Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0ilpNcqGuQODJLe_6FyBi_uCrJs.roa
File: 0ilpNcqGuQODJLe_6FyBi_uCrJs.roa (raw, json)
Hash identifier: oVqegdQc3MiOUSdnIv8Q6puaJ3/tlenO/zFDNx39pSM=
Subject key identifier: D2:29:69:35:CA:86:B9:03:83:24:B7:BF:E8:5C:81:8B:FB:82:AC:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD193B5AA940B4445F72A37612EBF2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0ilpNcqGuQODJLe_6FyBi_uCrJs.roa
Signing time: Tue 02 Jan 2024 10:34:22 +0000
ROA not before: Tue 02 Jan 2024 10:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208753
IP address blocks: 2a0e:b107:380::/48 maxlen: 48
2a0e:b107:382::/48 maxlen: 48
2a0e:b107:384::/48 maxlen: 48
2a0e:b107:383::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:19:3b:5a:a9:40:b4:44:5f:72:a3:76:12:eb:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2296935ca86b9038324b7bfe85c818bfb82ac9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:36:9a:3e:d0:5d:45:68:2c:14:da:45:c3:21:
61:99:02:7b:39:45:65:f4:31:72:7c:e3:a5:46:9e:
9d:66:4d:6e:4a:56:3a:ed:5f:0a:54:a9:69:9e:8b:
87:02:6b:b4:a3:24:8d:42:17:f8:d0:85:8f:14:57:
82:cb:64:50:79:52:12:a0:65:17:88:26:15:a4:9f:
17:8a:b4:58:1b:9b:87:db:65:3e:51:d4:90:cd:84:
05:70:70:33:26:2c:c1:a7:39:fd:8c:73:b3:c1:35:
d0:a6:58:95:2b:99:3c:c2:26:25:30:63:b7:65:7d:
31:c3:43:64:b5:dc:1f:03:3b:b3:68:7e:15:52:28:
f3:d0:1e:7c:74:0a:71:d3:c2:a8:56:81:21:e9:2c:
29:2c:fa:72:aa:a7:53:94:a9:9b:70:26:79:d8:9d:
88:9f:d4:7c:cc:f8:fb:d7:47:31:0c:da:02:ec:00:
40:c4:8c:ae:ea:b6:ca:cf:9e:b2:2b:19:1e:27:f6:
c9:9d:3e:ad:e2:b9:a2:7e:13:2e:1b:95:bc:50:d8:
f8:ea:76:be:84:73:c5:e1:85:75:09:97:22:a5:af:
f6:5d:02:98:d5:0c:5f:7f:7d:41:28:af:ce:39:ef:
5a:b5:a8:98:9d:94:ad:32:ba:dc:21:88:f4:7f:1a:
b0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:29:69:35:CA:86:B9:03:83:24:B7:BF:E8:5C:81:8B:FB:82:AC:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0ilpNcqGuQODJLe_6FyBi_uCrJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:380::/48
2a0e:b107:382::-2a0e:b107:384:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:43:9c:89:c7:62:4b:fa:39:16:0b:36:7f:cb:ae:5a:e2:57:
f1:9b:6f:d6:2f:bf:20:0c:0a:35:93:8a:4f:2a:e6:88:e5:04:
ba:6f:8b:b1:3d:56:ad:47:e2:4d:67:b8:21:29:4f:99:bd:16:
78:32:86:3f:34:d6:bb:54:81:f1:a3:b5:d1:42:7c:f6:b0:54:
01:ed:40:be:f2:ad:48:06:79:21:6c:52:c3:66:49:18:fb:d4:
c0:84:c3:96:a4:de:aa:13:94:25:82:ab:90:4d:57:1b:0d:6e:
56:ea:da:ed:6e:13:28:6a:87:1f:1a:ec:b0:24:5c:38:8b:02:
56:41:1c:de:b3:e5:f1:f8:1f:c7:ea:43:04:54:f4:9e:17:bf:
e4:f3:17:de:1a:3a:65:a4:62:b6:76:1b:17:2f:41:87:14:3b:
65:67:72:4a:67:63:0e:74:3e:e1:67:75:77:92:36:0c:a2:31:
ba:56:49:25:90:3d:dc:7a:59:8a:bb:23:5e:fa:60:b9:96:c9:
f9:7b:fd:21:fc:7e:85:cf:17:88:14:5d:9e:00:e1:51:e7:e4:
82:dc:2c:45:51:91:33:26:c1:19:fc:82:9c:8a:69:7a:9b:02:
4a:33:58:a7:d9:03:41:c5:f4:2e:27:72:40:6b:d8:9d:85:cb:
ac:2a:a9:f9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJvRk7WqlAtERfcqN2EuvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI5NjkzNWNhODZiOTAzODMyNGI3YmZlODVjODE4YmZiODJhYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTaaPtBdRWgsFNpFwyFhmQJ7OUVl
9DFyfOOlRp6dZk1uSlY67V8KVKlpnouHAmu0oySNQhf40IWPFFeCy2RQeVISoGUX
iCYVpJ8XirRYG5uH22U+UdSQzYQFcHAzJizBpzn9jHOzwTXQpliVK5k8wiYlMGO3
ZX0xw0NktdwfAzuzaH4VUijz0B58dApx08KoVoEh6SwpLPpyqqdTlKmbcCZ52J2I
n9R8zPj710cxDNoC7ABAxIyu6rbKz56yKxkeJ/bJnT6t4rmifhMuG5W8UNj46na+
hHPF4YV1CZcipa/2XQKY1Qxff31BKK/OOe9ataiYnZStMrrcIYj0fxqwnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNIpaTXKhrkDgyS3v+hcgYv7gqybMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMGlscE5jcUd1UU9ESkxlXzZGeUJpX3VDckpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6xBwOA
MBIDBwEqDrEHA4IDBwAqDrEHA4QwDQYJKoZIhvcNAQELBQADggEBAChDnInHYkv6
ORYLNn/LrlriV/Gbb9YvvyAMCjWTik8q5ojlBLpvi7E9Vq1H4k1nuCEpT5m9Fngy
hj801rtUgfGjtdFCfPawVAHtQL7yrUgGeSFsUsNmSRj71MCEw5ak3qoTlCWCq5BN
VxsNblbq2u1uEyhqhx8a7LAkXDiLAlZBHN6z5fH4H8fqQwRU9J4Xv+TzF94aOmWk
YrZ2GxcvQYcUO2VnckpnYw50PuFndXeSNgyiMbpWSSWQPdx6WYq7I176YLmWyfl7
/SH8foXPF4gUXZ4A4VHn5ILcLEVRkTMmwRn8gpyKaXqbAkozWKfZA0HF9C4nckBr
2J2Fy6wqqfk=
-----END CERTIFICATE-----
Generated at Fri May 3 05:22:00 2024 by rpki-client on console-fra.rpki-client.org