Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/bZ-IPMKnqn2JjIKSzaRgBK9Ht5Q.roa
File: bZ-IPMKnqn2JjIKSzaRgBK9Ht5Q.roa (raw, json)
Hash identifier: MmXbKvQVX5/1P3BgGMrIe7BI8lFoHL8uHL7LvAKk74w=
Subject key identifier: 6D:9F:88:3C:C2:A7:AA:7D:89:8C:82:92:CD:A4:60:04:AF:47:B7:94
Certificate issuer: /CN=14bf39139b710c4f7237edfd88518655af39c323
Certificate serial: 018CC3B736BB7D644FE0A4DAEC44EF63D8E5
Authority key identifier: 14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/bZ-IPMKnqn2JjIKSzaRgBK9Ht5Q.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 2a13:3d81::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:36:bb:7d:64:4f:e0:a4:da:ec:44:ef:63:d8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bf39139b710c4f7237edfd88518655af39c323
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d9f883cc2a7aa7d898c8292cda46004af47b794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:3b:94:89:c7:cc:70:6b:c8:e6:ef:0b:f7:
e0:b7:da:09:40:14:d7:d5:02:03:65:9b:17:ff:05:
41:15:60:4c:55:62:41:ef:16:34:f7:7e:5f:0a:2d:
ab:a4:cc:c5:c5:f5:7c:41:fe:63:78:1c:eb:e6:39:
53:17:01:dd:56:e1:a9:ef:0c:fe:0b:b4:5b:07:28:
13:2a:60:42:38:22:35:e2:18:94:b3:92:3e:f5:81:
9d:bf:5b:ec:ab:82:6c:45:66:a7:01:3a:6f:a7:82:
f1:ac:33:27:01:db:66:5b:c4:36:26:a2:19:80:db:
f6:50:6e:ea:f6:00:d9:44:e0:e0:45:45:0b:2f:93:
7a:b4:1b:5d:0a:05:3c:3d:d8:ac:60:84:6d:84:db:
ec:f1:ee:92:91:1e:3a:35:71:16:9a:1c:8f:49:a1:
8d:41:a2:01:33:45:06:17:27:30:f8:55:00:e9:e9:
3e:fa:d0:31:4f:7f:cb:33:04:5c:55:47:e5:14:4b:
14:fd:7c:0c:7e:8c:3b:fb:14:05:b2:1d:8e:6e:53:
7a:f0:7e:7b:c6:24:19:95:35:b9:0e:fb:5b:9b:f1:
17:06:74:e0:95:6c:ee:f1:a7:63:ac:4b:6c:f9:bd:
5c:0d:15:ba:23:d0:01:c7:fd:9c:c2:1c:8a:c6:03:
2e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9F:88:3C:C2:A7:AA:7D:89:8C:82:92:CD:A4:60:04:AF:47:B7:94
X509v3 Authority Key Identifier:
keyid:14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/bZ-IPMKnqn2JjIKSzaRgBK9Ht5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3d81::/48
Signature Algorithm: sha256WithRSAEncryption
4a:7a:71:eb:51:99:6a:98:5f:41:aa:8c:7e:d0:f8:72:ac:f7:
12:af:74:c9:10:59:0a:9c:85:56:7f:ab:7a:96:d9:77:15:73:
fa:82:13:00:78:8e:04:72:62:74:a1:97:e9:f5:49:a2:79:5a:
e9:b0:d9:0d:6f:61:cd:88:d7:bf:0a:aa:b4:07:7e:93:32:f9:
9b:e5:d5:17:ee:3a:b2:5e:c1:41:7f:72:c6:b5:8d:d3:6a:49:
b4:f6:a4:54:89:f4:b8:2a:f0:b5:b6:1d:8a:cb:12:81:d4:4d:
90:68:9e:3f:68:68:68:ad:9f:5b:ca:a8:a1:eb:7c:3a:58:0f:
e9:5c:57:d3:d8:18:c1:7f:99:e5:70:21:25:71:26:0a:19:03:
eb:c7:6a:93:dc:a5:f7:8c:83:79:91:a3:9c:d3:1f:be:e8:8b:
4a:f5:25:b2:4c:9d:79:ab:ae:a1:e4:3d:9e:79:c3:73:99:89:
f5:dd:42:68:e5:65:37:b8:6d:67:9e:ad:b0:1c:66:8a:7b:03:
2d:eb:82:b7:70:26:30:dd:3b:f5:45:65:b3:a8:96:bd:a4:3c:
80:26:df:10:b0:3b:3b:73:56:53:40:81:d4:af:b0:43:8e:94:
c8:76:ef:e4:a8:cf:5d:fa:89:22:bb:5f:59:42:b9:da:39:3b:
c6:7e:4d:50
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDtza7fWRP4KTa7ETvY9jlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmYzOTEzOWI3MTBjNGY3MjM3ZWRmZDg4NTE4NjU1YWYz
OWMzMjMwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDlmODgzY2MyYTdhYTdkODk4YzgyOTJjZGE0NjAwNGFmNDdiNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx87lInHzHBryObvC/fgt9oJQBTX
1QIDZZsX/wVBFWBMVWJB7xY0935fCi2rpMzFxfV8Qf5jeBzr5jlTFwHdVuGp7wz+
C7RbBygTKmBCOCI14hiUs5I+9YGdv1vsq4JsRWanATpvp4LxrDMnAdtmW8Q2JqIZ
gNv2UG7q9gDZRODgRUULL5N6tBtdCgU8PdisYIRthNvs8e6SkR46NXEWmhyPSaGN
QaIBM0UGFycw+FUA6ek++tAxT3/LMwRcVUflFEsU/XwMfow7+xQFsh2OblN68H57
xiQZlTW5Dvtbm/EXBnTglWzu8adjrEts+b1cDRW6I9ABx/2cwhyKxgMupQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG2fiDzCp6p9iYyCks2kYASvR7eUMB8GA1UdIwQY
MBaAFBS/ORObcQxPcjft/YhRhlWvOcMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYt
YTg2MmI4ODU5M2EwLzEvYlotSVBNS25xbjJKaklLU3phUmdCSzlIdDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYtYTg2MmI4ODU5M2Ew
LzEvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhM9gQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBKenHrUZlqmF9Bqox+0PhyrPcSr3TJEFkKnIVW
f6t6ltl3FXP6ghMAeI4EcmJ0oZfp9UmieVrpsNkNb2HNiNe/Cqq0B36TMvmb5dUX
7jqyXsFBf3LGtY3Takm09qRUifS4KvC1th2KyxKB1E2QaJ4/aGhorZ9byqih63w6
WA/pXFfT2BjBf5nlcCElcSYKGQPrx2qT3KX3jIN5kaOc0x++6ItK9SWyTJ15q66h
5D2eecNzmYn13UJo5WU3uG1nnq2wHGaKewMt64K3cCYw3Tv1RWWzqJa9pDyAJt8Q
sDs7c1ZTQIHUr7BDjpTIdu/kqM9d+okiu19ZQrnaOTvGfk1Q
-----END CERTIFICATE-----
Generated at Tue May 7 20:19:19 2024 by rpki-client on console-ams.rpki-client.org