Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/N2rAxaGJXtSz_t2H0mM81e4xFNc.roa
File: N2rAxaGJXtSz_t2H0mM81e4xFNc.roa (raw, json)
Hash identifier: 7a7ytZMlU7gGSHJGLd5UANb4K/WZT/BUAod6OQeElwY=
Subject key identifier: 37:6A:C0:C5:A1:89:5E:D4:B3:FE:DD:87:D2:63:3C:D5:EE:31:14:D7
Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial: 018CC8DE33A10C021F70D5FADA0FC04D4BF6
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/N2rAxaGJXtSz_t2H0mM81e4xFNc.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200207
IP address blocks: 2a12:66c7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.mft
rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 17:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:33:a1:0c:02:1f:70:d5:fa:da:0f:c0:4d:4b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=376ac0c5a1895ed4b3fedd87d2633cd5ee3114d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b2:29:b9:90:11:b5:1d:ad:09:ce:0a:43:cc:
e2:d7:8e:3c:8f:49:14:26:d2:f9:ba:7b:bc:be:02:
78:7a:86:12:96:76:d8:e1:88:7a:f5:5e:c2:36:77:
45:3b:47:42:a3:d0:96:df:2f:4e:a8:22:05:90:dc:
db:20:a2:fe:48:d2:7d:dd:3a:42:56:e1:d1:e5:54:
27:c9:8f:0a:a4:2c:b2:0c:fb:96:a0:89:b3:a7:00:
4a:62:a8:8d:07:91:70:b4:55:60:58:b4:d7:73:c7:
87:c1:e4:51:2e:af:6a:0b:2c:d6:cc:a7:e8:96:72:
e9:5b:ea:2c:a6:c2:69:6d:16:60:d2:26:5a:84:0c:
27:ee:e5:84:9e:80:32:67:8a:20:4f:54:da:26:1b:
a1:4d:33:ae:40:9f:b4:60:86:3d:46:26:6b:ae:6c:
ea:ca:b9:4e:e2:45:8e:3a:50:31:71:dc:de:fa:dc:
eb:1b:f1:4a:af:d4:d5:66:f5:d4:0e:44:4c:64:4e:
6b:33:d4:98:aa:f1:b4:1b:c7:05:aa:8b:b0:d8:05:
0e:fe:00:d1:cc:96:48:b1:e1:cb:66:f4:51:51:6d:
e3:9e:33:4f:e1:24:f5:db:42:85:19:ca:a3:ce:ce:
bf:77:1d:36:a0:70:19:41:fa:43:ea:40:3c:ea:71:
9d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6A:C0:C5:A1:89:5E:D4:B3:FE:DD:87:D2:63:3C:D5:EE:31:14:D7
X509v3 Authority Key Identifier:
keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/N2rAxaGJXtSz_t2H0mM81e4xFNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:66c7::/48
Signature Algorithm: sha256WithRSAEncryption
8b:fd:17:02:2a:97:29:04:62:88:74:8c:ac:fb:bd:31:30:db:
86:ad:72:6a:06:10:f4:a8:46:8b:8f:db:78:45:3c:a4:a0:6f:
e2:bf:ca:d9:ed:c0:95:92:fd:20:41:57:22:2c:64:e9:33:2b:
4b:f5:fb:65:d6:59:09:f3:79:7b:63:84:cf:ac:4a:ba:f5:59:
01:70:dc:8f:ba:d7:68:b9:1f:45:a8:d2:f7:85:80:8e:6f:be:
34:a2:42:e3:23:50:95:5a:c4:79:ac:f3:3e:9d:d4:0c:a5:33:
44:08:da:e8:5a:50:7d:66:97:46:17:15:39:27:3e:27:6a:e4:
8f:23:30:df:c4:15:23:84:8a:8e:23:70:4f:ff:08:85:61:bc:
d3:5a:af:3e:38:f1:0d:4e:b0:35:79:8d:99:30:e9:23:66:3d:
b0:92:03:15:3c:fb:fc:a9:27:03:f5:97:fa:9a:9a:ae:b7:20:
f4:46:36:87:8c:c4:1b:8e:d2:ed:ce:a5:81:e7:d4:8e:9b:e8:
91:47:34:f8:a9:72:b7:99:8f:78:e7:74:c3:7b:49:55:a0:3d:
2c:be:6f:e2:2f:3e:14:2f:4c:34:d7:5d:96:84:d9:83:e3:f3:
6e:11:61:9e:e1:9c:b0:85:b9:06:de:e1:fe:cb:d4:3f:79:36:
eb:dc:06:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzI3jOhDAIfcNX62g/ATUv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzZhYzBjNWExODk1ZWQ0YjNmZWRkODdkMjYzM2NkNWVlMzExNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7IpuZARtR2tCc4KQ8zi1448j0kU
JtL5unu8vgJ4eoYSlnbY4Yh69V7CNndFO0dCo9CW3y9OqCIFkNzbIKL+SNJ93TpC
VuHR5VQnyY8KpCyyDPuWoImzpwBKYqiNB5FwtFVgWLTXc8eHweRRLq9qCyzWzKfo
lnLpW+ospsJpbRZg0iZahAwn7uWEnoAyZ4ogT1TaJhuhTTOuQJ+0YIY9RiZrrmzq
yrlO4kWOOlAxcdze+tzrG/FKr9TVZvXUDkRMZE5rM9SYqvG0G8cFqouw2AUO/gDR
zJZIseHLZvRRUW3jnjNP4ST120KFGcqjzs6/dx02oHAZQfpD6kA86nGdIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDdqwMWhiV7Us/7dh9JjPNXuMRTXMB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEvTjJyQXhhR0pYdFN6X3QySDBtTTgxZTR4Rk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhJmxwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCL/RcCKpcpBGKIdIys+70xMNuGrXJqBhD0qEaL
j9t4RTykoG/iv8rZ7cCVkv0gQVciLGTpMytL9ftl1lkJ83l7Y4TPrEq69VkBcNyP
utdouR9FqNL3hYCOb740okLjI1CVWsR5rPM+ndQMpTNECNroWlB9ZpdGFxU5Jz4n
auSPIzDfxBUjhIqOI3BP/wiFYbzTWq8+OPENTrA1eY2ZMOkjZj2wkgMVPPv8qScD
9Zf6mpqutyD0RjaHjMQbjtLtzqWB59SOm+iRRzT4qXK3mY9453TDe0lVoD0svm/i
Lz4UL0w0112WhNmD4/NuEWGe4ZywhbkG3uH+y9Q/eTbr3AYh
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:27:02 2024 by rpki-client on console-ams.rpki-client.org