Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/pmOW3PmHp0EUfESQsSimGF8fBBI.roa
File: pmOW3PmHp0EUfESQsSimGF8fBBI.roa (raw, json)
Hash identifier: IxdrU7AikLJEZu5GBtrJHW65yIv+WZCR0JCBvaVwvh0=
Subject key identifier: A6:63:96:DC:F9:87:A7:41:14:7C:44:90:B1:28:A6:18:5F:1F:04:12
Certificate issuer: /CN=e1584910124af776e30e5acf055d6bae1761a536
Certificate serial: 018CC5DD43758127758E300465F42329083B
Authority key identifier: E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/pmOW3PmHp0EUfESQsSimGF8fBBI.roa
Signing time: Mon 01 Jan 2024 16:31:01 +0000
ROA not before: Mon 01 Jan 2024 16:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:3c0:3::/48 maxlen: 48
2a13:3c0:6::/48 maxlen: 48
2a13:3c0:11::/48 maxlen: 48
2a13:3c0:1::/48 maxlen: 48
2a13:3c0:9::/48 maxlen: 48
2a13:3c0:7::/48 maxlen: 48
2a13:3c0:2::/48 maxlen: 48
2a13:3c0:5::/48 maxlen: 48
2a13:3c0:8::/48 maxlen: 48
2a13:3c0:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 22:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:43:75:81:27:75:8e:30:04:65:f4:23:29:08:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1584910124af776e30e5acf055d6bae1761a536
Validity
Not Before: Jan 1 16:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a66396dcf987a741147c4490b128a6185f1f0412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1c:a5:77:18:91:6c:50:cf:9d:55:40:d9:fd:
47:63:2c:a0:70:97:6d:f4:09:d4:e9:3c:19:91:7d:
2a:0f:5b:ea:32:b1:7c:10:30:1c:14:3b:92:0c:8f:
51:57:d3:d1:cf:2b:1c:33:b6:f1:74:46:73:81:b0:
bf:6e:2a:37:ce:11:d1:80:30:d3:75:38:b8:de:ef:
70:ae:96:9f:a9:b4:f0:bf:8a:4b:a9:95:aa:d3:dd:
cd:ca:e5:95:b6:42:f4:45:d1:87:4c:8b:8a:24:ac:
b0:c5:f8:4c:78:f8:af:fd:c4:18:f9:7b:41:86:23:
c6:08:fb:d0:b2:96:c5:48:a4:96:8f:4c:0b:96:ef:
38:40:a8:f3:d5:49:6c:83:03:54:c2:47:a6:f5:d2:
9c:8e:2c:ba:f2:e2:43:82:28:92:d1:c5:0b:05:5f:
29:cc:38:f1:7d:9d:cb:c1:d9:51:55:fd:21:2a:df:
5e:70:57:84:25:0d:04:f5:0a:72:d2:5b:89:e8:85:
a3:e7:35:7c:fd:70:b2:1a:9f:c3:f7:1c:85:52:8c:
e0:b0:bf:2e:cf:d9:c2:90:35:23:01:ae:af:02:24:
02:70:1e:a2:60:91:ed:c3:54:68:a0:f7:5b:20:40:
a3:e5:fe:a2:98:63:96:72:35:ae:9f:6f:df:79:18:
a8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:63:96:DC:F9:87:A7:41:14:7C:44:90:B1:28:A6:18:5F:1F:04:12
X509v3 Authority Key Identifier:
keyid:E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/pmOW3PmHp0EUfESQsSimGF8fBBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3c0:1::-2a13:3c0:3:ffff:ffff:ffff:ffff:ffff
2a13:3c0:5::-2a13:3c0:9:ffff:ffff:ffff:ffff:ffff
2a13:3c0:10::/47
Signature Algorithm: sha256WithRSAEncryption
67:95:da:93:3c:5e:a0:18:25:34:bf:e9:1d:0a:58:1b:24:82:
b7:80:54:bb:ca:f6:b7:6e:e6:21:79:26:e1:cf:35:a5:94:fc:
7a:f0:77:b8:62:85:b3:06:aa:c4:a0:09:88:38:4f:bd:38:d4:
a0:85:a5:a6:94:ac:8a:57:ce:34:80:18:87:32:89:74:4c:20:
ed:08:72:91:d5:c5:7a:11:c4:30:64:fa:4e:23:3d:ef:8e:2e:
e7:4a:bb:fb:dd:1d:3b:1e:8e:2a:74:c6:0f:cd:9d:3c:5b:09:
0e:ec:33:40:de:2e:2c:b2:55:5c:83:05:88:59:08:ce:92:f2:
d4:e8:1a:10:da:fe:32:6c:4c:51:b4:d8:a9:cd:af:f8:0c:0a:
7b:48:d2:83:9f:d1:20:81:aa:fb:bf:49:b8:09:3b:83:d6:f0:
c8:f9:f3:a1:83:40:ba:d5:dd:20:36:f6:29:86:62:9b:30:97:
0c:8e:dd:18:14:3f:3e:8c:d0:f6:94:67:bc:26:96:4a:18:b4:
87:d5:06:48:ec:79:ea:1a:d2:98:6f:69:0e:32:cd:29:97:f1:
50:be:09:a0:d6:5f:0d:c6:1c:22:1a:83:e0:fd:e5:2b:6a:17:
a5:28:a0:b4:c2:70:62:2d:68:07:6b:93:ca:6a:63:95:8e:41:
e7:9e:08:12
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzF3UN1gSd1jjAEZfQjKQg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTg0OTEwMTI0YWY3NzZlMzBlNWFjZjA1NWQ2YmFlMTc2
MWE1MzYwHhcNMjQwMTAxMTYzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjYzOTZkY2Y5ODdhNzQxMTQ3YzQ0OTBiMTI4YTYxODVmMWYwNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RyldxiRbFDPnVVA2f1HYyygcJdt
9AnU6TwZkX0qD1vqMrF8EDAcFDuSDI9RV9PRzyscM7bxdEZzgbC/bio3zhHRgDDT
dTi43u9wrpafqbTwv4pLqZWq093NyuWVtkL0RdGHTIuKJKywxfhMePiv/cQY+XtB
hiPGCPvQspbFSKSWj0wLlu84QKjz1UlsgwNUwkem9dKcjiy68uJDgiiS0cULBV8p
zDjxfZ3LwdlRVf0hKt9ecFeEJQ0E9Qpy0luJ6IWj5zV8/XCyGp/D9xyFUozgsL8u
z9nCkDUjAa6vAiQCcB6iYJHtw1RooPdbIECj5f6imGOWcjWun2/feRioFwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKZjltz5h6dBFHxEkLEophhfHwQSMB8GA1UdIwQY
MBaAFOFYSRASSvd24w5azwVda64XYaU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUt
MzFhYjMyZmY3YzY4LzEvcG1PVzNQbUhwMEVVZkVTUXNTaW1HRjhmQkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUtMzFhYjMyZmY3YzY4
LzEvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxMBIDBwAqEwPA
AAEDBwIqEwPAAAAwEgMHACoTA8AABQMHASoTA8AACAMHASoTA8AAEDANBgkqhkiG
9w0BAQsFAAOCAQEAZ5XakzxeoBglNL/pHQpYGySCt4BUu8r2t27mIXkm4c81pZT8
evB3uGKFswaqxKAJiDhPvTjUoIWlppSsilfONIAYhzKJdEwg7QhykdXFehHEMGT6
TiM9744u50q7+90dOx6OKnTGD82dPFsJDuwzQN4uLLJVXIMFiFkIzpLy1OgaENr+
MmxMUbTYqc2v+AwKe0jSg5/RIIGq+79JuAk7g9bwyPnzoYNAutXdIDb2KYZimzCX
DI7dGBQ/PozQ9pRnvCaWShi0h9UGSOx56hrSmG9pDjLNKZfxUL4JoNZfDcYcIhqD
4P3lK2oXpSigtMJwYi1oB2uTympjlY5B554IEg==
-----END CERTIFICATE-----
Generated at Thu May 2 03:02:24 2024 by rpki-client on console-fra.rpki-client.org