Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/P66mpHo1-dmOLpuTK0e5B7uhOPs.roa
File: P66mpHo1-dmOLpuTK0e5B7uhOPs.roa (raw, json)
Hash identifier: a6iXRJHum+QdRJIxDkGuecL6Yk3tb3/R+aY/LBXo5xY=
Subject key identifier: 3F:AE:A6:A4:7A:35:F9:D9:8E:2E:9B:93:2B:47:B9:07:BB:A1:38:FB
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 018CC492E4286DF9C3CC9AB8FB7BB25A1BCD
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/P66mpHo1-dmOLpuTK0e5B7uhOPs.roa
Signing time: Mon 01 Jan 2024 10:30:10 +0000
ROA not before: Mon 01 Jan 2024 10:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12929
IP address blocks: 2001:2020::/31 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e4:28:6d:f9:c3:cc:9a:b8:fb:7b:b2:5a:1b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 10:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3faea6a47a35f9d98e2e9b932b47b907bba138fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f7:61:b0:8f:b6:7c:36:43:8c:9b:5e:04:d9:
a1:ca:be:80:f9:3b:8d:44:1c:2b:6e:f3:26:29:72:
f6:2b:cd:d8:64:96:6b:04:b0:e0:2e:d4:c2:22:4a:
05:df:da:3a:80:2f:f7:c2:4a:17:68:f6:60:01:a1:
2b:16:99:bf:24:eb:21:d2:30:11:be:2e:ec:35:3f:
53:72:75:e4:7f:96:72:7e:43:a0:25:8f:a6:95:1f:
a5:a8:79:47:ed:e0:06:b6:36:28:eb:a8:10:e1:b5:
cf:f2:82:6f:cc:8e:39:b4:65:11:ee:ed:17:5e:ab:
58:5a:34:e0:35:99:43:f0:ec:39:29:ed:26:83:9b:
cd:b8:5e:f0:21:1c:8a:c3:28:a3:b7:52:be:3d:76:
fa:4d:6a:45:aa:ff:64:5c:34:74:35:c2:69:4b:f7:
fe:d2:24:de:78:81:ac:fa:bd:45:0c:ce:53:c5:df:
d8:d8:8f:22:87:9f:23:1c:40:b1:0a:6c:88:e0:10:
1b:e1:df:ce:d1:36:11:3d:7f:5c:c7:2c:ad:3e:65:
2a:52:03:13:30:68:79:70:3f:d5:eb:09:ed:ac:6f:
b5:a2:e6:96:74:05:7e:79:df:c3:22:bb:b6:a0:ff:
59:e6:4a:d7:1e:6c:35:57:4e:24:da:d8:58:5d:90:
d7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AE:A6:A4:7A:35:F9:D9:8E:2E:9B:93:2B:47:B9:07:BB:A1:38:FB
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/P66mpHo1-dmOLpuTK0e5B7uhOPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2020::/31
Signature Algorithm: sha256WithRSAEncryption
66:12:02:32:aa:5d:20:ec:a5:40:07:80:5b:08:1c:21:da:86:
01:3b:96:16:e3:c5:cb:c9:07:4d:9d:06:6f:b5:65:33:33:5f:
02:f3:c5:f0:a6:12:c0:34:4a:c1:99:4a:b2:c0:5f:69:e5:71:
eb:96:0b:f0:01:b0:f2:a9:28:25:8f:7a:0a:e6:5b:ca:eb:64:
35:f4:9a:1b:5a:c4:31:1b:09:6f:71:0f:88:1f:67:0b:23:65:
b5:b5:ae:36:43:26:75:ab:d6:1c:65:77:ef:a7:48:23:78:e8:
3c:67:57:f1:7d:b0:2c:32:3f:ee:68:b4:40:54:32:ee:bb:93:
d9:f1:4f:3e:27:ed:60:7c:54:9b:20:7e:d5:e0:36:1a:28:d0:
a5:9d:00:49:74:bf:01:65:07:9e:ea:c6:08:e3:8b:91:04:24:
50:d2:a2:bd:ac:a5:58:70:4d:93:fd:8e:12:17:e5:ac:94:8e:
93:68:b6:d2:64:70:bc:47:ba:c8:d5:4a:4b:18:e9:40:53:82:
88:bc:ea:31:20:42:f8:5d:a3:3f:14:9a:a6:5b:33:24:7d:f0:
1e:d0:2c:71:59:8f:0b:48:0d:7b:b1:6e:e6:f1:f4:78:35:2a:
79:43:8d:ca:76:00:6d:e1:46:95:33:5e:c3:f1:32:08:9d:4b:
cc:b7:a3:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEkuQobfnDzJq4+3uyWhvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjQwMTAxMTAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmFlYTZhNDdhMzVmOWQ5OGUyZTliOTMyYjQ3YjkwN2JiYTEzOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/dhsI+2fDZDjJteBNmhyr6A+TuN
RBwrbvMmKXL2K83YZJZrBLDgLtTCIkoF39o6gC/3wkoXaPZgAaErFpm/JOsh0jAR
vi7sNT9TcnXkf5ZyfkOgJY+mlR+lqHlH7eAGtjYo66gQ4bXP8oJvzI45tGUR7u0X
XqtYWjTgNZlD8Ow5Ke0mg5vNuF7wIRyKwyijt1K+PXb6TWpFqv9kXDR0NcJpS/f+
0iTeeIGs+r1FDM5Txd/Y2I8ih58jHECxCmyI4BAb4d/O0TYRPX9cxyytPmUqUgMT
MGh5cD/V6wntrG+1ouaWdAV+ed/DIru2oP9Z5krXHmw1V04k2thYXZDXbwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD+upqR6NfnZji6bkytHuQe7oTj7MB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvUDY2bXBIbzEtZG1PTHB1VEswZTVCN3VoT1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBIAEgIDAN
BgkqhkiG9w0BAQsFAAOCAQEAZhICMqpdIOylQAeAWwgcIdqGATuWFuPFy8kHTZ0G
b7VlMzNfAvPF8KYSwDRKwZlKssBfaeVx65YL8AGw8qkoJY96CuZbyutkNfSaG1rE
MRsJb3EPiB9nCyNltbWuNkMmdavWHGV376dII3joPGdX8X2wLDI/7mi0QFQy7ruT
2fFPPiftYHxUmyB+1eA2GijQpZ0ASXS/AWUHnurGCOOLkQQkUNKivaylWHBNk/2O
EhflrJSOk2i20mRwvEe6yNVKSxjpQFOCiLzqMSBC+F2jPxSaplszJH3wHtAscVmP
C0gNe7Fu5vH0eDUqeUONynYAbeFGlTNew/EyCJ1LzLej8g==
-----END CERTIFICATE-----
Generated at Mon May 20 05:21:06 2024 by rpki-client on console-fra.rpki-client.org