Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/P2u4KPeqzSQcwAgZ8deIfwyGubY.roa
File: P2u4KPeqzSQcwAgZ8deIfwyGubY.roa (raw, json)
Hash identifier: Als/ffLK0Q91tczz4CfkRCOsGHHaJ5ik5/xjQ0GWyQU=
Subject key identifier: 3F:6B:B8:28:F7:AA:CD:24:1C:C0:08:19:F1:D7:88:7F:0C:86:B9:B6
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018CC64A0BF8164BC58A589EA169CE9332A9
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/P2u4KPeqzSQcwAgZ8deIfwyGubY.roa
Signing time: Mon 01 Jan 2024 18:29:50 +0000
ROA not before: Mon 01 Jan 2024 18:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212050
IP address blocks: 2a12:bec0:e00::/48 maxlen: 48
2a12:bec0:e01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:0b:f8:16:4b:c5:8a:58:9e:a1:69:ce:93:32:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 18:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f6bb828f7aacd241cc00819f1d7887f0c86b9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b4:a4:a0:91:6c:e4:1d:a1:19:fd:f1:6e:a4:
71:d3:d1:62:4b:a3:2c:02:87:e3:74:3c:2c:8f:97:
1c:e5:cf:7f:a4:8d:74:5e:57:10:12:60:3e:b8:66:
08:48:6e:67:8e:e0:f2:b2:30:6e:b2:24:ab:ec:59:
b2:ff:c8:ea:5c:4f:48:a7:3d:1b:95:0b:af:14:0b:
9e:b2:26:6d:ec:be:8b:cd:d8:c3:7a:92:b9:a9:a4:
68:a1:e9:a7:7f:f8:81:2a:75:14:6b:35:20:da:9b:
fc:a4:ee:b2:c0:32:ef:9f:c7:37:bb:14:2a:62:9b:
e1:1d:2c:1a:68:18:47:0f:76:0f:b2:e5:c5:b4:35:
53:31:ca:d5:1f:10:b4:cf:55:cc:ec:1a:58:cf:5f:
60:5e:f9:aa:70:cb:56:61:c8:85:3c:d3:05:15:8c:
92:63:0c:b7:2b:db:ae:02:4d:f6:bd:0e:22:0a:54:
5b:6d:10:25:66:55:bb:3e:15:ed:0e:46:38:a8:04:
b4:d5:32:27:7f:e8:94:ba:e5:a1:a5:7b:ce:dd:4a:
0c:4a:1c:8c:71:a5:59:0c:22:d4:f8:ac:bb:5f:56:
48:2b:ee:cd:9f:80:21:ab:86:27:e8:1c:6e:00:ef:
84:1c:30:00:12:7e:4b:65:4d:e1:3b:96:14:32:a6:
24:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6B:B8:28:F7:AA:CD:24:1C:C0:08:19:F1:D7:88:7F:0C:86:B9:B6
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/P2u4KPeqzSQcwAgZ8deIfwyGubY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:e00::/47
Signature Algorithm: sha256WithRSAEncryption
1d:4f:7d:7d:90:58:71:d6:71:3b:88:e1:48:53:70:ec:29:e1:
2d:80:a8:a8:c8:46:c2:09:c3:02:27:00:51:04:56:83:30:9d:
80:4d:86:ed:ac:52:7c:71:08:b6:1c:b0:b9:22:15:12:e6:5e:
07:f9:4d:c7:2a:f0:a0:c9:19:bb:51:d7:b8:5b:a8:da:ad:6b:
08:91:59:b5:cd:2b:d9:a9:3f:e2:4c:b0:2c:19:f4:e9:9f:32:
c9:23:2d:2d:d3:c3:18:6e:45:af:1d:94:51:c2:5f:81:4a:8f:
fc:27:8f:8e:96:88:c9:70:93:29:d1:c0:22:70:49:2e:8b:6c:
12:6e:3b:15:86:61:cd:2a:c7:47:68:88:8d:28:51:40:03:a4:
ce:0d:22:86:54:76:7a:56:69:a7:ed:01:f4:fd:63:3e:cb:c1:
1e:19:e9:8f:d7:a1:23:32:b3:95:fe:86:af:50:3e:9a:7e:a0:
78:a7:ac:03:a1:ba:34:c1:94:4b:d4:83:23:ee:52:e8:10:c4:
6b:84:ae:56:9d:f0:2e:49:5f:6c:50:56:d6:20:be:5a:c4:8c:
b8:0e:28:76:37:f1:76:26:38:04:e4:29:64:14:a2:89:df:70:
87:26:4d:d4:df:8e:b9:93:28:94:81:a1:7d:6f:88:bd:cb:23:
71:09:d1:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGSgv4FkvFilieoWnOkzKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMTAxMTgyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZiYjgyOGY3YWFjZDI0MWNjMDA4MTlmMWQ3ODg3ZjBjODZiOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLSkoJFs5B2hGf3xbqRx09FiS6Ms
AofjdDwsj5cc5c9/pI10XlcQEmA+uGYISG5njuDysjBusiSr7Fmy/8jqXE9Ipz0b
lQuvFAuesiZt7L6LzdjDepK5qaRooemnf/iBKnUUazUg2pv8pO6ywDLvn8c3uxQq
YpvhHSwaaBhHD3YPsuXFtDVTMcrVHxC0z1XM7BpYz19gXvmqcMtWYciFPNMFFYyS
Ywy3K9uuAk32vQ4iClRbbRAlZlW7PhXtDkY4qAS01TInf+iUuuWhpXvO3UoMShyM
caVZDCLU+Ky7X1ZIK+7Nn4Ahq4Yn6BxuAO+EHDAAEn5LZU3hO5YUMqYksQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD9ruCj3qs0kHMAIGfHXiH8Mhrm2MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUDJ1NEtQZXF6U1Fjd0FnWjhkZUlmd3lHdWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhK+wA4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAdT319kFhx1nE7iOFIU3DsKeEtgKioyEbCCcMC
JwBRBFaDMJ2ATYbtrFJ8cQi2HLC5IhUS5l4H+U3HKvCgyRm7Ude4W6jarWsIkVm1
zSvZqT/iTLAsGfTpnzLJIy0t08MYbkWvHZRRwl+BSo/8J4+OlojJcJMp0cAicEku
i2wSbjsVhmHNKsdHaIiNKFFAA6TODSKGVHZ6Vmmn7QH0/WM+y8EeGemP16EjMrOV
/oavUD6afqB4p6wDobo0wZRL1IMj7lLoEMRrhK5WnfAuSV9sUFbWIL5axIy4Dih2
N/F2JjgE5ClkFKKJ33CHJk3U3465kyiUgaF9b4i9yyNxCdFi
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:52:31 2024 by rpki-client on console-fra.rpki-client.org