Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/629GUC2IlrS7808PXKBhvaX_icw.roa
File: 629GUC2IlrS7808PXKBhvaX_icw.roa (raw, json)
Hash identifier: qfT4Nkj3eNfLSEr3rfUbplJXx8l2p11IcCC+so81PQ4=
Subject key identifier: EB:6F:46:50:2D:88:96:B4:BB:F3:4F:0F:5C:A0:61:BD:A5:FF:89:CC
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018CC64A02CD4D32C11A8EF874CD5DA7A1DE
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/629GUC2IlrS7808PXKBhvaX_icw.roa
Signing time: Mon 01 Jan 2024 18:29:48 +0000
ROA not before: Mon 01 Jan 2024 18:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199545
IP address blocks: 2a12:bec0:e00::/43 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:02:cd:4d:32:c1:1a:8e:f8:74:cd:5d:a7:a1:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 18:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb6f46502d8896b4bbf34f0f5ca061bda5ff89cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:36:c3:e6:db:92:0b:41:01:af:fe:40:d5:
14:02:10:3c:cf:40:63:ca:07:01:ff:97:11:76:b4:
cb:41:b3:d9:fe:a0:74:52:96:da:73:4c:71:f3:9b:
39:80:a6:17:52:b1:ad:b6:01:48:45:5d:34:08:16:
38:d3:76:c0:69:5d:bd:4b:c1:43:ef:76:58:9d:4e:
9c:29:e5:fa:35:76:c0:ef:40:36:dc:2a:36:8d:63:
07:f5:a9:c8:25:39:0c:f8:26:08:d2:6d:63:b6:48:
08:69:ef:ee:1b:d0:a3:38:f8:86:b9:eb:e7:5b:91:
06:39:d2:19:35:53:5b:ea:cd:22:0d:f8:ce:72:29:
4b:b5:c0:ef:94:b7:1f:3b:d0:54:7b:7b:3c:42:3a:
b5:4e:6f:28:b6:a3:a2:75:e4:f1:03:6c:44:ef:f6:
21:7e:c0:94:71:d4:c6:d1:19:30:95:c1:5a:ff:8c:
c8:15:e7:5a:fe:e3:ef:9b:1a:87:8f:f4:13:c5:86:
27:1c:9e:b9:79:1c:99:e2:89:4f:87:09:48:07:59:
42:11:01:d3:33:32:9e:d4:1c:2d:06:ea:16:17:17:
5f:21:25:d8:d6:6e:59:58:50:53:26:6f:d7:a2:7f:
62:cb:3d:c3:01:db:8f:56:0b:b7:b3:d4:86:d9:74:
14:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6F:46:50:2D:88:96:B4:BB:F3:4F:0F:5C:A0:61:BD:A5:FF:89:CC
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/629GUC2IlrS7808PXKBhvaX_icw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:e00::/43
Signature Algorithm: sha256WithRSAEncryption
62:e2:4d:92:f5:75:a3:70:bc:3c:d3:cd:be:7c:f2:1b:ec:ac:
a5:c4:89:13:d6:01:f3:39:92:d0:f9:52:a4:d9:00:36:60:1c:
da:b7:0e:37:b1:a1:30:77:f7:1f:5c:05:e8:fd:5f:6d:49:d8:
f2:3b:4b:1f:7a:10:68:89:0d:52:1d:b8:69:d1:3b:fd:a5:c0:
ed:b6:12:a4:74:68:9e:2b:6d:df:47:5e:f1:0f:5d:9d:3d:f7:
d2:58:fc:48:c7:5c:92:e5:c5:44:1f:28:e9:a7:04:35:68:bd:
a8:37:86:53:32:23:ee:09:cf:51:e8:68:63:2c:4a:c3:ee:d0:
be:89:75:63:62:1a:d2:62:0a:6c:2a:71:ec:a5:54:8f:af:cc:
ea:cc:85:1f:fb:58:8b:bd:f6:aa:ae:b5:1c:c1:2c:d1:cc:9e:
43:21:d4:d9:db:c1:bf:56:06:58:5f:93:cc:43:7f:4b:da:61:
9f:87:4d:13:b0:9e:91:2d:1a:ef:c1:f1:86:e9:85:4f:0e:d9:
f8:1c:27:e4:3f:8b:58:48:70:10:7c:e5:a6:cb:9f:e3:01:1a:
d0:b4:dc:8e:75:d8:91:f5:0a:1e:21:3b:f1:ac:61:03:91:f2:
3e:0d:43:a4:74:2b:18:86:a9:30:8e:5b:2b:f6:6c:eb:55:0c:
04:25:2b:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSgLNTTLBGo74dM1dp6HeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMTAxMTgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZmNDY1MDJkODg5NmI0YmJmMzRmMGY1Y2EwNjFiZGE1ZmY4OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo82w+bbkgtBAa/+QNUUAhA8z0Bj
ygcB/5cRdrTLQbPZ/qB0Upbac0xx85s5gKYXUrGttgFIRV00CBY403bAaV29S8FD
73ZYnU6cKeX6NXbA70A23Co2jWMH9anIJTkM+CYI0m1jtkgIae/uG9CjOPiGuevn
W5EGOdIZNVNb6s0iDfjOcilLtcDvlLcfO9BUe3s8Qjq1Tm8otqOideTxA2xE7/Yh
fsCUcdTG0RkwlcFa/4zIFeda/uPvmxqHj/QTxYYnHJ65eRyZ4olPhwlIB1lCEQHT
MzKe1BwtBuoWFxdfISXY1m5ZWFBTJm/Xon9iyz3DAduPVgu3s9SG2XQUwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOtvRlAtiJa0u/NPD1ygYb2l/4nMMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvNjI5R1VDMklsclM3ODA4UFhLQmh2YVhfaWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKhK+wA4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBi4k2S9XWjcLw8082+fPIb7KylxIkT1gHzOZLQ
+VKk2QA2YBzatw43saEwd/cfXAXo/V9tSdjyO0sfehBoiQ1SHbhp0Tv9pcDtthKk
dGieK23fR17xD12dPffSWPxIx1yS5cVEHyjppwQ1aL2oN4ZTMiPuCc9R6GhjLErD
7tC+iXVjYhrSYgpsKnHspVSPr8zqzIUf+1iLvfaqrrUcwSzRzJ5DIdTZ28G/VgZY
X5PMQ39L2mGfh00TsJ6RLRrvwfGG6YVPDtn4HCfkP4tYSHAQfOWmy5/jARrQtNyO
ddiR9QoeITvxrGEDkfI+DUOkdCsYhqkwjlsr9mzrVQwEJSul
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:55:53 2024 by rpki-client on console-ams.rpki-client.org