Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/f0-gk8Il61adeE_Zbfi7mEQ6muk.roa
File: f0-gk8Il61adeE_Zbfi7mEQ6muk.roa (raw, json)
Hash identifier: RfXfYdIMUMoHZ7wq8cO+dKX2XsobywuSz0OIPlriob4=
Subject key identifier: 7F:4F:A0:93:C2:25:EB:56:9D:78:4F:D9:6D:F8:BB:98:44:3A:9A:E9
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 018D45F71EA2A096AB3E16BC0984CFB5D039
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/f0-gk8Il61adeE_Zbfi7mEQ6muk.roa
Signing time: Fri 26 Jan 2024 13:30:39 +0000
ROA not before: Fri 26 Jan 2024 13:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199707
IP address blocks: 2a12:bec0:160::/48 maxlen: 48
2a12:bec0:162::/48 maxlen: 48
2a12:bec0:166::/48 maxlen: 48
2a12:bec0:168::/48 maxlen: 48
2a12:bec0:16d::/48 maxlen: 48
2a12:bec0:16e::/48 maxlen: 48
2a12:bec0:680::/45 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:f7:1e:a2:a0:96:ab:3e:16:bc:09:84:cf:b5:d0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 26 13:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f4fa093c225eb569d784fd96df8bb98443a9ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:69:8a:4d:8c:dc:0f:f7:fa:12:17:d9:d6:fd:
c0:c5:17:45:25:64:ee:0f:13:a7:f3:59:82:36:f2:
19:ed:8a:ee:3d:e3:e1:82:d6:97:aa:82:16:5f:99:
48:2d:b5:21:3d:d4:79:8d:5f:cc:d5:10:2e:dc:d9:
31:e0:91:e6:5b:1d:82:10:8c:87:2f:2f:23:f4:5b:
7e:7b:61:33:67:04:d8:a1:4e:c1:ff:6d:b4:23:c4:
88:45:34:69:9a:7a:44:42:51:00:6b:9a:9b:3e:d3:
21:f9:d8:b0:09:1a:be:f0:d5:6f:8f:2f:41:64:48:
49:23:c6:c4:8f:66:f2:53:dd:85:41:ab:b6:5f:4d:
d5:c4:5a:7c:17:a1:c7:9d:fe:1c:73:52:cc:a0:60:
e4:7c:72:9b:9c:aa:13:cb:47:ec:fc:5d:2f:d6:5a:
98:4a:b7:fb:8d:c7:9e:fd:46:71:4e:e2:5c:e5:75:
a3:56:c6:16:e3:69:55:15:9e:1d:9d:50:d2:2f:e6:
1e:a0:55:27:a3:ef:51:1f:6d:65:ea:51:f9:0e:4a:
f4:6a:f7:b1:10:a8:19:1c:8d:23:94:4e:29:0f:a9:
1e:42:1c:62:98:59:03:52:73:fd:bc:8e:32:b1:94:
33:5e:dd:b9:da:0e:56:53:bc:b8:59:1a:98:b1:73:
39:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4F:A0:93:C2:25:EB:56:9D:78:4F:D9:6D:F8:BB:98:44:3A:9A:E9
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/f0-gk8Il61adeE_Zbfi7mEQ6muk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:160::/48
2a12:bec0:162::/48
2a12:bec0:166::/48
2a12:bec0:168::/48
2a12:bec0:16d::-2a12:bec0:16e:ffff:ffff:ffff:ffff:ffff
2a12:bec0:680::/45
Signature Algorithm: sha256WithRSAEncryption
a0:f3:7f:7f:9f:6c:c9:e5:7b:32:ef:eb:8d:ea:5e:d6:c2:11:
ea:c8:b4:bd:0c:b9:5e:f9:62:17:e4:89:c8:5e:4e:33:c4:98:
6d:26:f5:84:ec:22:05:15:2b:2a:30:25:be:45:2b:fb:fd:9c:
29:c8:49:9d:ef:f9:bd:d2:b3:f5:21:17:eb:e0:71:ac:01:91:
d6:ff:24:2a:87:2c:65:1a:2d:ae:17:f2:0c:f4:ae:93:4e:b5:
8a:f7:b8:6d:de:85:1d:c2:60:94:76:99:1c:e2:ab:f2:77:86:
9f:b8:eb:ef:05:db:9c:57:df:93:05:62:91:49:be:e7:da:ba:
f1:6d:cb:02:10:19:01:12:8b:94:79:c9:c4:89:8f:95:11:a6:
47:74:08:8c:65:cb:1b:8d:9d:40:c0:8a:74:0e:cf:ca:8c:4e:
c4:86:f3:6d:33:b2:5c:ce:dd:da:4d:0d:26:5e:f3:16:c6:be:
1f:4d:b2:f3:a3:7e:de:3e:3c:54:8c:c3:d8:40:2f:aa:12:e2:
7e:a6:0b:9f:14:71:4c:aa:8a:6c:d9:ba:06:ed:0f:f3:78:94:
02:61:5f:c4:17:89:98:70:f6:61:a8:ff:da:b9:18:7d:b2:27:
11:35:02:2f:36:14:a8:e9:3e:ea:46:ef:eb:8d:9d:ca:fc:7a:
54:2a:23:11
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY1F9x6ioJarPha8CYTPtdA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjQwMTI2MTMzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjRmYTA5M2MyMjVlYjU2OWQ3ODRmZDk2ZGY4YmI5ODQ0M2E5YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2mKTYzcD/f6EhfZ1v3AxRdFJWTu
DxOn81mCNvIZ7YruPePhgtaXqoIWX5lILbUhPdR5jV/M1RAu3Nkx4JHmWx2CEIyH
Ly8j9Ft+e2EzZwTYoU7B/220I8SIRTRpmnpEQlEAa5qbPtMh+diwCRq+8NVvjy9B
ZEhJI8bEj2byU92FQau2X03VxFp8F6HHnf4cc1LMoGDkfHKbnKoTy0fs/F0v1lqY
Srf7jcee/UZxTuJc5XWjVsYW42lVFZ4dnVDSL+YeoFUno+9RH21l6lH5Dkr0avex
EKgZHI0jlE4pD6keQhximFkDUnP9vI4ysZQzXt252g5WU7y4WRqYsXM5AQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFH9PoJPCJetWnXhP2W34u5hEOprpMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvZjAtZ2s4SWw2MWFkZUVfWmJmaTdtRVE2bXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAKhK+wAFg
AwcAKhK+wAFiAwcAKhK+wAFmAwcAKhK+wAFoMBIDBwAqEr7AAW0DBwAqEr7AAW4D
BwMqEr7ABoAwDQYJKoZIhvcNAQELBQADggEBAKDzf3+fbMnlezLv643qXtbCEerI
tL0MuV75YhfkicheTjPEmG0m9YTsIgUVKyowJb5FK/v9nCnISZ3v+b3Ss/UhF+vg
cawBkdb/JCqHLGUaLa4X8gz0rpNOtYr3uG3ehR3CYJR2mRziq/J3hp+46+8F25xX
35MFYpFJvufauvFtywIQGQESi5R5ycSJj5URpkd0CIxlyxuNnUDAinQOz8qMTsSG
820zslzO3dpNDSZe8xbGvh9NsvOjft4+PFSMw9hAL6oS4n6mC58UcUyqimzZugbt
D/N4lAJhX8QXiZhw9mGo/9q5GH2yJxE1Ai82FKjpPupG7+uNncr8elQqIxE=
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:47:01 2024 by rpki-client on console-fra.rpki-client.org