Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/9ZB42IDhex4Agn3nLa8-kJWUIR4.roa
File: 9ZB42IDhex4Agn3nLa8-kJWUIR4.roa (raw, json)
Hash identifier: t6rO8ksNdvPlLABYr9JnGPsI9zYI8eLs6nF2Q3/WEU8=
Subject key identifier: F5:90:78:D8:80:E1:7B:1E:00:82:7D:E7:2D:AF:3E:90:95:94:21:1E
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019343F37A5A66028EEE9888853051349E91
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/9ZB42IDhex4Agn3nLa8-kJWUIR4.roa
Signing time: Tue 19 Nov 2024 10:24:10 +0000
ROA not before: Tue 19 Nov 2024 10:24:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a12:bec4:1630::/48 maxlen: 48
2a12:bec4:1631::/48 maxlen: 48
2a12:bec4:1632::/48 maxlen: 48
2a12:bec4:1633::/48 maxlen: 48
2a12:bec4:1634::/48 maxlen: 48
2a12:bec4:1635::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:43:f3:7a:5a:66:02:8e:ee:98:88:85:30:51:34:9e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Nov 19 10:24:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f59078d880e17b1e00827de72daf3e909594211e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:34:97:f2:52:ef:c9:ff:d5:1d:19:5e:b3:fb:
7c:eb:8a:bd:62:6e:0e:60:e4:b3:c2:ba:02:f1:4f:
27:a5:8a:4b:07:7e:5c:af:fd:0b:5d:8c:1a:81:37:
63:4d:f8:1e:1c:bd:d0:b2:d1:bf:47:46:b6:88:b7:
98:6b:db:5f:bc:b3:7b:2d:3e:e1:aa:23:03:86:b4:
4c:7b:be:82:60:23:69:cc:3c:22:a4:7b:7c:9d:25:
ac:f1:c0:3c:44:c3:32:f9:e8:35:8d:f4:e9:a5:e4:
58:c0:b7:6f:10:8b:2f:96:8b:6d:37:e3:0d:d7:10:
71:af:92:64:bb:4d:ea:2a:2a:22:19:72:ab:89:62:
62:8e:c5:0f:6e:32:70:e0:3d:42:e9:08:fe:92:4b:
46:88:c0:24:b9:fc:11:8e:3c:d7:9a:a0:fc:f3:e0:
5d:da:33:8f:20:f2:44:20:53:00:cf:83:bb:9e:2d:
52:bd:ac:a2:f3:20:cb:a2:70:03:08:c1:4e:15:50:
20:3c:44:d6:a1:e8:fb:1b:7e:5f:8a:83:04:4d:6f:
8d:da:b2:35:29:ae:13:5b:a7:82:b3:96:08:88:78:
5e:2c:b7:8b:96:b3:e7:9a:95:c2:09:fe:45:37:18:
f1:50:09:0e:40:36:45:24:92:04:db:7b:90:12:6a:
4e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:90:78:D8:80:E1:7B:1E:00:82:7D:E7:2D:AF:3E:90:95:94:21:1E
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/9ZB42IDhex4Agn3nLa8-kJWUIR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1630::-2a12:bec4:1635:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
af:7d:1d:9e:d6:ab:48:8e:e1:7c:f4:56:1c:fd:49:61:ce:3b:
ef:15:57:b6:8b:21:b5:3a:8c:3a:ae:09:7d:80:30:84:2e:46:
a5:21:fe:61:12:ce:f1:da:62:ef:a9:75:f6:e0:d4:0a:34:4b:
17:8e:b9:4c:48:18:bd:3f:73:23:39:d0:8a:b0:d4:f6:fc:d4:
87:e0:f6:79:58:5a:91:09:f5:12:5e:08:13:95:03:f8:a5:8f:
72:4b:23:f0:28:cd:1a:95:bf:a8:53:db:ec:59:10:cf:9b:8d:
87:3a:67:dd:af:4d:6f:9e:ae:c1:a1:04:3d:8c:cf:c9:f9:b3:
d5:fc:61:e2:99:89:6e:1a:59:a7:1c:17:1d:e9:50:d4:82:e2:
7f:80:ce:57:cc:0d:b6:61:6d:4e:13:ac:0b:e6:9e:cf:10:51:
ea:ad:ca:33:75:9a:38:04:7a:d4:07:40:2c:5b:d3:ba:bb:a5:
73:99:72:fd:08:34:ea:f1:3f:fa:28:ac:f6:db:b9:e7:7c:45:
dc:ad:6d:5b:a0:fb:0d:2e:ec:25:14:a5:bb:66:f9:70:0f:01:
41:25:e2:75:c0:82:0c:b8:9a:82:74:34:ce:4f:c4:f1:16:42:
a9:25:05:0f:06:8a:08:c6:f4:0e:40:c3:b9:63:d1:27:fb:a0:
cc:31:a0:ec
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZND83paZgKO7piIhTBRNJ6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQxMTE5MTAyNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkwNzhkODgwZTE3YjFlMDA4MjdkZTcyZGFmM2U5MDk1OTQyMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzSX8lLvyf/VHRles/t864q9Ym4O
YOSzwroC8U8npYpLB35cr/0LXYwagTdjTfgeHL3QstG/R0a2iLeYa9tfvLN7LT7h
qiMDhrRMe76CYCNpzDwipHt8nSWs8cA8RMMy+eg1jfTppeRYwLdvEIsvlottN+MN
1xBxr5Jku03qKioiGXKriWJijsUPbjJw4D1C6Qj+kktGiMAkufwRjjzXmqD88+Bd
2jOPIPJEIFMAz4O7ni1Svayi8yDLonADCMFOFVAgPETWoej7G35fioMETW+N2rI1
Ka4TW6eCs5YIiHheLLeLlrPnmpXCCf5FNxjxUAkOQDZFJJIE23uQEmpOKQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPWQeNiA4XseAIJ95y2vPpCVlCEeMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvOVpCNDJJRGhleDRBZ24zbkxhOC1rSldVSVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqEr7E
FjADBwEqEr7EFjQwDQYJKoZIhvcNAQELBQADggEBAK99HZ7Wq0iO4Xz0Vhz9SWHO
O+8VV7aLIbU6jDquCX2AMIQuRqUh/mESzvHaYu+pdfbg1Ao0SxeOuUxIGL0/cyM5
0Iqw1Pb81Ifg9nlYWpEJ9RJeCBOVA/ilj3JLI/AozRqVv6hT2+xZEM+bjYc6Z92v
TW+ersGhBD2Mz8n5s9X8YeKZiW4aWaccFx3pUNSC4n+AzlfMDbZhbU4TrAvmns8Q
UeqtyjN1mjgEetQHQCxb07q7pXOZcv0INOrxP/oorPbbued8RdytbVug+w0u7CUU
pbtm+XAPAUEl4nXAggy4moJ0NM5PxPEWQqklBQ8GigjG9A5Aw7lj0Sf7oMwxoOw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:13:26 2024 by rpki-client on console-ams.rpki-client.org