Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-bkXQZ8Rc2dJn02eJn4OaY1etM8.roa
File: 1-bkXQZ8Rc2dJn02eJn4OaY1etM8.roa (raw, json)
Hash identifier: gzx61cSzww0WE1D+t/pFaIJCAY4ubY/xHZ2sJjq+lQY=
Subject key identifier: F9:B9:17:41:9F:11:73:67:49:9F:4D:9E:26:7E:0E:69:8D:5E:B4:CF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252286E1CB122578BE1660B6993345C6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-bkXQZ8Rc2dJn02eJn4OaY1etM8.roa
Signing time: Thu 02 Jan 2025 03:50:07 +0000
ROA not before: Thu 02 Jan 2025 03:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215296
IP address blocks: 2a10:ccc0:140::/44 maxlen: 48
2a10:ccc0:140::/48 maxlen: 48
2a10:ccc0:141::/48 maxlen: 48
2a10:ccc0:142::/48 maxlen: 48
2a10:ccc0:14a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:86:e1:cb:12:25:78:be:16:60:b6:99:33:45:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9b917419f117367499f4d9e267e0e698d5eb4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:1d:af:cd:0d:9f:ea:ec:55:98:8b:bf:be:
ac:c1:bd:75:c8:f8:f4:d2:0c:98:65:f5:7f:d2:8e:
51:d5:54:a6:40:80:a8:b5:56:4c:3d:dd:f0:ca:d3:
9d:a5:66:6d:3b:55:4f:a4:51:07:77:f4:ed:7f:1d:
00:2b:ce:a1:d4:15:99:d9:19:0a:d4:32:fe:2c:07:
bd:00:88:32:59:53:ca:f7:04:2b:46:fe:4e:bd:3e:
bd:87:6a:e7:88:7a:a5:b9:e0:58:ad:82:3c:6b:85:
9e:c0:3c:07:f6:2f:4a:85:a1:9d:f4:31:59:46:6c:
52:da:0b:ba:34:df:bb:05:20:46:ff:59:08:25:7d:
11:46:97:7e:e4:22:66:8f:1e:7b:e0:19:28:5c:63:
99:14:da:bc:9d:0c:c4:a1:a2:12:f6:2b:e7:ec:46:
26:32:53:13:ec:d3:71:47:c5:b5:23:87:3c:e0:ed:
e0:ec:13:f8:e5:14:3a:8c:07:be:c9:97:71:da:af:
c4:0c:e4:55:d5:38:ea:af:c6:19:a5:58:e5:c6:53:
e4:7c:49:6c:96:6b:11:f7:a6:4a:e1:58:6f:ab:87:
67:71:8e:dc:c5:a7:3a:b5:16:6c:46:ef:a7:d9:1e:
27:90:0c:90:5b:a1:4d:b6:fa:09:0a:77:73:1f:1e:
f9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B9:17:41:9F:11:73:67:49:9F:4D:9E:26:7E:0E:69:8D:5E:B4:CF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-bkXQZ8Rc2dJn02eJn4OaY1etM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc0:140::/44
Signature Algorithm: sha256WithRSAEncryption
58:ec:0c:9b:37:ff:3c:a7:7d:d6:1f:10:d3:fd:9d:a0:03:66:
82:aa:13:67:11:b6:af:03:b6:f2:af:31:3d:73:28:4c:9f:58:
67:ab:47:bd:09:f4:ba:ed:15:2a:db:23:1c:9f:96:d6:26:e1:
6c:c4:b3:f7:cd:8f:14:29:77:f0:e4:be:ba:6b:ad:fe:93:9e:
19:e6:3f:b6:75:0b:b2:53:1d:be:b7:69:aa:b5:4d:61:89:d6:
e8:ed:a7:bb:8c:3c:b7:88:14:f6:6e:14:65:78:43:4a:3b:96:
26:44:f1:3c:3e:df:3b:d3:22:7a:7f:06:3a:77:9d:cd:39:bf:
f7:eb:91:25:63:8c:4f:46:0c:ae:dc:84:01:da:d6:7a:63:a9:
3a:42:6e:ba:53:bf:08:6c:1b:15:79:da:89:0b:d4:36:5c:d8:
40:e6:32:f2:e0:80:15:79:fb:b4:2b:bf:c8:e8:6d:37:28:36:
8e:84:8c:9a:66:0e:40:1c:4a:2f:17:37:06:1c:5e:26:ee:26:
57:ec:89:c6:f6:58:13:7f:54:0b:03:46:bc:67:5a:65:73:38:
3a:00:8c:5f:a1:55:d8:c6:1c:6b:65:3d:cb:61:93:fa:c3:b6:
e7:86:ab:97:a7:6e:66:bf:60:04:cb:02:73:f8:76:42:fb:ff:
ce:e4:a7:f1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQlIobhyxIleL4WYLaZM0XGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI5MTc0MTlmMTE3MzY3NDk5ZjRkOWUyNjdlMGU2OThkNWViNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjYdr80Nn+rsVZiLv76swb11yPj0
0gyYZfV/0o5R1VSmQICotVZMPd3wytOdpWZtO1VPpFEHd/Ttfx0AK86h1BWZ2RkK
1DL+LAe9AIgyWVPK9wQrRv5OvT69h2rniHqlueBYrYI8a4WewDwH9i9KhaGd9DFZ
RmxS2gu6NN+7BSBG/1kIJX0RRpd+5CJmjx574BkoXGOZFNq8nQzEoaIS9ivn7EYm
MlMT7NNxR8W1I4c84O3g7BP45RQ6jAe+yZdx2q/EDORV1Tjqr8YZpVjlxlPkfEls
lmsR96ZK4Vhvq4dncY7cxac6tRZsRu+n2R4nkAyQW6FNtvoJCndzHx75wQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPm5F0GfEXNnSZ9NniZ+DmmNXrTPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1ia1hRWjhSYzJkSm4wMmVKbjRPYVkxZXRNOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoQzMAB
QDANBgkqhkiG9w0BAQsFAAOCAQEAWOwMmzf/PKd91h8Q0/2doANmgqoTZxG2rwO2
8q8xPXMoTJ9YZ6tHvQn0uu0VKtsjHJ+W1ibhbMSz982PFCl38OS+umut/pOeGeY/
tnULslMdvrdpqrVNYYnW6O2nu4w8t4gU9m4UZXhDSjuWJkTxPD7fO9Mien8GOned
zTm/9+uRJWOMT0YMrtyEAdrWemOpOkJuulO/CGwbFXnaiQvUNlzYQOYy8uCAFXn7
tCu/yOhtNyg2joSMmmYOQBxKLxc3BhxeJu4mV+yJxvZYE39UCwNGvGdaZXM4OgCM
X6FV2MYca2U9y2GT+sO254arl6duZr9gBMsCc/h2Qvv/zuSn8Q==
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:57:56 2025 by rpki-client