Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/BIf-3gc7DDgD6fghVL8r7eWsRYw.roa
File: BIf-3gc7DDgD6fghVL8r7eWsRYw.roa (raw, json)
Hash identifier: hyIJs5istvU+bp9SCsUR/0Vu4HagruvzEJMPx7Qavq0=
Subject key identifier: 04:87:FE:DE:07:3B:0C:38:03:E9:F8:21:54:BF:2B:ED:E5:AC:45:8C
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018CC64A045EFD24593A9414B9217FDDCE52
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/BIf-3gc7DDgD6fghVL8r7eWsRYw.roa
Signing time: Mon 01 Jan 2024 18:29:48 +0000
ROA not before: Mon 01 Jan 2024 18:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199705
IP address blocks: 2a12:bec0:450::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:04:5e:fd:24:59:3a:94:14:b9:21:7f:dd:ce:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 18:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0487fede073b0c3803e9f82154bf2bede5ac458c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:77:43:cf:7e:23:32:f7:33:12:c7:41:58:4d:
e5:c8:6e:27:09:62:f6:c4:7a:e8:9d:7c:d0:f5:a5:
65:fe:92:a8:d7:da:45:c3:40:ee:f0:f3:12:ed:e4:
9f:31:58:a0:0f:17:ec:fc:87:90:89:a8:cd:a5:54:
42:03:97:e4:31:62:1e:66:fa:ad:bc:e3:ff:4a:3c:
8e:c7:d7:48:0b:b1:5c:0b:fb:d0:d2:97:02:b4:78:
b5:db:9c:24:41:ac:eb:d4:b0:1c:40:4f:85:b0:aa:
88:89:d3:fc:9f:8d:f9:95:5f:51:fa:15:df:44:56:
55:32:da:cc:5f:0a:8a:37:6b:9c:c2:43:a5:c7:2e:
00:0f:05:87:5b:63:a8:9f:ae:fa:57:2a:ed:eb:a6:
bd:f3:66:de:58:f3:4f:26:49:59:26:22:79:41:e9:
26:46:f3:c6:e5:20:e2:40:2d:a5:ed:46:08:e5:89:
1b:de:24:16:f3:27:72:8c:f5:ca:4c:ae:cc:15:e3:
1b:d8:06:13:fc:b3:29:0f:bf:f9:92:da:04:37:16:
a6:a6:18:40:69:37:2e:ff:d7:d8:26:cc:1c:30:2a:
4b:a0:6f:7d:8f:f1:58:9b:53:ac:6f:98:55:e4:ba:
a9:aa:0a:8c:52:01:6d:92:c7:0e:97:87:83:ad:ab:
9c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:87:FE:DE:07:3B:0C:38:03:E9:F8:21:54:BF:2B:ED:E5:AC:45:8C
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/BIf-3gc7DDgD6fghVL8r7eWsRYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:450::/44
Signature Algorithm: sha256WithRSAEncryption
aa:f8:91:94:f4:79:e4:28:ba:71:07:da:7e:21:27:fd:2e:26:
08:33:d0:dc:f7:a1:bd:cd:f8:3f:be:3f:5b:72:ed:d1:a7:c4:
5e:19:23:f9:6a:0c:ea:3c:2d:7d:4b:80:5b:d4:7c:f8:10:11:
b9:0b:b6:4a:dc:ae:46:0d:f5:ec:53:b4:e0:6f:a6:f6:1b:ea:
83:60:ad:f1:0a:32:9e:e4:2b:1a:74:3f:bb:d9:dc:18:d9:33:
84:40:27:b9:87:36:96:9a:f3:30:cf:0d:9b:f3:70:b4:43:66:
bb:6a:44:e9:f2:c3:37:22:a2:ac:30:50:f1:e2:6a:9a:96:76:
44:04:ba:49:a9:1e:07:79:43:f2:30:bd:64:5a:67:e0:e6:c5:
f2:38:3b:c1:77:97:91:2a:47:60:08:1f:7c:28:15:45:27:51:
cd:15:e2:c2:30:0c:ef:ad:04:44:23:63:47:c2:cf:90:7c:15:
f4:b9:a3:89:31:6a:c5:09:c6:1b:90:bd:b8:11:aa:e9:08:f1:
13:c2:e2:16:b1:72:c4:52:10:6b:30:af:f0:f9:2a:e4:9d:07:
e7:1c:4a:25:22:f4:8f:13:ff:82:80:8d:b5:ad:2b:a7:61:3a:
2d:71:55:ab:7f:9d:9d:ec:c5:bd:94:2c:e0:03:c8:65:20:3f:
0d:0c:fa:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSgRe/SRZOpQUuSF/3c5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMTAxMTgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg3ZmVkZTA3M2IwYzM4MDNlOWY4MjE1NGJmMmJlZGU1YWM0NThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXdDz34jMvczEsdBWE3lyG4nCWL2
xHronXzQ9aVl/pKo19pFw0Du8PMS7eSfMVigDxfs/IeQiajNpVRCA5fkMWIeZvqt
vOP/SjyOx9dIC7FcC/vQ0pcCtHi125wkQazr1LAcQE+FsKqIidP8n435lV9R+hXf
RFZVMtrMXwqKN2ucwkOlxy4ADwWHW2Oon676Vyrt66a982beWPNPJklZJiJ5Qekm
RvPG5SDiQC2l7UYI5Ykb3iQW8ydyjPXKTK7MFeMb2AYT/LMpD7/5ktoENxamphhA
aTcu/9fYJswcMCpLoG99j/FYm1Osb5hV5LqpqgqMUgFtkscOl4eDraucTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFASH/t4HOww4A+n4IVS/K+3lrEWMMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvQklmLTNnYzdERGdENmZnaFZMOHI3ZVdzUll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wARQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCq+JGU9HnkKLpxB9p+ISf9LiYIM9Dc96G9zfg/
vj9bcu3Rp8ReGSP5agzqPC19S4Bb1Hz4EBG5C7ZK3K5GDfXsU7Tgb6b2G+qDYK3x
CjKe5CsadD+72dwY2TOEQCe5hzaWmvMwzw2b83C0Q2a7akTp8sM3IqKsMFDx4mqa
lnZEBLpJqR4HeUPyML1kWmfg5sXyODvBd5eRKkdgCB98KBVFJ1HNFeLCMAzvrQRE
I2NHws+QfBX0uaOJMWrFCcYbkL24EarpCPETwuIWsXLEUhBrMK/w+SrknQfnHEol
IvSPE/+CgI21rSunYTotcVWrf52d7MW9lCzgA8hlID8NDPpi
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:46:59 2024 by rpki-client on console-fra.rpki-client.org