Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0BVGd3YgW5RTf7olJ8O9mo60IDs.roa
File: 0BVGd3YgW5RTf7olJ8O9mo60IDs.roa (raw, json)
Hash identifier: B3R53XoolnK7YTiWHKqFR07rxwLECaTH+tfyS37Mq80=
Subject key identifier: D0:15:46:77:76:20:5B:94:53:7F:BA:25:27:C3:BD:9A:8E:B4:20:3B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425227A49EE347A9001D442BC595727CE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0BVGd3YgW5RTf7olJ8O9mo60IDs.roa
Signing time: Thu 02 Jan 2025 03:50:04 +0000
ROA not before: Thu 02 Jan 2025 03:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214344
IP address blocks: 2a10:ccc6:6660::/44 maxlen: 48
2a10:ccc6:6661::/48 maxlen: 48
2a10:ccc6:6662::/48 maxlen: 48
2a10:ccc6:6666::/48 maxlen: 48
2a10:ccc6:666d::/48 maxlen: 48
2a10:ccc6:666e::/48 maxlen: 48
2a10:ccc6:666f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:7a:49:ee:34:7a:90:01:d4:42:bc:59:57:27:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d015467776205b94537fba2527c3bd9a8eb4203b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:23:1d:e2:e3:c0:0b:a8:ab:29:3e:03:f7:17:
04:42:25:93:67:64:66:d4:c4:68:ee:e2:24:74:db:
3b:9b:55:d8:45:44:43:91:0c:59:bb:cb:12:b9:60:
47:43:18:31:a9:ac:64:6b:e7:05:3e:b0:61:09:ed:
69:6e:35:7b:4d:56:e7:8a:23:22:30:e9:17:3d:8a:
ec:49:69:4e:2a:74:5e:92:d3:5a:aa:ad:ec:9b:18:
51:ff:f9:2c:cd:b1:3a:37:c6:3e:18:a2:2c:38:8a:
0a:8a:fb:b6:ac:14:6a:6e:fa:1e:d7:4c:4b:64:db:
f9:fe:c9:77:1a:70:64:8d:6c:5c:07:25:92:b9:af:
f7:ef:74:e5:43:a6:42:a3:df:e3:35:bc:42:dc:47:
60:8f:65:da:e4:56:f2:89:68:99:79:43:dc:e2:00:
d8:a8:3d:c2:77:32:9c:2b:48:dc:3a:dc:13:86:2a:
d2:b9:d5:9f:3f:71:f7:c1:db:7d:75:95:e6:47:29:
e4:c1:7e:c1:9d:42:93:29:30:2f:0a:a9:98:6d:a3:
78:91:6f:63:34:3b:9e:52:d8:53:5b:7c:4f:f9:4b:
95:9b:70:5a:93:a2:bc:24:37:8f:8b:2f:d1:ce:7f:
09:43:86:e8:20:4c:71:40:d1:2d:cb:58:9d:55:82:
fe:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:15:46:77:76:20:5B:94:53:7F:BA:25:27:C3:BD:9A:8E:B4:20:3B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0BVGd3YgW5RTf7olJ8O9mo60IDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc6:6660::/44
Signature Algorithm: sha256WithRSAEncryption
4e:33:14:8b:b4:af:cd:21:45:94:8b:a2:f6:7f:52:e6:e8:c4:
31:88:85:95:83:4c:c1:4e:36:c8:0e:0f:9f:ee:2a:55:54:e0:
54:05:b3:0b:49:75:85:f3:73:a8:fb:1a:3e:7f:ab:e1:a8:20:
f6:82:90:d3:55:40:6f:c9:c6:dc:83:62:3e:36:a3:ec:e8:10:
df:00:a9:70:00:cf:36:a8:bc:19:5e:88:f3:47:3a:61:5a:ce:
55:aa:ac:c3:b7:28:51:c2:ce:8b:6a:d8:93:f4:a1:c4:86:77:
4d:77:99:df:5d:75:4d:46:f8:0c:0e:2b:02:0e:95:d1:2e:4c:
66:2a:ed:93:4e:07:f9:4d:84:5f:ad:02:64:00:c6:c4:40:3c:
31:50:bc:cf:bb:18:8c:aa:2a:9e:6a:d4:d4:2f:2a:ab:f7:b5:
09:b3:98:f6:93:d3:ad:cb:83:eb:4e:c8:bf:53:d6:46:e5:fc:
92:46:e2:5e:8f:a7:99:c9:89:3f:a2:45:f5:72:79:31:28:32:
b2:40:07:29:27:6f:9c:eb:6e:81:1c:f3:e2:4a:a6:db:db:37:
ff:30:ae:85:94:86:de:09:4d:50:97:4b:72:83:6e:d0:0a:0c:
7e:bd:55:a5:cd:fb:a1:05:53:45:f6:d4:b4:72:47:a6:62:9d:
29:a5:16:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlInpJ7jR6kAHUQrxZVyfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDE1NDY3Nzc2MjA1Yjk0NTM3ZmJhMjUyN2MzYmQ5YThlYjQyMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiMd4uPAC6irKT4D9xcEQiWTZ2Rm
1MRo7uIkdNs7m1XYRURDkQxZu8sSuWBHQxgxqaxka+cFPrBhCe1pbjV7TVbniiMi
MOkXPYrsSWlOKnRektNaqq3smxhR//kszbE6N8Y+GKIsOIoKivu2rBRqbvoe10xL
ZNv5/sl3GnBkjWxcByWSua/373TlQ6ZCo9/jNbxC3Edgj2Xa5FbyiWiZeUPc4gDY
qD3CdzKcK0jcOtwThirSudWfP3H3wdt9dZXmRynkwX7BnUKTKTAvCqmYbaN4kW9j
NDueUthTW3xP+UuVm3Bak6K8JDePiy/Rzn8JQ4boIExxQNEty1idVYL+7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNAVRnd2IFuUU3+6JSfDvZqOtCA7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMEJWR2QzWWdXNVJUZjdvbEo4TzltbzYwSURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMxmZg
MA0GCSqGSIb3DQEBCwUAA4IBAQBOMxSLtK/NIUWUi6L2f1Lm6MQxiIWVg0zBTjbI
Dg+f7ipVVOBUBbMLSXWF83Oo+xo+f6vhqCD2gpDTVUBvycbcg2I+NqPs6BDfAKlw
AM82qLwZXojzRzphWs5VqqzDtyhRws6LatiT9KHEhndNd5nfXXVNRvgMDisCDpXR
LkxmKu2TTgf5TYRfrQJkAMbEQDwxULzPuxiMqiqeatTULyqr97UJs5j2k9Oty4Pr
Tsi/U9ZG5fySRuJej6eZyYk/okX1cnkxKDKyQAcpJ2+c626BHPPiSqbb2zf/MK6F
lIbeCU1Ql0tyg27QCgx+vVWlzfuhBVNF9tS0ckemYp0ppRZv
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:54:07 2025 by rpki-client