Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/1-qP0IbgubOExMdTUNixM_ikWvQ8.roa
File: 1-qP0IbgubOExMdTUNixM_ikWvQ8.roa (raw, json)
Hash identifier: bekdKuVgZ6HapRlFJLvoxt2tdDLF7j2EpAl8HQPgeHE=
Subject key identifier: FA:A3:F4:21:B8:2E:6C:E1:31:31:D4:D4:36:2C:4C:FE:29:16:BD:0F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018EBC9300E54D63B91BE4D722BCC1E2EF5F
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/1-qP0IbgubOExMdTUNixM_ikWvQ8.roa
Signing time: Mon 08 Apr 2024 07:18:54 +0000
ROA not before: Mon 08 Apr 2024 07:18:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215191
IP address blocks: 2a12:bec0:50c::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bc:93:00:e5:4d:63:b9:1b:e4:d7:22:bc:c1:e2:ef:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Apr 8 07:18:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faa3f421b82e6ce13131d4d4362c4cfe2916bd0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:2d:d9:2d:c2:17:87:e1:3e:7d:83:97:b7:
b2:4a:33:ec:97:c2:96:33:30:8e:b5:04:33:80:81:
75:a3:0d:98:0e:d0:59:63:90:68:62:21:a0:85:03:
26:02:e6:b7:90:64:fe:06:9b:f8:3b:0b:91:d7:51:
36:58:89:9e:03:ca:20:a8:85:5a:c8:ea:5e:de:8b:
c8:69:92:1f:d5:94:0b:a1:cd:4e:41:e4:9f:a7:de:
94:05:31:53:b0:ef:ab:85:3a:2e:b8:8a:a8:64:53:
5e:e2:db:f6:7a:86:cc:ab:8a:54:fc:2d:41:90:98:
b7:60:ef:8f:19:bc:06:a4:1d:e5:cc:2e:fa:d7:b4:
8f:d0:1c:b6:cf:6f:50:90:49:66:09:b4:cb:a7:78:
eb:e4:b1:9c:9a:33:91:b0:92:26:5a:7e:41:7e:29:
86:9c:08:7c:92:cc:c1:4b:af:96:dd:2a:bf:0d:37:
37:3f:e7:d2:41:ea:15:ba:00:79:de:69:44:3a:21:
d4:e2:e7:6e:fa:35:d4:ff:c2:67:3f:5e:bf:67:42:
2e:e2:95:ec:84:78:22:71:d7:8a:29:bf:9a:88:ed:
f9:54:c2:cb:8d:e7:e2:bb:f5:b3:f3:65:fa:2f:2d:
61:4c:85:ef:07:92:8b:c2:9d:97:c3:36:49:e4:01:
4d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A3:F4:21:B8:2E:6C:E1:31:31:D4:D4:36:2C:4C:FE:29:16:BD:0F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/1-qP0IbgubOExMdTUNixM_ikWvQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:50c::/47
Signature Algorithm: sha256WithRSAEncryption
bd:4d:58:f9:fa:c0:3c:60:d6:7d:59:ff:1d:ca:aa:05:55:5a:
cd:cb:11:cf:02:74:9c:d9:50:99:43:1c:72:97:04:8a:e7:35:
77:6e:46:f3:20:70:b5:ba:9d:19:67:46:64:01:97:40:05:71:
7e:0b:d0:ce:5e:1d:a7:33:cc:12:02:75:cc:28:ac:c4:f2:d1:
c0:52:23:42:be:0a:19:9d:95:00:76:a9:1f:3f:d2:19:a7:a5:
f6:c9:53:10:db:d8:d5:41:18:51:9d:6b:3c:77:9a:80:84:bc:
cf:f3:da:e8:67:26:f3:79:c0:5a:30:8c:e2:55:49:1a:d5:d3:
d4:de:8e:7e:3d:96:64:02:35:24:ab:54:04:bc:78:77:0a:c0:
29:c9:ac:8f:36:d5:4b:75:9e:91:96:69:2c:5a:25:f7:ac:9f:
5c:84:bf:66:3f:63:85:55:00:88:a3:4d:29:67:45:85:b6:26:
f3:87:fe:98:a1:89:18:e2:02:89:5d:19:3a:34:a6:cb:43:1c:
c8:51:3d:55:c8:0a:3c:bd:08:22:7f:59:c0:7e:5a:c8:6b:64:
5a:7f:7e:8b:82:94:df:ab:96:50:fc:f6:0c:34:f6:ea:68:c8:
fc:13:d2:61:1c:5b:5a:5c:1e:ca:44:04:2f:f8:90:d0:d4:0a:
3c:9f:62:51
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAY68kwDlTWO5G+TXIrzB4u9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwNDA4MDcxODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWEzZjQyMWI4MmU2Y2UxMzEzMWQ0ZDQzNjJjNGNmZTI5MTZiZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqist2S3CF4fhPn2Dl7eySjPsl8KW
MzCOtQQzgIF1ow2YDtBZY5BoYiGghQMmAua3kGT+Bpv4OwuR11E2WImeA8ogqIVa
yOpe3ovIaZIf1ZQLoc1OQeSfp96UBTFTsO+rhTouuIqoZFNe4tv2eobMq4pU/C1B
kJi3YO+PGbwGpB3lzC7617SP0By2z29QkElmCbTLp3jr5LGcmjORsJImWn5BfimG
nAh8kszBS6+W3Sq/DTc3P+fSQeoVugB53mlEOiHU4udu+jXU/8JnP16/Z0Iu4pXs
hHgicdeKKb+aiO35VMLLjefiu/Wz82X6Ly1hTIXvB5KLwp2XwzZJ5AFNlQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPqj9CG4LmzhMTHU1DYsTP4pFr0PMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvMS1xUDBJYmd1Yk9FeE1kVFVOaXhNX2lrV3ZROC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvOTdmNDlhLTdhOTUtNGRkNS04Yzc0LTU1MzY5Y2Y1MDdl
ZS8xL3MzNGhXa0ZlMTdYZVMyM0JMeTk3ZDFERDFtOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASoSvsAF
DDANBgkqhkiG9w0BAQsFAAOCAQEAvU1Y+frAPGDWfVn/HcqqBVVazcsRzwJ0nNlQ
mUMccpcEiuc1d25G8yBwtbqdGWdGZAGXQAVxfgvQzl4dpzPMEgJ1zCisxPLRwFIj
Qr4KGZ2VAHapHz/SGael9slTENvY1UEYUZ1rPHeagIS8z/Pa6Gcm83nAWjCM4lVJ
GtXT1N6Ofj2WZAI1JKtUBLx4dwrAKcmsjzbVS3WekZZpLFol96yfXIS/Zj9jhVUA
iKNNKWdFhbYm84f+mKGJGOICiV0ZOjSmy0McyFE9VcgKPL0IIn9ZwH5ayGtkWn9+
i4KU36uWUPz2DDT26mjI/BPSYRxbWlweykQEL/iQ0NQKPJ9iUQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:06:52 2024 by rpki-client on console-ams.rpki-client.org