Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_Q6LNoR3SsAKotzqWmcLui95cAI.roa
File: _Q6LNoR3SsAKotzqWmcLui95cAI.roa (raw, json)
Hash identifier: G86zD3zZEmMzAvk73GRmxbmWn9e9bBlABTfy70xNhUA=
Subject key identifier: FD:0E:8B:36:84:77:4A:C0:0A:A2:DC:EA:5A:67:0B:BA:2F:79:70:02
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F6CAE5C84C1616BC3C43904D3A577F827
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_Q6LNoR3SsAKotzqWmcLui95cAI.roa
Signing time: Sun 12 May 2024 12:01:57 +0000
ROA not before: Sun 12 May 2024 12:01:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214939
IP address blocks: 2a0e:b107:28d8::/48 maxlen: 48
2a0e:b107:28d9::/48 maxlen: 48
2a0e:b107:28da::/48 maxlen: 48
2a0e:b107:28db::/48 maxlen: 48
2a0e:b107:28dc::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6c:ae:5c:84:c1:61:6b:c3:c4:39:04:d3:a5:77:f8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 12 12:01:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd0e8b3684774ac00aa2dcea5a670bba2f797002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:eb:b2:43:04:72:12:35:5d:55:7c:b1:6b:a8:
80:2f:b6:87:66:07:1b:2a:5b:ea:5f:cf:2d:97:18:
01:c0:99:8a:8b:ab:da:4a:d8:60:86:46:96:4d:79:
e8:a6:5a:c8:29:49:e6:22:64:50:c8:d3:27:a4:dc:
56:b2:19:e4:8a:4a:c7:c4:41:a0:44:e2:c7:9d:1f:
95:7e:12:57:66:f4:87:28:b5:c6:ad:e2:06:53:d7:
b2:b0:c5:9d:6e:5c:00:55:cb:88:4b:b4:41:1d:43:
6c:b7:d8:60:53:db:96:39:55:97:f7:1e:47:ce:ce:
1b:7c:12:37:64:27:20:54:5c:9e:34:ee:83:97:28:
17:7c:42:7c:57:a5:c7:90:21:42:5a:81:b9:25:df:
1f:51:58:5f:fc:e7:76:f9:b3:38:9f:1e:14:09:1c:
05:84:60:8c:57:f1:ad:45:ec:ba:c1:46:30:e0:31:
4b:9c:02:28:0c:80:a5:ef:29:f9:25:89:59:d8:a7:
51:ae:08:77:e8:21:b0:7e:01:52:ac:2f:c8:57:8a:
5c:e7:a8:b0:42:3a:38:50:97:d3:60:03:9b:40:5c:
22:92:42:a0:be:db:3e:b1:e7:5e:a9:08:c7:ca:0c:
91:03:0d:09:f5:87:b3:c9:cb:1c:19:51:1b:3c:21:
4c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0E:8B:36:84:77:4A:C0:0A:A2:DC:EA:5A:67:0B:BA:2F:79:70:02
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_Q6LNoR3SsAKotzqWmcLui95cAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:28d8::/45
Signature Algorithm: sha256WithRSAEncryption
5f:c3:5d:7c:4e:eb:cd:9a:f7:99:b7:3c:cd:25:f1:52:35:e2:
c3:1f:a0:ee:32:b7:c8:c6:68:17:ea:1d:7e:18:ff:53:15:11:
0f:d5:e5:26:fa:02:13:a0:f9:ca:29:7c:61:20:a8:ef:53:f0:
db:20:94:ee:da:af:d1:b8:11:87:4f:ae:c1:5b:c2:f0:f7:b9:
46:99:10:cb:2d:f1:b0:b7:d0:18:a5:d8:d2:56:c7:40:b3:fe:
81:b4:dc:77:52:3a:16:61:8c:ee:bd:b8:e6:8c:e6:80:4e:de:
46:8c:44:84:87:fe:a3:3a:24:ac:4b:61:af:be:d4:ff:b0:e2:
49:da:15:ad:d1:41:da:dd:4e:91:89:65:7b:19:7e:b7:30:24:
7d:52:b9:c8:01:a0:39:e5:18:2a:3a:fd:df:11:55:da:c9:c0:
bd:a6:f3:4a:d8:76:d0:18:b4:aa:a4:81:61:f1:dd:c9:d9:db:
84:d9:d7:ab:04:b3:49:9c:eb:8a:f0:9f:2d:6f:32:7d:c0:b0:
bb:96:e8:fe:16:cb:58:31:63:6d:29:d5:f9:bb:86:ec:36:51:
43:9e:b6:5b:16:68:40:da:98:b2:3e:b4:f2:d4:8f:ce:62:4c:
3a:8d:65:bb:b2:ed:6b:7d:d4:0a:86:57:02:fa:3d:af:bd:0b:
85:53:aa:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY9srlyEwWFrw8Q5BNOld/gnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTEyMTIwMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDBlOGIzNjg0Nzc0YWMwMGFhMmRjZWE1YTY3MGJiYTJmNzk3MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+uyQwRyEjVdVXyxa6iAL7aHZgcb
KlvqX88tlxgBwJmKi6vaSthghkaWTXnoplrIKUnmImRQyNMnpNxWshnkikrHxEGg
ROLHnR+VfhJXZvSHKLXGreIGU9eysMWdblwAVcuIS7RBHUNst9hgU9uWOVWX9x5H
zs4bfBI3ZCcgVFyeNO6DlygXfEJ8V6XHkCFCWoG5Jd8fUVhf/Od2+bM4nx4UCRwF
hGCMV/GtRey6wUYw4DFLnAIoDICl7yn5JYlZ2KdRrgh36CGwfgFSrC/IV4pc56iw
Qjo4UJfTYAObQFwikkKgvts+sedeqQjHygyRAw0J9YezycscGVEbPCFMcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP0OizaEd0rACqLc6lpnC7oveXACMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX1E2TE5vUjNTc0FLb3R6cVdtY0x1aTk1Y0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcDKg6xByjY
MA0GCSqGSIb3DQEBCwUAA4IBAQBfw118TuvNmveZtzzNJfFSNeLDH6DuMrfIxmgX
6h1+GP9TFREP1eUm+gIToPnKKXxhIKjvU/DbIJTu2q/RuBGHT67BW8Lw97lGmRDL
LfGwt9AYpdjSVsdAs/6BtNx3UjoWYYzuvbjmjOaATt5GjESEh/6jOiSsS2GvvtT/
sOJJ2hWt0UHa3U6RiWV7GX63MCR9UrnIAaA55RgqOv3fEVXaycC9pvNK2HbQGLSq
pIFh8d3J2duE2derBLNJnOuK8J8tbzJ9wLC7luj+FstYMWNtKdX5u4bsNlFDnrZb
FmhA2piyPrTy1I/OYkw6jWW7su1rfdQKhlcC+j2vvQuFU6pi
-----END CERTIFICATE-----
Generated at Mon Jun 3 01:35:34 2024 by rpki-client on console-fra.rpki-client.org