Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/x5DGYpnfQejth6ht00r9OHhOf5Y.roa
File: x5DGYpnfQejth6ht00r9OHhOf5Y.roa (raw, json)
Hash identifier: dIuJVyHCSQBqqqpcACIjf6dX7KxeOCxl70WuLid7Qmg=
Subject key identifier: C7:90:C6:62:99:DF:41:E8:ED:87:A8:6D:D3:4A:FD:38:78:4E:7F:96
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 01931A814C35ADEA19538FC0850EFD21FED7
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/x5DGYpnfQejth6ht00r9OHhOf5Y.roa
Signing time: Mon 11 Nov 2024 09:15:01 +0000
ROA not before: Mon 11 Nov 2024 09:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207359
IP address blocks: 2a12:7a40:990e::/48 maxlen: 48
2a12:7a40:991e::/48 maxlen: 48
2a12:7a40:992e::/48 maxlen: 48
2a12:7a40:993e::/48 maxlen: 48
2a12:7a40:994e::/48 maxlen: 48
2a12:7a40:995e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:81:4c:35:ad:ea:19:53:8f:c0:85:0e:fd:21:fe:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Nov 11 09:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c790c66299df41e8ed87a86dd34afd38784e7f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:aa:a7:c0:86:0d:84:3e:3c:f8:bb:4b:58:25:
a3:51:6f:ba:eb:8f:b3:21:12:d5:f2:f7:cf:aa:05:
80:5e:3a:54:80:e9:a4:b5:ea:68:82:bb:89:37:dd:
bd:9f:dd:0c:5d:ac:52:d5:8e:04:31:24:03:cc:18:
97:2b:16:7d:1b:de:89:69:f0:d6:75:5d:26:ea:52:
1a:21:ba:95:36:ac:b2:80:73:e4:00:3e:ba:44:53:
53:06:39:cb:98:10:b5:d1:58:fc:d3:ec:64:27:47:
26:0a:11:ca:8a:e3:d0:f3:6c:6d:e8:4a:af:16:ad:
e6:48:bb:0e:fe:2c:42:4f:1f:4a:ff:76:73:9d:bd:
46:32:62:ac:e4:32:f5:26:8b:2e:32:01:d2:8a:1d:
de:02:98:af:a1:f7:49:df:7f:41:11:15:c2:56:60:
b9:eb:98:c2:35:e4:fc:5b:76:bc:f3:a7:99:f8:a7:
e3:00:32:af:86:a1:95:90:13:8f:37:c4:ad:d4:8b:
fe:f2:1a:4a:29:17:57:8b:b1:d7:92:cf:b6:26:b6:
49:ce:b7:12:0c:f6:80:af:65:9e:77:5a:b8:ac:c3:
30:6c:72:3f:f4:55:3e:b0:31:51:9a:31:9b:73:83:
25:34:b3:c5:65:50:61:1a:08:dc:f3:ba:92:18:be:
50:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:90:C6:62:99:DF:41:E8:ED:87:A8:6D:D3:4A:FD:38:78:4E:7F:96
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/x5DGYpnfQejth6ht00r9OHhOf5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:990e::/48
2a12:7a40:991e::/48
2a12:7a40:992e::/48
2a12:7a40:993e::/48
2a12:7a40:994e::/48
2a12:7a40:995e::/48
Signature Algorithm: sha256WithRSAEncryption
3e:cf:04:70:81:2c:b2:3d:12:7e:60:5c:1d:f6:46:d8:d8:58:
1b:c5:db:c8:13:66:80:9a:9a:4c:54:de:33:c2:89:b9:f3:e6:
d8:b7:76:a2:93:b9:50:75:02:05:2f:94:63:7d:78:38:e2:c3:
64:32:d6:d5:c4:6b:18:ca:f6:c6:14:65:6e:11:f6:81:17:e5:
58:3f:4e:d7:fb:f7:c7:4c:1c:4b:a5:b0:50:24:9d:65:ce:c3:
02:3e:21:e4:83:77:8d:a5:ee:3e:84:7e:9d:ac:85:fe:79:63:
29:3d:42:fa:62:0a:03:a0:bd:3e:8e:c1:09:2b:d2:91:18:88:
f5:3c:d9:d9:61:70:10:25:e3:12:1d:8f:21:79:eb:b3:41:6c:
8a:df:85:73:bc:b5:b0:7c:fd:7e:bd:3b:d7:02:2b:cc:0c:9a:
4d:92:90:42:8d:9a:a4:02:49:e6:17:e2:7a:4b:46:ac:18:5f:
6d:68:ba:2e:a2:49:35:76:ac:d6:9b:39:96:d1:01:9e:35:fa:
88:89:a5:31:1e:eb:27:02:c9:5e:22:b0:13:2c:81:c9:46:ef:
4d:4c:9a:04:fa:80:76:4d:b8:92:28:47:8c:6b:00:79:4d:c4:
d5:e8:aa:67:bb:73:48:e1:15:fa:4e:d1:fe:d4:f1:0f:76:78:
c7:e6:c6:bf
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZMagUw1reoZU4/AhQ79If7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjQxMTExMDkxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzkwYzY2Mjk5ZGY0MWU4ZWQ4N2E4NmRkMzRhZmQzODc4NGU3Zjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6qnwIYNhD48+LtLWCWjUW+664+z
IRLV8vfPqgWAXjpUgOmktepogruJN929n90MXaxS1Y4EMSQDzBiXKxZ9G96JafDW
dV0m6lIaIbqVNqyygHPkAD66RFNTBjnLmBC10Vj80+xkJ0cmChHKiuPQ82xt6Eqv
Fq3mSLsO/ixCTx9K/3Zznb1GMmKs5DL1JosuMgHSih3eApivofdJ339BERXCVmC5
65jCNeT8W3a886eZ+KfjADKvhqGVkBOPN8St1Iv+8hpKKRdXi7HXks+2JrZJzrcS
DPaAr2Wed1q4rMMwbHI/9FU+sDFRmjGbc4MlNLPFZVBhGgjc87qSGL5QlQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMeQxmKZ30Ho7YeobdNK/Th4Tn+WMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEveDVER1lwbmZRZWp0aDZodDAwcjlPSGhPZjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkO
AwcAKhJ6QJkeAwcAKhJ6QJkuAwcAKhJ6QJk+AwcAKhJ6QJlOAwcAKhJ6QJleMA0G
CSqGSIb3DQEBCwUAA4IBAQA+zwRwgSyyPRJ+YFwd9kbY2FgbxdvIE2aAmppMVN4z
wom58+bYt3aik7lQdQIFL5RjfXg44sNkMtbVxGsYyvbGFGVuEfaBF+VYP07X+/fH
TBxLpbBQJJ1lzsMCPiHkg3eNpe4+hH6drIX+eWMpPUL6YgoDoL0+jsEJK9KRGIj1
PNnZYXAQJeMSHY8heeuzQWyK34VzvLWwfP1+vTvXAivMDJpNkpBCjZqkAknmF+J6
S0asGF9taLouokk1dqzWmzmW0QGeNfqIiaUxHusnAsleIrATLIHJRu9NTJoE+oB2
TbiSKEeMawB5TcTV6Kpnu3NI4RX6TtH+1PEPdnjH5sa/
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:28 2024 by rpki-client on console-fra.rpki-client.org