Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-Rg_eeGl20_nghsJ0Xd6zAVrdRQ.roa
File: 1-Rg_eeGl20_nghsJ0Xd6zAVrdRQ.roa (raw, json)
Hash identifier: B5rqznhWKzRkbym8/vSmmOcc49vAShU6UVqjIh9sdBI=
Subject key identifier: F9:18:3F:79:E1:A5:DB:4F:E7:82:1B:09:D1:77:7A:CC:05:6B:75:14
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCCB7F5B835FC2F616D8AC0C56FA20
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-Rg_eeGl20_nghsJ0Xd6zAVrdRQ.roa
Signing time: Tue 02 Jan 2024 10:34:02 +0000
ROA not before: Tue 02 Jan 2024 10:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44024
IP address blocks: 2a10:2f01:330::/44 maxlen: 48
2a06:de00:7001::/48 maxlen: 48
2a06:de00:7000::/44 maxlen: 48
2a06:de00:7000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cb:7f:5b:83:5f:c2:f6:16:d8:ac:0c:56:fa:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9183f79e1a5db4fe7821b09d1777acc056b7514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7d:22:70:c4:40:54:5c:64:54:ed:30:78:75:
58:9b:41:f1:0a:45:61:c1:11:99:d4:d3:30:48:ef:
71:de:e8:45:1b:35:f2:9f:93:09:3e:73:1b:e5:a6:
25:d2:39:2d:5b:9e:2b:f7:fb:9a:63:15:77:aa:2a:
19:b6:e3:d7:36:14:56:03:2c:80:e9:73:10:53:2c:
88:c0:4d:34:76:fe:51:3d:d5:cf:80:3b:60:32:52:
e2:d5:a1:fc:e9:38:b5:2f:a2:56:d0:dd:87:0a:f8:
5a:fd:c5:38:9d:09:da:20:53:e1:f2:73:77:be:f2:
34:1a:53:21:2c:ed:d9:1f:57:b4:01:a4:c4:59:5c:
e7:47:84:d0:10:50:30:37:a3:1c:0f:13:10:64:c0:
9e:ba:0d:ed:aa:34:3b:f1:f3:b7:ae:3d:da:57:3e:
b3:93:05:77:8d:83:c1:6a:13:e4:46:49:9a:30:5e:
9f:be:91:8a:91:77:7d:db:c9:68:79:f7:ff:e9:91:
73:51:85:ef:93:ca:d0:02:d0:05:db:55:7b:1f:af:
3c:74:3e:25:0d:1d:d3:de:0a:09:d6:12:a1:17:78:
19:66:04:f1:8f:b4:67:24:da:6a:14:64:a5:8d:a9:
2a:5b:92:2b:0a:75:09:8a:b3:fd:42:bf:6e:b4:c8:
d7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:18:3F:79:E1:A5:DB:4F:E7:82:1B:09:D1:77:7A:CC:05:6B:75:14
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-Rg_eeGl20_nghsJ0Xd6zAVrdRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:7000::/44
2a10:2f01:330::/44
Signature Algorithm: sha256WithRSAEncryption
20:f6:b7:5c:ab:fd:27:68:ee:a3:25:4a:5c:74:c1:92:d2:95:
d4:41:8d:30:3f:e7:c5:a0:45:ed:a0:70:b5:01:3b:b7:95:f4:
2a:6a:32:12:03:2d:17:a3:69:8c:bb:84:5d:d5:40:2e:67:97:
0a:f7:76:c1:23:1c:9c:ea:d1:3f:20:5b:ab:18:46:42:e5:12:
b4:e4:75:4b:db:86:4b:6e:9a:e4:9e:74:cb:ca:6c:04:87:79:
3e:ff:ef:39:a8:7f:35:cc:cd:1c:50:6b:7a:c2:55:3a:c8:97:
e8:d9:20:d5:fd:d9:1e:1d:6e:09:ad:fd:bc:6e:a7:1d:71:9a:
fb:12:48:07:4a:a9:e0:1e:91:23:eb:f7:12:ea:22:62:43:80:
48:da:2b:73:71:2b:b7:71:fe:3c:f1:e4:78:7a:1b:19:bc:b6:
18:98:8b:85:9d:60:0b:1c:40:44:d0:b1:bd:27:61:38:dd:5e:
4c:6a:fb:40:e6:d4:ee:eb:8c:6c:63:ad:a8:3a:e4:04:79:29:
ae:8e:c0:01:7a:f3:d9:13:03:37:06:d8:7a:aa:bd:c1:a9:42:
e2:ef:1f:d1:2e:7c:15:7a:74:cf:64:85:ef:65:5a:9b:2f:18:
c9:7f:19:81:d3:0d:13:01:43:fd:b7:29:d7:b2:9d:96:23:b6:
f5:2c:3f:f5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzJvMt/W4NfwvYW2KwMVvogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE4M2Y3OWUxYTVkYjRmZTc4MjFiMDlkMTc3N2FjYzA1NmI3NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX0icMRAVFxkVO0weHVYm0HxCkVh
wRGZ1NMwSO9x3uhFGzXyn5MJPnMb5aYl0jktW54r9/uaYxV3qioZtuPXNhRWAyyA
6XMQUyyIwE00dv5RPdXPgDtgMlLi1aH86Ti1L6JW0N2HCvha/cU4nQnaIFPh8nN3
vvI0GlMhLO3ZH1e0AaTEWVznR4TQEFAwN6McDxMQZMCeug3tqjQ78fO3rj3aVz6z
kwV3jYPBahPkRkmaMF6fvpGKkXd928loeff/6ZFzUYXvk8rQAtAF21V7H688dD4l
DR3T3goJ1hKhF3gZZgTxj7RnJNpqFGSljakqW5IrCnUJirP9Qr9utMjXCQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPkYP3nhpdtP54IbCdF3eswFa3UUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1SZ19lZUdsMjBfbmdoc0owWGQ2ekFWcmRSUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHBCoG3gBw
AAMHBCoQLwEDMDANBgkqhkiG9w0BAQsFAAOCAQEAIPa3XKv9J2juoyVKXHTBktKV
1EGNMD/nxaBF7aBwtQE7t5X0KmoyEgMtF6NpjLuEXdVALmeXCvd2wSMcnOrRPyBb
qxhGQuUStOR1S9uGS26a5J50y8psBId5Pv/vOah/NczNHFBresJVOsiX6Nkg1f3Z
Hh1uCa39vG6nHXGa+xJIB0qp4B6RI+v3EuoiYkOASNorc3Ert3H+PPHkeHobGby2
GJiLhZ1gCxxARNCxvSdhON1eTGr7QObU7uuMbGOtqDrkBHkpro7AAXrz2RMDNwbY
eqq9walC4u8f0S58FXp0z2SF72Vamy8YyX8ZgdMNEwFD/bcp17KdliO29Sw/9Q==
-----END CERTIFICATE-----
Generated at Fri May 3 02:20:37 2024 by rpki-client on console-fra.rpki-client.org