Route Origin Authorization
$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/1/323030313a3637383a3565343a3a2f34382d3438203d3e203631393631.roa
File: 323030313a3637383a3565343a3a2f34382d3438203d3e203631393631.roa (raw, json)
Hash identifier: 9lXsRq2vH27QU6oONZHHcOI2KgKrR7I1qDb4jmPN0NI=
Subject key identifier: 7E:59:B0:2D:DB:7D:38:E4:52:E0:C7:A6:1C:53:AF:6C:7B:F3:40:3F
Certificate issuer: /CN=4e9a6c18f349b395c31c33bb7f9b9f5817bde9a8
Certificate serial: 27592DB03F5E63DC4A8C3FEBADD10EF6E9BB654F
Authority key identifier: 4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
Subject info access: rsync://rpki.nellicus.net/repo/nellicus/1/323030313a3637383a3565343a3a2f34382d3438203d3e203631393631.roa
Signing time: Mon 30 Dec 2024 07:27:44 +0000
ROA not before: Mon 30 Dec 2024 07:22:44 +0000
ROA not after: Mon 29 Dec 2025 07:27:44 +0000
asID: 61961
IP address blocks: 2001:678:5e4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.crl
rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:59:2d:b0:3f:5e:63:dc:4a:8c:3f:eb:ad:d1:0e:f6:e9:bb:65:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9a6c18f349b395c31c33bb7f9b9f5817bde9a8
Validity
Not Before: Dec 30 07:22:44 2024 GMT
Not After : Dec 29 07:27:44 2025 GMT
Subject: CN=7E59B02DDB7D38E452E0C7A61C53AF6C7BF3403F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:6a:98:3a:3b:bd:c8:19:09:f7:95:72:d4:
0e:4a:07:08:a7:25:1e:12:05:20:e5:14:f8:03:9d:
15:71:c7:11:91:a8:71:16:1e:a3:50:88:9f:5d:4b:
eb:30:2a:85:6d:1e:37:60:92:41:70:36:39:38:26:
20:79:00:d2:d4:1d:bb:02:c7:34:15:59:14:e3:22:
3e:33:ac:b4:3a:ba:76:9b:0d:9e:73:12:59:e0:87:
d2:47:ff:15:21:8b:b8:63:fd:d1:bd:db:aa:3b:bb:
9b:ad:ef:b1:86:67:99:9f:e8:ea:2d:21:05:0c:aa:
95:f6:8a:4b:18:36:ac:09:da:84:72:93:6e:3d:bc:
b6:8f:1b:52:68:ee:2f:0b:5d:cd:d7:4b:4b:95:91:
59:88:31:91:6d:61:90:31:e6:49:0c:ce:16:b7:4f:
17:01:d9:f0:97:8f:f9:1c:ca:07:cf:49:37:f0:06:
9f:5f:3d:af:22:e6:cb:c4:52:10:7a:31:00:a1:79:
92:59:c1:a4:c4:9a:f2:db:b3:dd:8c:81:06:f7:26:
d8:20:3d:dc:54:71:a1:6d:8b:4d:ed:f3:8a:3b:0c:
44:6a:7d:a5:a4:4f:ed:95:f7:63:15:c4:76:c1:f2:
3a:20:1b:d7:79:08:5c:be:55:db:7a:b7:a9:47:91:
4f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:59:B0:2D:DB:7D:38:E4:52:E0:C7:A6:1C:53:AF:6C:7B:F3:40:3F
X509v3 Authority Key Identifier:
keyid:4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/1/323030313a3637383a3565343a3a2f34382d3438203d3e203631393631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5e4::/48
Signature Algorithm: sha256WithRSAEncryption
4b:d5:d8:a0:dc:5e:8c:97:6f:d3:c3:a6:be:a5:98:17:c2:ba:
b1:45:e6:89:3f:af:c2:6a:ca:f9:e1:a7:ae:c4:89:d1:4b:f9:
82:45:d0:bc:e8:62:e4:c2:ca:82:bf:00:71:40:d4:5f:58:d0:
08:5d:f1:6d:aa:10:74:d2:1e:62:63:31:b9:25:6e:80:44:c3:
36:86:a4:0b:1b:3a:5c:a4:08:8d:6c:8c:58:1f:70:78:52:d6:
36:85:9b:bf:89:8e:5a:bb:29:68:75:4f:d5:cc:40:d0:59:10:
5c:ff:ec:c3:0d:63:8c:84:6f:04:21:0a:6e:be:43:11:f7:3e:
8b:3a:b3:0f:7c:84:5b:90:17:37:cb:e8:1d:7a:31:34:e7:d2:
be:05:67:8d:70:5f:f8:3c:ae:1e:66:5b:92:65:57:da:62:01:
47:58:4d:d1:85:54:4e:6a:43:87:b8:95:86:1e:8b:2e:84:29:
f4:cb:88:21:46:58:1e:b7:0a:9b:88:ba:d7:c8:74:b7:e7:51:
25:a1:fc:c2:2b:10:c8:3c:07:b5:4e:c3:f2:92:c6:83:14:ac:
1c:be:09:ef:bf:36:2a:c1:10:70:00:64:44:83:c4:d0:27:10:
37:80:0c:4b:a6:23:ec:9b:e6:dd:75:37:f1:f6:25:2d:03:e8:
be:49:ab:2d
-----BEGIN CERTIFICATE-----
MIIE3jCCA8agAwIBAgIUJ1ktsD9eY9xKjD/rrdEO9um7ZU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5YTZjMThmMzQ5YjM5NWMzMWMzM2JiN2Y5YjlmNTgx
N2JkZTlhODAeFw0yNDEyMzAwNzIyNDRaFw0yNTEyMjkwNzI3NDRaMDMxMTAvBgNV
BAMTKDdFNTlCMDJEREI3RDM4RTQ1MkUwQzdBNjFDNTNBRjZDN0JGMzQwM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgZmqYOju9yBkJ95Vy1A5KBwin
JR4SBSDlFPgDnRVxxxGRqHEWHqNQiJ9dS+swKoVtHjdgkkFwNjk4JiB5ANLUHbsC
xzQVWRTjIj4zrLQ6unabDZ5zElngh9JH/xUhi7hj/dG926o7u5ut77GGZ5mf6Oot
IQUMqpX2iksYNqwJ2oRyk249vLaPG1Jo7i8LXc3XS0uVkVmIMZFtYZAx5kkMzha3
TxcB2fCXj/kcygfPSTfwBp9fPa8i5svEUhB6MQCheZJZwaTEmvLbs92MgQb3Jtgg
PdxUcaFti03t84o7DERqfaWkT+2V92MVxHbB8jogG9d5CFy+Vdt6t6lHkU9lAgMB
AAGjggHoMIIB5DAdBgNVHQ4EFgQUflmwLdt9OORS4MemHFOvbHvzQD8wHwYDVR0j
BBgwFoAUTppsGPNJs5XDHDO7f5ufWBe96agwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8xLzRFOUE2QzE4RjM0OUIzOTVDMzFDMzNCQjdGOUI5RjU4MTdCREU5QTgu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9UcHBzR1BOSnM1WERIRE83ZjV1ZldC
ZTk2YWcuY2VyMIGEBggrBgEFBQcBCwR4MHYwdAYIKwYBBQUHMAuGaHJzeW5jOi8v
cnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxsaWN1cy8xLzMyMzAzMDMxM2EzNjM3
MzgzYTM1NjUzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM2MzEzOTM2MzEucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQZ4BeQwDQYJKoZIhvcNAQELBQADggEBAEvV2KDcXoyXb9PDpr6l
mBfCurFF5ok/r8Jqyvnhp67EidFL+YJF0LzoYuTCyoK/AHFA1F9Y0Ahd8W2qEHTS
HmJjMbklboBEwzaGpAsbOlykCI1sjFgfcHhS1jaFm7+Jjlq7KWh1T9XMQNBZEFz/
7MMNY4yEbwQhCm6+QxH3Pos6sw98hFuQFzfL6B16MTTn0r4FZ41wX/g8rh5mW5Jl
V9piAUdYTdGFVE5qQ4e4lYYeiy6EKfTLiCFGWB63CpuIutfIdLfnUSWh/MIrEMg8
B7VOw/KSxoMUrBy+Ce+/NirBEHAAZESDxNAnEDeADEumI+yb5t11N/H2JS0D6L5J
qy0=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:47 2025 by rpki-client