Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/P8dwonCLKs3miFUzYoAz22KNYac.roa
File: P8dwonCLKs3miFUzYoAz22KNYac.roa (raw, json)
Hash identifier: OPhNlT/Cn1MpIptVOxFbQlhR3uo/5MJmtWpZmmO6zUI=
Subject key identifier: 3F:C7:70:A2:70:8B:2A:CD:E6:88:55:33:62:80:33:DB:62:8D:61:A7
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C6D310893DFADE8DA49A56E3A9D7B
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/P8dwonCLKs3miFUzYoAz22KNYac.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215269
IP address blocks: 2a12:bec4:13f0::/44 maxlen: 48
2a12:bec4:1440::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6d:31:08:93:df:ad:e8:da:49:a5:6e:3a:9d:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fc770a2708b2acde6885533628033db628d61a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:91:fe:8f:c3:09:80:cf:98:12:81:68:e1:23:
29:f5:48:64:cb:56:0e:a7:ab:4e:05:80:83:87:8b:
92:41:7c:eb:7e:a0:1d:6f:d1:60:59:20:10:75:7d:
5d:0b:01:3f:02:d2:eb:37:4d:63:cb:30:65:ae:d0:
3e:12:5c:c8:af:36:d0:c7:8e:1b:cc:96:e1:0d:ab:
a9:42:fe:43:c9:30:8a:9c:2f:9d:9f:11:e4:cd:69:
aa:9c:c4:d5:83:68:76:29:e9:72:05:7f:de:c5:0c:
48:63:e0:af:a5:ad:bd:43:90:cd:5c:d7:71:03:16:
91:3e:fe:ef:93:da:54:39:22:22:db:5c:a6:21:4b:
61:f3:30:c7:48:8b:08:f0:a7:58:cf:cf:cc:68:22:
40:e9:cf:1c:e2:61:ec:61:5c:be:a9:6f:a3:dc:13:
79:f0:37:68:56:67:ac:05:e2:bb:ba:7b:10:9a:d2:
75:77:58:99:e4:f8:af:93:64:ef:3d:93:21:5c:e5:
35:cf:55:9f:89:a1:59:66:5e:5e:4a:cc:b2:13:0b:
b5:1e:82:42:87:c3:ae:8f:8f:8a:3d:16:07:4c:21:
cb:46:16:86:c1:11:cd:c4:16:da:d9:3c:5c:47:6f:
d1:b1:4c:c7:7a:c5:8a:9d:51:1d:58:1c:ca:2a:39:
f7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:C7:70:A2:70:8B:2A:CD:E6:88:55:33:62:80:33:DB:62:8D:61:A7
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/P8dwonCLKs3miFUzYoAz22KNYac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:13f0::/44
2a12:bec4:1440::/44
Signature Algorithm: sha256WithRSAEncryption
4b:6f:cb:77:aa:2a:7d:94:52:a8:00:aa:b4:5d:9c:d7:61:09:
1b:4d:42:07:d2:54:37:bf:07:ef:9b:63:86:9e:7b:64:b3:a1:
54:8e:13:25:4b:bf:2e:79:b2:77:70:e2:96:e4:01:44:ca:ec:
c6:ca:4e:c6:11:7c:69:c1:70:39:ac:77:27:cb:35:39:70:22:
d3:0d:4a:e6:a4:dc:87:09:b3:6f:93:a1:36:9c:fb:e1:a0:fb:
89:3b:36:16:bb:03:db:b4:1c:26:ea:ec:6f:bd:1d:fd:61:4a:
2d:1f:0d:40:37:ab:ee:31:2f:95:47:f5:02:3f:53:c4:35:f6:
c7:e1:c8:fd:0e:15:6b:7d:13:54:76:68:f8:84:e4:fb:27:48:
54:42:c9:3c:e7:56:db:2e:5b:d5:6f:8d:cd:6c:05:b7:77:7f:
8d:bd:54:aa:46:3e:29:49:7b:11:86:ce:5b:bd:1c:05:0d:97:
c3:f5:4f:5c:e1:ce:6c:57:9e:72:e3:e7:75:57:f0:af:07:22:
ba:fb:7d:4c:12:67:52:8b:23:bb:69:5a:84:15:e5:16:5f:4c:
a1:ce:20:d6:5f:c0:b9:ee:3b:9d:ad:d2:73:a7:2c:83:be:46:
49:6e:c8:6c:af:f9:95:41:5c:6d:13:fa:e5:39:76:df:9b:99:
d5:a6:25:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjG0xCJPfrejaSaVuOp17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmM3NzBhMjcwOGIyYWNkZTY4ODU1MzM2MjgwMzNkYjYyOGQ2MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5H+j8MJgM+YEoFo4SMp9Uhky1YO
p6tOBYCDh4uSQXzrfqAdb9FgWSAQdX1dCwE/AtLrN01jyzBlrtA+ElzIrzbQx44b
zJbhDaupQv5DyTCKnC+dnxHkzWmqnMTVg2h2KelyBX/exQxIY+Cvpa29Q5DNXNdx
AxaRPv7vk9pUOSIi21ymIUth8zDHSIsI8KdYz8/MaCJA6c8c4mHsYVy+qW+j3BN5
8DdoVmesBeK7unsQmtJ1d1iZ5Pivk2TvPZMhXOU1z1WfiaFZZl5eSsyyEwu1HoJC
h8Ouj4+KPRYHTCHLRhaGwRHNxBba2TxcR2/RsUzHesWKnVEdWBzKKjn3WQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD/HcKJwiyrN5ohVM2KAM9tijWGnMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvUDhkd29uQ0xLczNtaUZVellvQXoyMktOWWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhK+xBPw
AwcEKhK+xBRAMA0GCSqGSIb3DQEBCwUAA4IBAQBLb8t3qip9lFKoAKq0XZzXYQkb
TUIH0lQ3vwfvm2OGnntks6FUjhMlS78uebJ3cOKW5AFEyuzGyk7GEXxpwXA5rHcn
yzU5cCLTDUrmpNyHCbNvk6E2nPvhoPuJOzYWuwPbtBwm6uxvvR39YUotHw1AN6vu
MS+VR/UCP1PENfbH4cj9DhVrfRNUdmj4hOT7J0hUQsk851bbLlvVb43NbAW3d3+N
vVSqRj4pSXsRhs5bvRwFDZfD9U9c4c5sV55y4+d1V/CvByK6+31MEmdSiyO7aVqE
FeUWX0yhziDWX8C57judrdJzpyyDvkZJbshsr/mVQVxtE/rlOXbfm5nVpiWM
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:44:21 2025 by rpki-client