Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0gnylnbGszXInh5f7lxWrgkdNOo.roa
File: 0gnylnbGszXInh5f7lxWrgkdNOo.roa (raw, json)
Hash identifier: +eIhEdMOA7Tipx83A2AVvHZn6MugIEF6OmM29cU23Ls=
Subject key identifier: D2:09:F2:96:76:C6:B3:35:C8:9E:1E:5F:EE:5C:56:AE:09:1D:34:EA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCD6B2B50666C3A1F94DE9FAA55D8C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0gnylnbGszXInh5f7lxWrgkdNOo.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58336
IP address blocks: 2a0e:97c0:550::/44 maxlen: 48
2a0e:b107:16b0::/44 maxlen: 48
2a10:cc44:100::/44 maxlen: 48
2a10:cc42:120::/44 maxlen: 48
2a10:cc42:130::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 09:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d6:b2:b5:06:66:c3:a1:f9:4d:e9:fa:a5:5d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d209f29676c6b335c89e1e5fee5c56ae091d34ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d5:ee:2e:7e:47:03:f9:01:23:18:4b:c0:97:
cf:d6:29:74:d0:17:2a:0d:7d:c6:5e:4c:81:41:b4:
26:94:0a:2f:4f:5c:b1:2f:25:80:36:81:d4:66:1c:
84:a9:40:8a:dc:f5:3d:2f:a3:36:30:be:e8:02:fe:
75:ad:a1:35:96:a1:80:9e:96:f6:ac:11:62:66:97:
d2:3d:9c:aa:e5:88:ec:b6:4f:72:d1:95:29:ba:15:
16:b4:76:78:6a:0a:8a:41:15:b8:34:f6:14:c9:4b:
3b:2a:5d:25:65:c6:a5:ea:5b:59:b6:84:91:51:b0:
bd:d5:76:a6:14:fa:2e:1b:8f:6a:70:a7:14:d1:a5:
d5:71:53:0f:d3:c2:27:7a:ab:b1:b9:4f:28:d5:9b:
51:6e:2f:a8:da:20:35:c6:9c:7c:e0:de:a5:5f:87:
fd:e5:1d:35:c2:04:e0:76:3b:3b:bd:6c:03:54:12:
c6:4b:da:ee:32:cc:e5:5c:3d:83:81:28:6e:7e:35:
cc:31:24:86:74:36:f8:40:16:bb:5b:64:aa:d7:48:
5a:89:6d:fc:c7:2b:77:aa:8a:c8:f6:97:57:a3:b7:
97:99:44:41:2f:35:5e:72:ca:3f:f2:2c:3e:84:87:
76:b5:0f:b4:48:54:b8:03:75:3e:79:e7:c3:58:c5:
ac:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:09:F2:96:76:C6:B3:35:C8:9E:1E:5F:EE:5C:56:AE:09:1D:34:EA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0gnylnbGszXInh5f7lxWrgkdNOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:550::/44
2a0e:b107:16b0::/44
2a10:cc42:120::/43
2a10:cc44:100::/44
Signature Algorithm: sha256WithRSAEncryption
9f:70:97:46:2d:30:07:35:c7:73:e6:0e:6c:40:d8:5f:04:02:
8f:0c:1e:e7:5f:0a:dc:89:f2:cd:2c:dc:8f:fb:ea:72:1f:a8:
f7:5e:c2:9c:2f:25:d4:9d:97:b2:31:cd:9e:c3:af:6c:ff:8c:
cf:64:49:6e:eb:8d:08:63:17:0e:bf:77:7d:88:0f:39:b5:12:
b1:d4:4a:41:3d:04:50:7b:0a:36:bd:58:69:d6:69:f1:f1:29:
29:cc:0a:4d:a2:33:a1:92:40:87:af:1b:70:e9:a8:47:b9:02:
f1:42:39:ba:89:4e:fc:b8:4b:d5:da:2f:52:36:72:db:89:36:
40:b3:ef:ab:06:7b:2c:8b:5f:53:b9:1e:d6:b5:d7:0b:77:63:
b7:cd:d6:b7:76:de:14:93:30:82:b1:74:c6:19:a9:68:bb:1a:
70:92:2f:6a:19:70:1d:03:1a:35:2d:b3:a3:f4:c7:f6:c1:26:
9c:52:e1:2e:ad:4c:e9:b3:ad:7f:c6:7c:06:22:7d:ce:3e:bc:
ee:e0:b2:f9:4d:52:e7:b5:f3:53:71:91:f8:a3:6e:72:5f:29:
a6:26:91:e5:27:09:54:d1:c4:1d:de:50:4a:34:fb:b2:1d:03:
32:1b:73:43:00:e9:8f:bf:f2:08:5e:05:3c:48:58:71:d0:1c:
57:6d:0d:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJvNaytQZmw6H5Ten6pV2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA5ZjI5Njc2YzZiMzM1Yzg5ZTFlNWZlZTVjNTZhZTA5MWQzNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9XuLn5HA/kBIxhLwJfP1il00Bcq
DX3GXkyBQbQmlAovT1yxLyWANoHUZhyEqUCK3PU9L6M2ML7oAv51raE1lqGAnpb2
rBFiZpfSPZyq5Yjstk9y0ZUpuhUWtHZ4agqKQRW4NPYUyUs7Kl0lZcal6ltZtoSR
UbC91XamFPouG49qcKcU0aXVcVMP08InequxuU8o1ZtRbi+o2iA1xpx84N6lX4f9
5R01wgTgdjs7vWwDVBLGS9ruMszlXD2DgShufjXMMSSGdDb4QBa7W2Sq10haiW38
xyt3qorI9pdXo7eXmURBLzVecso/8iw+hId2tQ+0SFS4A3U+eefDWMWsFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNIJ8pZ2xrM1yJ4eX+5cVq4JHTTqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMGdueWxuYkdzelhJbmg1ZjdseFdyZ2tkTk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwAVQ
AwcEKg6xBxawAwcFKhDMQgEgAwcEKhDMRAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCf
cJdGLTAHNcdz5g5sQNhfBAKPDB7nXwrcifLNLNyP++pyH6j3XsKcLyXUnZeyMc2e
w69s/4zPZElu640IYxcOv3d9iA85tRKx1EpBPQRQewo2vVhp1mnx8SkpzApNojOh
kkCHrxtw6ahHuQLxQjm6iU78uEvV2i9SNnLbiTZAs++rBnssi19TuR7WtdcLd2O3
zda3dt4UkzCCsXTGGalouxpwki9qGXAdAxo1LbOj9Mf2wSacUuEurUzps61/xnwG
In3OPrzu4LL5TVLntfNTcZH4o25yXymmJpHlJwlU0cQd3lBKNPuyHQMyG3NDAOmP
v/IIXgU8SFhx0BxXbQ09
-----END CERTIFICATE-----
Generated at Fri May 3 12:39:02 2024 by rpki-client on console-fra.rpki-client.org