Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0bXx7ne3pzBP52Im3tWn7wWXT9Y.roa
File: 0bXx7ne3pzBP52Im3tWn7wWXT9Y.roa (raw, json)
Hash identifier: L2z8+v2nbafp8Y8s0cNinNRZY+MVXROrbaAzu7C0jRk=
Subject key identifier: D1:B5:F1:EE:77:B7:A7:30:4F:E7:62:26:DE:D5:A7:EF:05:97:4F:D6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521FF08B6990124270D3A6AD94DFA34
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0bXx7ne3pzBP52Im3tWn7wWXT9Y.roa
Signing time: Thu 02 Jan 2025 03:49:32 +0000
ROA not before: Thu 02 Jan 2025 03:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200581
IP address blocks: 2a0e:b107:1d90::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ff:08:b6:99:01:24:27:0d:3a:6a:d9:4d:fa:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1b5f1ee77b7a7304fe76226ded5a7ef05974fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d1:d5:e5:a6:6c:f8:2f:e4:20:70:18:10:a7:
03:de:55:29:4f:6a:e7:45:32:93:17:ef:d2:c9:13:
d2:83:b3:c7:db:cd:6b:36:ee:1c:2e:48:c1:40:e6:
7c:32:5e:06:df:c1:fb:82:9d:53:ca:9c:5e:04:49:
a9:46:6a:42:0c:04:d1:2f:45:26:3d:67:80:08:8e:
88:bf:59:db:2d:35:fe:f1:8e:6b:16:90:81:11:3c:
09:6f:c0:e3:90:dd:e0:a9:8a:b2:b6:df:7d:2a:d7:
5f:d1:44:7f:bf:0b:54:be:f6:bd:c2:96:1a:95:0b:
b9:bc:6e:a4:24:c3:8a:88:19:cd:4d:3d:26:1c:c4:
94:14:71:4c:12:4a:b8:e4:bb:55:be:98:20:69:32:
03:2c:37:bc:af:64:0c:73:e4:ff:3f:26:f2:7e:ff:
36:5f:85:33:51:89:3a:df:99:95:72:24:3d:cc:d3:
37:bb:a0:b0:05:b1:42:e3:00:5e:48:22:a7:8b:94:
8f:8a:ae:06:47:3e:a4:5c:a8:6e:3f:fd:19:a1:5e:
50:c7:9f:01:06:a8:be:0a:9e:1c:e4:01:0a:4c:98:
32:34:f9:80:db:19:5b:57:c7:7f:93:9c:dd:64:fe:
ba:8d:a4:a7:ad:40:3f:e0:b8:58:bc:23:3a:06:3d:
e0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B5:F1:EE:77:B7:A7:30:4F:E7:62:26:DE:D5:A7:EF:05:97:4F:D6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0bXx7ne3pzBP52Im3tWn7wWXT9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d90::/48
Signature Algorithm: sha256WithRSAEncryption
80:87:3e:6f:5d:83:30:39:5d:83:10:91:1a:75:25:5d:44:8e:
e7:24:50:6a:b4:9e:48:a0:99:ff:6f:05:4c:54:0d:68:14:25:
9c:3a:48:34:e7:19:48:46:42:fa:d5:75:8a:97:3f:5b:98:1c:
4f:e8:1c:94:7c:5a:22:ad:a3:ca:1e:1f:62:ee:0f:37:6d:4d:
c3:bd:e7:ea:5e:c1:e1:f1:d1:8f:9c:b4:7c:a2:3a:41:6c:e9:
f7:0c:35:87:a8:ba:cd:8a:43:93:ae:2a:1c:da:cb:5a:db:90:
50:3f:b6:e1:e1:13:2c:84:a1:90:39:0e:ad:3d:71:9e:74:08:
d2:65:01:a6:15:d0:83:e7:41:31:dc:32:f1:f1:b5:69:0f:e0:
16:a6:4f:3b:0e:09:a9:43:e6:ed:19:3b:86:7e:0d:ca:50:a4:
ba:9b:a7:15:f1:94:d1:7c:35:4c:90:03:50:32:82:f6:4d:b4:
25:8a:9a:f3:e4:b5:61:e4:19:58:ab:25:3d:2c:6c:15:36:e1:
fb:6d:cc:53:9c:7e:b3:86:48:ff:e2:e8:a7:2d:f9:b4:a0:13:
a3:25:d8:3d:f7:13:e7:5b:3b:25:4b:91:a7:a6:41:6d:27:f0:
10:f8:3a:35:71:49:da:0b:0d:08:cf:cd:1c:b3:f0:97:58:2a:
42:b8:be:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIf8ItpkBJCcNOmrZTfo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWI1ZjFlZTc3YjdhNzMwNGZlNzYyMjZkZWQ1YTdlZjA1OTc0ZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNHV5aZs+C/kIHAYEKcD3lUpT2rn
RTKTF+/SyRPSg7PH281rNu4cLkjBQOZ8Ml4G38H7gp1TypxeBEmpRmpCDATRL0Um
PWeACI6Iv1nbLTX+8Y5rFpCBETwJb8DjkN3gqYqytt99Ktdf0UR/vwtUvva9wpYa
lQu5vG6kJMOKiBnNTT0mHMSUFHFMEkq45LtVvpggaTIDLDe8r2QMc+T/Pybyfv82
X4UzUYk635mVciQ9zNM3u6CwBbFC4wBeSCKni5SPiq4GRz6kXKhuP/0ZoV5Qx58B
Bqi+Cp4c5AEKTJgyNPmA2xlbV8d/k5zdZP66jaSnrUA/4LhYvCM6Bj3gtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNG18e53t6cwT+diJt7Vp+8Fl0/WMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMGJYeDduZTNwekJQNTJJbTN0V243d1dYVDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBx2Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCAhz5vXYMwOV2DEJEadSVdRI7nJFBqtJ5IoJn/
bwVMVA1oFCWcOkg05xlIRkL61XWKlz9bmBxP6ByUfFoiraPKHh9i7g83bU3Dvefq
XsHh8dGPnLR8ojpBbOn3DDWHqLrNikOTrioc2sta25BQP7bh4RMshKGQOQ6tPXGe
dAjSZQGmFdCD50Ex3DLx8bVpD+AWpk87DgmpQ+btGTuGfg3KUKS6m6cV8ZTRfDVM
kANQMoL2TbQliprz5LVh5BlYqyU9LGwVNuH7bcxTnH6zhkj/4uinLfm0oBOjJdg9
9xPnWzslS5GnpkFtJ/AQ+Do1cUnaCw0Iz80cs/CXWCpCuL7Z
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:47:02 2025 by rpki-client