Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/NngQvGPeQ2fWq_65B4ASfz-CuYk.roa
File: NngQvGPeQ2fWq_65B4ASfz-CuYk.roa (raw, json)
Hash identifier: PHwuvmEWVmiKlc0Qbl/6Z4hKBHeQWEm6JMvVhXdRGq4=
Subject key identifier: 36:78:10:BC:63:DE:43:67:D6:AB:FE:B9:07:80:12:7F:3F:82:B9:89
Certificate issuer: /CN=b61046dcb185b0bfd9976628d69a189d3c3987d8
Certificate serial: 018CC64A68A8A429CCF85D6F373C231796FB
Authority key identifier: B6:10:46:DC:B1:85:B0:BF:D9:97:66:28:D6:9A:18:9D:3C:39:87:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/thBG3LGFsL_Zl2Yo1poYnTw5h9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/NngQvGPeQ2fWq_65B4ASfz-CuYk.roa
Signing time: Mon 01 Jan 2024 18:30:14 +0000
ROA not before: Mon 01 Jan 2024 18:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44947
IP address blocks: 2a13:3cc0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/thBG3LGFsL_Zl2Yo1poYnTw5h9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/thBG3LGFsL_Zl2Yo1poYnTw5h9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/thBG3LGFsL_Zl2Yo1poYnTw5h9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:68:a8:a4:29:cc:f8:5d:6f:37:3c:23:17:96:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b61046dcb185b0bfd9976628d69a189d3c3987d8
Validity
Not Before: Jan 1 18:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=367810bc63de4367d6abfeb90780127f3f82b989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:67:4b:85:64:6d:ae:fe:8b:91:1b:91:0f:cb:
38:1e:7b:9f:f9:9b:c4:c2:cb:fd:04:d2:9b:63:14:
2f:a7:d6:59:25:f9:64:67:24:90:42:a9:47:77:9e:
86:bb:3f:2f:1e:4b:28:39:1d:30:e5:2e:64:e2:29:
36:86:b0:bc:11:e0:0f:74:02:c5:76:e4:a7:7f:a6:
3b:df:80:48:ad:28:ae:48:49:42:99:56:db:b7:f4:
67:50:90:8d:75:dd:17:0f:b5:c3:53:f1:a2:b7:e4:
3e:03:57:3f:0f:05:d7:27:39:c2:4b:05:59:19:bc:
f7:e1:c1:95:7a:7f:79:f2:cc:37:2c:2b:5f:2a:55:
d4:15:b4:20:82:b2:1e:54:dc:0b:67:de:11:a6:06:
b4:f8:2b:68:a8:d6:be:69:68:eb:3d:46:fe:55:dc:
dc:3c:60:d4:39:4d:e0:c4:7c:16:2c:e3:58:8e:a5:
5c:a1:3d:9b:b2:77:b0:f7:a5:7d:84:ff:e9:3b:1d:
93:82:a4:39:0e:df:d9:be:97:5b:1a:18:f8:20:ab:
02:76:f2:9d:56:6b:c4:8c:20:67:db:82:ff:da:8e:
c4:0a:f6:d9:d8:21:2a:9b:9f:e6:f7:5e:08:2c:ec:
84:60:0f:c3:9d:c4:a3:cb:3e:06:e2:09:38:59:38:
52:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:78:10:BC:63:DE:43:67:D6:AB:FE:B9:07:80:12:7F:3F:82:B9:89
X509v3 Authority Key Identifier:
keyid:B6:10:46:DC:B1:85:B0:BF:D9:97:66:28:D6:9A:18:9D:3C:39:87:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/thBG3LGFsL_Zl2Yo1poYnTw5h9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/NngQvGPeQ2fWq_65B4ASfz-CuYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/thBG3LGFsL_Zl2Yo1poYnTw5h9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3cc0::/30
Signature Algorithm: sha256WithRSAEncryption
46:2b:dc:34:78:3c:30:80:c0:f8:b0:a4:35:e6:a7:ba:c6:49:
55:b1:5d:1c:95:9a:0d:4e:1e:17:8f:40:e3:c2:c7:73:b6:d7:
32:81:46:82:ea:78:56:8b:72:f7:58:d6:e3:06:52:7c:b7:51:
0e:67:26:cd:c8:f4:be:0f:9d:1e:4b:77:e3:66:34:4f:3e:26:
1b:69:03:5f:07:2c:e8:ae:22:19:c5:b5:81:d7:a9:23:67:6e:
29:db:62:b7:0b:21:50:13:3f:87:00:32:62:ae:e4:42:28:92:
d4:55:40:f2:74:c7:73:39:60:73:d4:3c:95:3d:fe:00:2b:c3:
24:f7:ca:a9:06:dc:64:69:55:d1:66:d1:20:9f:db:29:4a:ed:
0f:38:34:fd:15:fa:98:03:8e:9c:69:0c:6a:61:64:44:e8:5a:
b3:c6:53:48:f8:dd:9e:20:09:c2:1c:60:59:70:0b:a9:5a:14:
97:79:89:de:c0:50:53:76:39:ef:0e:e1:40:fd:17:71:6b:22:
21:ee:1a:e9:d6:9a:d1:62:aa:e2:96:b3:f8:b5:e2:ef:ab:05:
72:e7:6b:76:41:2b:07:78:29:c6:d5:01:6b:12:ee:52:6e:31:
c2:7f:4d:74:a2:33:ca:85:e0:ce:9d:cd:f0:d5:e4:00:ad:d0:
76:15:29:7e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSmiopCnM+F1vNzwjF5b7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MTA0NmRjYjE4NWIwYmZkOTk3NjYyOGQ2OWExODlkM2Mz
OTg3ZDgwHhcNMjQwMTAxMTgzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc4MTBiYzYzZGU0MzY3ZDZhYmZlYjkwNzgwMTI3ZjNmODJiOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGdLhWRtrv6LkRuRD8s4Hnuf+ZvE
wsv9BNKbYxQvp9ZZJflkZySQQqlHd56Guz8vHksoOR0w5S5k4ik2hrC8EeAPdALF
duSnf6Y734BIrSiuSElCmVbbt/RnUJCNdd0XD7XDU/Git+Q+A1c/DwXXJznCSwVZ
Gbz34cGVen958sw3LCtfKlXUFbQggrIeVNwLZ94Rpga0+CtoqNa+aWjrPUb+Vdzc
PGDUOU3gxHwWLONYjqVcoT2bsnew96V9hP/pOx2TgqQ5Dt/ZvpdbGhj4IKsCdvKd
VmvEjCBn24L/2o7ECvbZ2CEqm5/m914ILOyEYA/DncSjyz4G4gk4WThSBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDZ4ELxj3kNn1qv+uQeAEn8/grmJMB8GA1UdIwQY
MBaAFLYQRtyxhbC/2ZdmKNaaGJ08OYfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGhCRzNMR0ZzTF9abDJZbzFwb1luVHc1aDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83MDc1N2ItYzc1OC00MjkyLThiNWMt
Y2YxZjJmYThlNWYyLzEvTm5nUXZHUGVRMmZXcV82NUI0QVNmei1DdVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83MDc1N2ItYzc1OC00MjkyLThiNWMtY2YxZjJmYThlNWYy
LzEvdGhCRzNMR0ZzTF9abDJZbzFwb1luVHc1aDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhM8wDAN
BgkqhkiG9w0BAQsFAAOCAQEARivcNHg8MIDA+LCkNeanusZJVbFdHJWaDU4eF49A
48LHc7bXMoFGgup4Voty91jW4wZSfLdRDmcmzcj0vg+dHkt342Y0Tz4mG2kDXwcs
6K4iGcW1gdepI2duKdtitwshUBM/hwAyYq7kQiiS1FVA8nTHczlgc9Q8lT3+ACvD
JPfKqQbcZGlV0WbRIJ/bKUrtDzg0/RX6mAOOnGkMamFkROhas8ZTSPjdniAJwhxg
WXALqVoUl3mJ3sBQU3Y57w7hQP0XcWsiIe4a6daa0WKq4paz+LXi76sFcudrdkEr
B3gpxtUBaxLuUm4xwn9NdKIzyoXgzp3N8NXkAK3QdhUpfg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:57:06 2024 by rpki-client on console-ams.rpki-client.org