02 +0000
ROA not before: Thu 07 Nov 2024 15:33:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208850
IP address blocks: 2a12:7a40:990a::/48 maxlen: 48
2a12:7a40:991a::/48 maxlen: 48
2a12:7a40:992a::/48 maxlen: 48
2a12:7a40:993a::/48 maxlen: 48
2a12:7a40:994a::/48 maxlen: 48
2a12:7a40:995a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:41:f1:17:2b:1e:c2:55:a5:63:6a:18:37:34:f8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 7 15:33:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aceb8cf11d77119c00b74b4c38ce9fd753be5a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:ae:76:65:84:6c:70:ea:dc:c3:77:04:d6:
bb:04:b3:80:30:97:66:0a:06:8b:ce:2b:28:11:b8:
b0:09:99:bb:c0:53:ff:b1:e5:7b:c1:1c:19:cd:09:
8d:d8:4e:a4:33:b1:51:98:e6:be:43:cf:cb:fa:99:
22:36:ff:b1:1d:74:a0:60:8b:ea:c4:57:0c:83:ef:
8d:29:5e:72:95:69:f1:47:b2:1a:52:e9:63:b4:da:
5d:0b:f6:39:c5:d9:db:34:d7:4e:42:9e:83:1f:6c:
29:a7:27:3a:58:ca:7f:ce:1f:a5:9b:bf:ea:fb:be:
50:f0:a6:7d:a0:1c:03:cd:0a:79:41:8f:46:cb:fe:
87:2e:7a:65:12:45:b1:5a:6c:14:17:fa:5d:c7:c3:
d9:ab:d3:f3:f9:81:41:f2:f8:d9:cc:80:72:e8:79:
2e:79:e1:34:71:16:d8:e6:8d:42:95:22:a8:57:0d:
2b:c5:41:f1:97:b2:cd:05:68:9a:f1:14:8a:bc:68:
0d:64:8f:a1:a8:07:c4:b6:34:98:78:3d:0f:aa:a8:
f9:d0:dc:8f:50:1a:35:8d:13:a0:06:18:c0:b2:87:
4e:52:92:dc:d5:c9:55:2a:c3:64:05:72:fc:bf:a4:
f2:15:70:89:16:86:db:a2:35:47:63:83:70:42:98:
40:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EB:8C:F1:1D:77:11:9C:00:B7:4B:4C:38:CE:9F:D7:53:BE:5A:60
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/rOuM8R13EZwAt0tMOM6f11O-WmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:990a::/48
2a12:7a40:991a::/48
2a12:7a40:992a::/48
2a12:7a40:993a::/48
2a12:7a40:994a::/48
2a12:7a40:995a::/48
Signature Algorithm: sha256WithRSAEncryption
06:d5:be:b7:28:04:8f:a5:ec:00:a8:c1:52:69:8d:91:f7:e3:
c0:32:f5:9a:da:ad:0d:5e:ad:8a:07:53:d9:ae:30:b0:65:24:
14:38:30:04:cb:1c:bf:92:55:12:cd:ef:31:ba:ef:23:df:97:
51:0b:86:f0:71:b2:6c:22:54:3b:b0:ca:86:4a:74:51:d7:a6:
74:8d:32:e2:65:78:da:bd:85:51:ca:f7:a8:38:56:e6:dd:e6:
df:bd:82:2a:ad:33:47:e4:1a:72:8b:0f:61:35:11:5c:34:11:
4c:fe:6a:a7:31:c8:6b:ca:96:39:79:ed:1f:3e:4e:ed:a8:ed:
1a:24:81:b1:9f:50:8c:c9:ef:1d:87:85:1e:d8:ea:30:90:b9:
17:14:f6:30:0d:70:76:9c:dc:1d:78:b8:5e:10:97:06:63:39:
d1:49:ba:2b:65:23:2b:d1:aa:cb:f7:93:1b:d1:ea:fa:8d:8b:
00:61:6a:5e:e5:75:32:f5:de:78:22:70:2f:63:c0:02:0b:b9:
86:d6:c6:4c:95:0d:e8:a1:2d:59:fb:3c:0e:0e:42:ea:0b:df:
1f:14:4d:49:06:57:22:4f:24:b3:30:c9:57:35:0e:9d:cf:3e:
c2:d8:52:c6:24:e6:ad:fd:a8:2c:cb:16:13:97:bc:7d:e5:d8:
7d:59:21:d7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMHQfEXKx7CVaVjahg3NPgwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTA3MTUzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2ViOGNmMTFkNzcxMTljMDBiNzRiNGMzOGNlOWZkNzUzYmU1YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8iudmWEbHDq3MN3BNa7BLOAMJdm
CgaLzisoEbiwCZm7wFP/seV7wRwZzQmN2E6kM7FRmOa+Q8/L+pkiNv+xHXSgYIvq
xFcMg++NKV5ylWnxR7IaUuljtNpdC/Y5xdnbNNdOQp6DH2wppyc6WMp/zh+lm7/q
+75Q8KZ9oBwDzQp5QY9Gy/6HLnplEkWxWmwUF/pdx8PZq9Pz+YFB8vjZzIBy6Hku
eeE0cRbY5o1ClSKoVw0rxUHxl7LNBWia8RSKvGgNZI+hqAfEtjSYeD0Pqqj50NyP
UBo1jROgBhjAsodOUpLc1clVKsNkBXL8v6TyFXCJFobbojVHY4NwQphADQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKzrjPEddxGcALdLTDjOn9dTvlpgMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvck91TThSMTNFWndBdDB0TU9NNmYxMU8tV21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkK
AwcAKhJ6QJkaAwcAKhJ6QJkqAwcAKhJ6QJk6AwcAKhJ6QJlKAwcAKhJ6QJlaMA0G
CSqGSIb3DQEBCwUAA4IBAQAG1b63KASPpewAqMFSaY2R9+PAMvWa2q0NXq2KB1PZ
rjCwZSQUODAEyxy/klUSze8xuu8j35dRC4bwcbJsIlQ7sMqGSnRR16Z0jTLiZXja
vYVRyveoOFbm3ebfvYIqrTNH5Bpyiw9hNRFcNBFM/mqnMchrypY5ee0fPk7tqO0a
JIGxn1CMye8dh4Ue2OowkLkXFPYwDXB2nNwdeLheEJcGYznRSborZSMr0arL95Mb
0er6jYsAYWpe5XUy9d54InAvY8ACC7mG1sZMlQ3ooS1Z+zwODkLqC98fFE1JBlci
TySzMMlXNQ6dzz7C2FLGJOat/agsyxYTl7x95dh9WSHX
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:02 2024 by rpki-client on console-fra.rpki-client.org