Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NB2_3Snjl8atmCM4hnYe-h_NS3o.roa
File: NB2_3Snjl8atmCM4hnYe-h_NS3o.roa (raw, json)
Hash identifier: WzT4XUgbAw7CL5tNP2XtlIB+1tqx3h8VlUVCNNXsbOM=
Subject key identifier: 34:1D:BF:DD:29:E3:97:C6:AD:98:23:38:86:76:1E:FA:1F:CD:4B:7A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192BA77F74B32ED28AE1A820D2B153D5545
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NB2_3Snjl8atmCM4hnYe-h_NS3o.roa
Signing time: Wed 23 Oct 2024 17:41:17 +0000
ROA not before: Wed 23 Oct 2024 17:41:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152631
IP address blocks: 2a0f:3f80::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a0f:b400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:40:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ba:77:f7:4b:32:ed:28:ae:1a:82:0d:2b:15:3d:55:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 23 17:41:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=341dbfdd29e397c6ad98233886761efa1fcd4b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:98:c0:be:4f:70:0b:c1:47:f8:22:1b:84:
ca:c2:4b:55:35:39:ac:22:63:40:ca:49:91:17:e9:
a2:c7:cb:a2:88:c8:11:53:9b:c4:e8:72:81:c2:a8:
20:c7:48:bb:09:77:d1:0a:0d:f5:a5:aa:b8:21:03:
69:d0:3b:87:60:90:76:04:ce:75:5c:be:3c:ff:d3:
a9:5f:14:65:a9:4e:44:21:fe:af:b9:3c:bd:a0:5c:
2b:42:b7:48:99:b5:cc:e2:ee:09:a0:3b:05:14:83:
ad:4f:75:a7:52:e5:e2:63:2a:ee:47:40:15:77:61:
f0:6e:48:31:f2:bf:95:94:f6:21:28:d1:df:9c:59:
1e:fc:ed:30:e5:e5:55:7c:12:64:23:ea:a7:eb:71:
dc:63:92:03:04:b9:cc:79:22:1d:86:59:2d:8b:22:
09:1c:07:62:e3:35:06:43:15:5a:43:04:60:87:10:
5d:fc:f5:39:00:74:d1:ec:a4:25:91:06:67:b6:39:
64:b0:9b:aa:93:1a:c1:23:24:f8:fd:c1:67:d0:19:
51:fa:5e:e1:95:c4:df:29:b7:f5:de:48:f5:1d:62:
f2:a5:e3:63:14:1e:d8:80:de:65:92:64:8a:5b:55:
6b:47:8d:b7:79:1a:1a:46:fa:bc:5d:1c:a8:3a:55:
2b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:1D:BF:DD:29:E3:97:C6:AD:98:23:38:86:76:1E:FA:1F:CD:4B:7A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/NB2_3Snjl8atmCM4hnYe-h_NS3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3f80::/29
2a0f:8100::/29
2a0f:9e00::/29
2a0f:b400::/29
Signature Algorithm: sha256WithRSAEncryption
12:eb:da:66:1c:e7:60:a8:75:a5:dc:cf:57:26:da:85:29:7d:
2d:b3:9d:1e:51:48:45:91:bc:51:0e:37:f0:1a:1d:8d:b5:42:
e6:84:ac:4a:ff:85:86:7b:b0:5b:3f:57:5c:b3:e3:24:77:6e:
d2:47:a5:d9:06:e9:d7:cc:2c:bb:9b:0b:ee:c0:3c:6a:22:15:
ec:4e:64:35:53:55:89:7b:24:09:ca:ad:33:85:4e:b2:79:48:
86:c4:9c:3d:74:92:ce:62:12:72:95:1f:c2:53:da:65:9f:e8:
e6:2b:b0:94:e1:f5:c7:4f:7c:cf:e1:17:d3:15:cc:9f:1b:79:
2e:01:51:1a:c8:dd:1f:13:aa:e3:86:77:15:89:36:ad:13:82:
85:72:73:96:90:e7:cf:bc:3d:6d:a0:4c:c3:40:e5:b3:d0:09:
78:43:7a:0f:82:1a:01:db:c6:30:01:0f:fc:bc:10:fd:9d:77:
18:3e:2c:97:90:66:a7:60:d5:01:88:de:8d:ad:9e:a6:21:de:
60:45:48:bb:c0:6f:36:f8:55:7c:38:55:7e:2f:97:8f:cb:75:
77:87:9b:f0:4f:c0:4b:d4:70:34:21:9c:9f:9c:8e:c1:1f:d0:
a6:2a:a1:53:6f:75:32:f2:61:0b:41:c7:81:2c:69:6f:4f:b0:
d8:c5:7d:11
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZK6d/dLMu0orhqCDSsVPVVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDIzMTc0MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDFkYmZkZDI5ZTM5N2M2YWQ5ODIzMzg4Njc2MWVmYTFmY2Q0YjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuyYwL5PcAvBR/giG4TKwktVNTms
ImNAykmRF+mix8uiiMgRU5vE6HKBwqggx0i7CXfRCg31paq4IQNp0DuHYJB2BM51
XL48/9OpXxRlqU5EIf6vuTy9oFwrQrdImbXM4u4JoDsFFIOtT3WnUuXiYyruR0AV
d2Hwbkgx8r+VlPYhKNHfnFke/O0w5eVVfBJkI+qn63HcY5IDBLnMeSIdhlktiyIJ
HAdi4zUGQxVaQwRghxBd/PU5AHTR7KQlkQZntjlksJuqkxrBIyT4/cFn0BlR+l7h
lcTfKbf13kj1HWLypeNjFB7YgN5lkmSKW1VrR423eRoaRvq8XRyoOlUrSwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDQdv90p45fGrZgjOIZ2HvofzUt6MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTkIyXzNTbmpsOGF0bUNNNGhuWWUtaF9OUzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg8/gAMF
AyoPgQADBQMqD54AAwUDKg+0ADANBgkqhkiG9w0BAQsFAAOCAQEAEuvaZhznYKh1
pdzPVybahSl9LbOdHlFIRZG8UQ438BodjbVC5oSsSv+FhnuwWz9XXLPjJHdu0kel
2Qbp18wsu5sL7sA8aiIV7E5kNVNViXskCcqtM4VOsnlIhsScPXSSzmIScpUfwlPa
ZZ/o5iuwlOH1x098z+EX0xXMnxt5LgFRGsjdHxOq44Z3FYk2rROChXJzlpDnz7w9
baBMw0Dls9AJeEN6D4IaAdvGMAEP/LwQ/Z13GD4sl5Bmp2DVAYjeja2epiHeYEVI
u8BvNvhVfDhVfi+Xj8t1d4eb8E/AS9RwNCGcn5yOwR/QpiqhU291MvJhC0HHgSxp
b0+w2MV9EQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:28 2024 by rpki-client on console-ams.rpki-client.org