Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/3Q02ulmKG5cO8z_nCRyXGIJaTwk.roa
File: 3Q02ulmKG5cO8z_nCRyXGIJaTwk.roa (raw, json)
Hash identifier: Y//bOMn311Rfl9RdgSVy7EVz3Ng07k7SE/wgOoKmi38=
Subject key identifier: DD:0D:36:BA:59:8A:1B:97:0E:F3:3F:E7:09:1C:97:18:82:5A:4F:09
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018D5571858B260C34A776C1CE11505EBF74
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/3Q02ulmKG5cO8z_nCRyXGIJaTwk.roa
Signing time: Mon 29 Jan 2024 13:38:39 +0000
ROA not before: Mon 29 Jan 2024 13:38:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215630
IP address blocks: 2a12:bec0:690::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 00:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:55:71:85:8b:26:0c:34:a7:76:c1:ce:11:50:5e:bf:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 29 13:38:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd0d36ba598a1b970ef33fe7091c9718825a4f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:67:51:42:1d:d7:69:41:46:6c:33:ca:72:cd:
c4:0b:2c:27:8b:56:2d:8a:1a:77:f3:22:3e:59:5e:
1a:05:ad:d6:78:17:3c:bc:54:01:24:41:82:a2:4b:
04:20:54:3c:e5:60:cf:55:bb:01:60:c4:0d:7f:48:
56:49:c7:e9:fc:fd:69:0b:55:7f:93:2e:88:5f:7b:
ec:7d:4b:3f:df:bb:69:b0:9e:95:db:c8:b2:c6:4f:
a8:18:ed:5c:26:8a:97:21:71:4a:97:af:8f:70:1e:
32:38:1e:c5:e7:2c:7c:3c:8c:53:90:81:e4:c9:cc:
0c:8d:7d:45:05:56:4a:4a:3e:a3:04:42:a3:c2:94:
3d:0a:56:c0:5b:47:9f:0c:f0:ad:0b:fe:43:f3:14:
31:62:34:52:c4:1f:fd:6e:5b:d8:e7:95:07:c9:1a:
09:c9:40:1e:43:e2:74:35:1e:37:cb:ac:5f:9b:8d:
f7:35:37:f3:55:27:7e:c7:cb:8d:23:f4:1b:24:ba:
96:21:8c:77:f4:03:55:c7:11:a1:8c:cb:fa:1a:ab:
b6:7d:24:47:e2:7a:f0:cf:49:6a:de:43:74:81:e5:
29:3d:1b:2e:4d:7d:08:27:7b:0e:3c:76:99:ca:e5:
d0:44:42:0a:28:a0:37:d2:4a:36:86:45:f1:c6:eb:
fe:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0D:36:BA:59:8A:1B:97:0E:F3:3F:E7:09:1C:97:18:82:5A:4F:09
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/3Q02ulmKG5cO8z_nCRyXGIJaTwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:690::/44
Signature Algorithm: sha256WithRSAEncryption
7b:de:47:e7:59:32:35:c5:90:14:68:59:e3:57:27:de:8b:4d:
81:ca:9c:d7:25:2c:09:26:61:a6:d9:bc:17:49:88:2a:76:15:
e1:84:92:c2:c0:fb:db:48:01:d9:64:da:01:3b:8b:d5:a8:fa:
3b:7a:5b:d5:36:a8:33:66:9f:1b:86:e9:93:0b:9c:ff:2b:e2:
d1:fb:65:78:61:97:b5:4a:19:34:41:07:c7:cd:41:7d:ec:d4:
4d:85:47:35:87:d8:e8:a7:8c:42:17:62:a4:90:48:1d:ee:6a:
16:cd:71:78:6e:1e:39:6f:24:70:39:22:15:3d:6c:e9:15:e5:
9e:d1:c6:0e:c9:55:ef:c7:1a:ef:7c:8a:8a:81:de:1d:13:fc:
6e:fc:eb:d3:88:2a:13:2b:64:6d:24:f9:fb:a8:8d:16:00:20:
17:46:48:45:f8:4e:82:9c:28:28:ec:c5:ed:b6:36:7f:cd:1b:
a9:75:e9:0f:e9:df:2e:bd:c5:f0:da:dd:98:f6:22:9a:bd:c9:
5d:98:0d:75:52:42:8f:7a:ec:f8:f0:05:15:e8:07:88:d4:df:
bf:c4:a9:05:c3:cb:5a:dc:c5:75:a6:3c:ff:72:1f:d8:b9:30:
75:4d:b5:ab:81:79:28:b5:00:8c:23:34:d0:cb:4b:cd:21:28:
59:f4:06:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1VcYWLJgw0p3bBzhFQXr90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMTI5MTMzODM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBkMzZiYTU5OGExYjk3MGVmMzNmZTcwOTFjOTcxODgyNWE0ZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmdRQh3XaUFGbDPKcs3ECywni1Yt
ihp38yI+WV4aBa3WeBc8vFQBJEGCoksEIFQ85WDPVbsBYMQNf0hWScfp/P1pC1V/
ky6IX3vsfUs/37tpsJ6V28iyxk+oGO1cJoqXIXFKl6+PcB4yOB7F5yx8PIxTkIHk
ycwMjX1FBVZKSj6jBEKjwpQ9ClbAW0efDPCtC/5D8xQxYjRSxB/9blvY55UHyRoJ
yUAeQ+J0NR43y6xfm433NTfzVSd+x8uNI/QbJLqWIYx39ANVxxGhjMv6Gqu2fSRH
4nrwz0lq3kN0geUpPRsuTX0IJ3sOPHaZyuXQREIKKKA30ko2hkXxxuv+3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN0NNrpZihuXDvM/5wkclxiCWk8JMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvM1EwMnVsbUtHNWNPOHpfbkNSeVhHSUphVHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB73kfnWTI1xZAUaFnjVyfei02BypzXJSwJJmGm
2bwXSYgqdhXhhJLCwPvbSAHZZNoBO4vVqPo7elvVNqgzZp8bhumTC5z/K+LR+2V4
YZe1Shk0QQfHzUF97NRNhUc1h9jop4xCF2KkkEgd7moWzXF4bh45byRwOSIVPWzp
FeWe0cYOyVXvxxrvfIqKgd4dE/xu/OvTiCoTK2RtJPn7qI0WACAXRkhF+E6CnCgo
7MXttjZ/zRupdekP6d8uvcXw2t2Y9iKavcldmA11UkKPeuz48AUV6AeI1N+/xKkF
w8ta3MV1pjz/ch/YuTB1TbWrgXkotQCMIzTQy0vNIShZ9AZD
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:01:16 2024 by rpki-client on console-ams.rpki-client.org