Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/tym2DkYzuCYNpAl7mBWafB4t6BI.roa
File: tym2DkYzuCYNpAl7mBWafB4t6BI.roa (raw, json)
Hash identifier: h2zqs4nM2STj9S0wPlKIObolQv/WNf3hG3HA1hJbVA0=
Subject key identifier: B7:29:B6:0E:46:33:B8:26:0D:A4:09:7B:98:15:9A:7C:1E:2D:E8:12
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB686719A141370721600392CCC950
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/tym2DkYzuCYNpAl7mBWafB4t6BI.roa
Signing time: Mon 01 Jan 2024 02:30:08 +0000
ROA not before: Mon 01 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204490
IP address blocks: 2a12:a340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:68:67:19:a1:41:37:07:21:60:03:92:cc:c9:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b729b60e4633b8260da4097b98159a7c1e2de812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:df:ce:17:2d:dc:0d:f8:6f:75:5c:c0:05:46:
dc:87:eb:61:7a:1e:67:06:20:93:01:87:04:92:b3:
a4:1d:94:3a:e1:08:6c:cc:fc:9c:94:0d:3e:53:16:
df:bb:b8:b6:23:69:f8:9c:81:76:7d:1e:e2:0f:73:
ad:bf:64:6c:3a:8d:1f:21:c8:6b:e2:e3:26:a5:64:
48:c8:99:ff:b9:bd:52:2a:6e:d6:3e:07:cf:98:26:
1d:71:cb:0d:53:fe:63:0a:da:a6:e0:a8:42:f5:61:
b4:bd:9e:6f:61:57:4c:7d:14:07:68:7e:9e:b3:99:
69:a7:4f:3f:c6:3a:ef:33:da:56:b7:79:d5:4c:b1:
0a:b1:f2:e8:74:a9:fc:e7:bf:a1:fd:14:76:a5:20:
4f:22:f4:cd:0b:85:be:6e:0c:4b:9a:5f:02:39:bc:
a3:94:eb:fb:6e:b8:06:12:ef:bd:bf:9e:15:b4:02:
6b:48:58:32:27:05:66:bd:8a:f9:bd:97:87:45:c9:
ef:a3:98:db:16:fb:ac:44:a0:8a:9b:07:e7:80:c9:
ad:38:80:e4:24:76:1e:81:e0:17:54:f4:64:0a:d2:
8b:d5:d0:f1:79:fc:ff:24:28:a6:90:74:ef:e6:fb:
ad:f3:f0:c4:c0:fd:cb:51:b1:23:d4:8b:6b:f0:ec:
dc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:29:B6:0E:46:33:B8:26:0D:A4:09:7B:98:15:9A:7C:1E:2D:E8:12
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/tym2DkYzuCYNpAl7mBWafB4t6BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a340::/32
Signature Algorithm: sha256WithRSAEncryption
31:cf:e9:55:08:91:74:f9:4e:55:b3:0f:4e:59:06:82:5d:09:
38:f7:86:8e:b1:4e:98:5a:88:a7:f9:8e:27:05:34:c9:aa:71:
3e:37:e2:53:32:8b:3d:e7:41:41:ad:7d:a0:5b:0a:17:f5:cf:
16:98:b3:e4:ef:25:23:a5:39:23:0b:4a:82:b6:77:19:e9:5a:
0a:ba:e8:39:e0:14:f9:d9:ae:6b:c8:40:30:22:ad:0c:99:e0:
53:7c:8e:13:7e:50:66:a7:d3:01:d3:d3:59:b9:b1:9a:a3:e7:
18:00:44:32:50:98:de:b8:03:79:14:3e:a7:5c:88:e0:4e:13:
80:6d:3d:a1:73:71:7a:65:12:16:7f:94:31:ef:b6:3c:fb:c5:
8f:53:82:1d:e5:6c:17:e9:56:13:20:1e:98:f5:b8:5b:3a:ab:
43:9b:bc:1a:17:e8:a9:e8:23:92:5d:e9:77:5f:6c:f9:13:ac:
44:e2:7f:ec:55:ad:d1:6c:ee:3e:36:7f:12:6b:59:81:0c:dd:
00:d3:01:c3:92:56:49:df:50:9d:94:60:06:e4:9d:9a:c4:67:
28:f2:cf:2a:67:cb:f7:c3:07:91:c2:4f:c3:8e:1d:c6:ad:06:
bc:58:95:21:47:22:05:3c:79:c2:b5:55:c1:05:b7:e1:d0:d9:
a0:f5:3a:97
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzC22hnGaFBNwchYAOSzMlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI5YjYwZTQ2MzNiODI2MGRhNDA5N2I5ODE1OWE3YzFlMmRlODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAit/OFy3cDfhvdVzABUbch+theh5n
BiCTAYcEkrOkHZQ64QhszPyclA0+Uxbfu7i2I2n4nIF2fR7iD3Otv2RsOo0fIchr
4uMmpWRIyJn/ub1SKm7WPgfPmCYdccsNU/5jCtqm4KhC9WG0vZ5vYVdMfRQHaH6e
s5lpp08/xjrvM9pWt3nVTLEKsfLodKn857+h/RR2pSBPIvTNC4W+bgxLml8CObyj
lOv7brgGEu+9v54VtAJrSFgyJwVmvYr5vZeHRcnvo5jbFvusRKCKmwfngMmtOIDk
JHYegeAXVPRkCtKL1dDxefz/JCimkHTv5vut8/DEwP3LUbEj1Itr8OzcMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLcptg5GM7gmDaQJe5gVmnweLegSMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvdHltMkRrWXp1Q1lOcEFsN21CV2FmQjR0NkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAMc/pVQiRdPlOVbMPTlkGgl0JOPeGjrFOmFqIp/mO
JwU0yapxPjfiUzKLPedBQa19oFsKF/XPFpiz5O8lI6U5IwtKgrZ3GelaCrroOeAU
+dmua8hAMCKtDJngU3yOE35QZqfTAdPTWbmxmqPnGABEMlCY3rgDeRQ+p1yI4E4T
gG09oXNxemUSFn+UMe+2PPvFj1OCHeVsF+lWEyAemPW4WzqrQ5u8Ghfoqegjkl3p
d19s+ROsROJ/7FWt0WzuPjZ/EmtZgQzdANMBw5JWSd9QnZRgBuSdmsRnKPLPKmfL
98MHkcJPw44dxq0GvFiVIUciBTx5wrVVwQW34dDZoPU6lw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:30:36 2024 by rpki-client on console-ams.rpki-client.org