Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/hPxlLLfCN7kTHwFbX64bbTQ0eFA.roa
File: hPxlLLfCN7kTHwFbX64bbTQ0eFA.roa (raw, json)
Hash identifier: B2w1lj9kQUIjl+/dFg7yrcdECTFRTcbjHzK1R0GUv3g=
Subject key identifier: 84:FC:65:2C:B7:C2:37:B9:13:1F:01:5B:5F:AE:1B:6D:34:34:78:50
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 01919B7D8EF6284A2E597732DCAFD960CA96
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/hPxlLLfCN7kTHwFbX64bbTQ0eFA.roa
Signing time: Thu 29 Aug 2024 00:16:22 +0000
ROA not before: Thu 29 Aug 2024 00:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50225
IP address blocks: 2a12:2500::/32 maxlen: 32
2a12:2501::/32 maxlen: 32
2a12:2502::/32 maxlen: 32
2a12:2503::/32 maxlen: 32
2a12:2504::/32 maxlen: 32
2a12:2505::/32 maxlen: 32
2a12:2506::/32 maxlen: 32
2a12:2507::/32 maxlen: 32
2a12:2700::/32 maxlen: 32
2a12:2701::/32 maxlen: 32
2a12:2702::/32 maxlen: 32
2a12:2703::/32 maxlen: 32
2a12:2704::/32 maxlen: 32
2a12:2705::/32 maxlen: 32
2a12:2706::/32 maxlen: 32
2a12:2707::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9b:7d:8e:f6:28:4a:2e:59:77:32:dc:af:d9:60:ca:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Aug 29 00:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84fc652cb7c237b9131f015b5fae1b6d34347850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:5c:4f:86:39:77:2d:d2:62:8c:93:f7:49:
b5:d4:c9:a5:59:b7:8e:25:18:25:60:bf:d0:5d:23:
01:85:43:0d:6e:7d:df:62:4e:60:19:4b:74:9d:79:
aa:bc:3b:fb:4d:e6:f8:16:ac:6c:7e:11:e8:7a:10:
1d:90:64:6f:87:39:75:78:1c:b3:05:83:e6:e8:e2:
05:42:1f:60:c9:e3:e0:20:46:db:84:2d:8a:dc:8f:
2f:fc:d6:9c:72:c6:aa:e9:03:c7:1a:91:05:b2:a4:
2f:e9:f6:d2:8e:89:5c:3e:85:4c:e7:43:02:7c:50:
8c:88:be:66:0b:f8:9f:45:e6:ef:a6:c6:e5:9a:18:
bf:7a:20:86:f0:99:a2:8f:76:8b:d8:30:e7:cc:c9:
9f:b0:2c:67:e5:f5:17:91:bb:e8:37:d3:c1:91:32:
70:e7:eb:20:9f:74:22:16:7f:7a:a5:5c:64:b2:0a:
1e:a5:8a:94:85:6c:9e:50:9c:48:7b:ef:2b:fd:66:
46:77:be:af:0e:1b:aa:f6:c0:58:e9:65:0e:a6:ff:
92:37:6e:f8:f0:02:06:4f:14:96:d1:7c:13:7d:3b:
78:91:49:c1:f3:b5:a2:b2:1d:e0:60:04:70:23:27:
ed:25:c9:ab:90:b4:ed:37:95:4c:f2:e8:c8:71:ee:
ed:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FC:65:2C:B7:C2:37:B9:13:1F:01:5B:5F:AE:1B:6D:34:34:78:50
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/hPxlLLfCN7kTHwFbX64bbTQ0eFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:2500::/29
2a12:2700::/29
Signature Algorithm: sha256WithRSAEncryption
68:8c:72:f3:14:6c:85:0a:cd:af:65:06:46:c9:fa:ce:be:5a:
46:6e:03:c4:31:93:3c:9e:7c:d6:bd:e9:89:41:c7:7e:90:f8:
64:88:d4:d2:9c:91:01:2e:bd:71:98:60:05:1c:e6:cf:d8:94:
32:dd:1b:e8:85:68:00:83:84:cd:4b:37:34:ce:d9:d8:58:5a:
a3:ca:49:5a:6a:a6:a3:cc:6f:9d:d7:8f:c8:29:be:85:3c:a9:
18:07:40:a9:ed:7e:77:c5:1b:5c:68:77:f9:0c:32:02:cc:24:
9f:54:c9:28:31:75:67:c2:1e:be:a8:4c:37:3f:57:a1:b9:9b:
1f:9c:77:13:58:e2:2b:9f:81:a0:d2:c4:ae:78:96:bb:ef:22:
8d:cc:f3:e9:48:fe:6b:db:2e:4d:22:7d:61:b3:88:07:c8:8a:
a7:1d:7b:90:4b:74:09:16:60:51:b4:44:7c:a0:31:83:6c:f6:
02:c9:f7:00:15:e5:4d:f6:06:cc:af:b5:f9:c3:0e:ab:7a:03:
02:f9:87:0f:9b:5e:9e:89:30:a2:08:96:69:fe:34:51:9a:cf:
fc:e3:dc:1d:48:a1:98:66:3e:a5:3c:c0:f2:61:cf:81:e8:8c:
73:e4:7f:e9:b2:85:f9:fb:cd:f9:78:5d:ce:50:f2:df:af:ea:
9f:07:e1:d9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGbfY72KEouWXcy3K/ZYMqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjQwODI5MDAxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGZjNjUyY2I3YzIzN2I5MTMxZjAxNWI1ZmFlMWI2ZDM0MzQ3ODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjlcT4Y5dy3SYoyT90m11MmlWbeO
JRglYL/QXSMBhUMNbn3fYk5gGUt0nXmqvDv7Teb4FqxsfhHoehAdkGRvhzl1eByz
BYPm6OIFQh9gyePgIEbbhC2K3I8v/Naccsaq6QPHGpEFsqQv6fbSjolcPoVM50MC
fFCMiL5mC/ifRebvpsblmhi/eiCG8Jmij3aL2DDnzMmfsCxn5fUXkbvoN9PBkTJw
5+sgn3QiFn96pVxksgoepYqUhWyeUJxIe+8r/WZGd76vDhuq9sBY6WUOpv+SN274
8AIGTxSW0XwTfTt4kUnB87Wish3gYARwIyftJcmrkLTtN5VM8ujIce7t5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIT8ZSy3wje5Ex8BW1+uG200NHhQMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvaFB4bExMZkNON2tUSHdGYlg2NGJiVFEwZUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhIlAAMF
AyoSJwAwDQYJKoZIhvcNAQELBQADggEBAGiMcvMUbIUKza9lBkbJ+s6+WkZuA8Qx
kzyefNa96YlBx36Q+GSI1NKckQEuvXGYYAUc5s/YlDLdG+iFaACDhM1LNzTO2dhY
WqPKSVpqpqPMb53Xj8gpvoU8qRgHQKntfnfFG1xod/kMMgLMJJ9UySgxdWfCHr6o
TDc/V6G5mx+cdxNY4iufgaDSxK54lrvvIo3M8+lI/mvbLk0ifWGziAfIiqcde5BL
dAkWYFG0RHygMYNs9gLJ9wAV5U32BsyvtfnDDqt6AwL5hw+bXp6JMKIIlmn+NFGa
z/zj3B1IoZhmPqU8wPJhz4HojHPkf+myhfn7zfl4Xc5Q8t+v6p8H4dk=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:42:27 2024 by rpki-client on console-ams.rpki-client.org