Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-nACr0z15chFGvYJCSedQHH0pMo.roa
File: 1-nACr0z15chFGvYJCSedQHH0pMo.roa (raw, json)
Hash identifier: Ox59Zajk/CuNZ9OScSIyRLNkDVmiOCuwiWqMa4A393A=
Subject key identifier: FA:70:02:AF:4C:F5:E5:C8:45:1A:F6:09:09:27:9D:40:71:F4:A4:CA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCE556D0BFBA19FD7861B7668392E1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-nACr0z15chFGvYJCSedQHH0pMo.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151633
IP address blocks: 2a06:de00:6b::/48 maxlen: 48
2a06:de00:66::/48 maxlen: 48
2a06:de00:61::/48 maxlen: 48
2a06:de00:6c::/48 maxlen: 48
2a06:de00:6f::/48 maxlen: 48
2a06:de00:6a::/48 maxlen: 48
2a06:de00:65::/48 maxlen: 48
2a06:de00:60::/48 maxlen: 48
2a06:de00:63::/48 maxlen: 48
2a06:de00:6e::/48 maxlen: 48
2a06:de00:69::/48 maxlen: 48
2a06:de00:64::/48 maxlen: 48
2a06:de00:67::/48 maxlen: 48
2a06:de00:62::/48 maxlen: 48
2a06:de00:6d::/48 maxlen: 48
2a06:de00:60::/44 maxlen: 48
2a06:de00:68::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e5:56:d0:bf:ba:19:fd:78:61:b7:66:83:92:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa7002af4cf5e5c8451af60909279d4071f4a4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:97:4d:df:16:46:6f:d9:40:e4:a4:1c:c8:00:
78:32:dc:3c:d6:5a:f3:7d:10:a7:b6:e1:2c:54:8d:
1f:7f:cb:cc:72:60:ad:85:9f:6b:c2:67:e4:42:b8:
54:b9:57:74:e2:e4:10:58:f9:b5:5e:55:9f:3b:77:
8b:d8:44:31:3c:d3:e6:54:90:49:e2:e4:e0:c2:29:
cf:f8:28:2a:b7:3d:84:c7:87:ad:e0:ad:b7:fa:98:
0e:1a:d1:2b:c0:3c:75:7d:2c:01:29:3f:d4:6d:7c:
d3:1b:d1:98:02:ba:ca:b1:89:dd:93:f7:cb:89:57:
af:35:21:b2:e1:b3:24:16:61:cf:14:83:58:32:b0:
ef:12:fa:25:45:4c:06:b9:76:7d:70:13:f7:e0:38:
64:60:31:96:fa:93:57:d6:53:ef:d2:1c:67:0b:30:
d7:2c:05:41:3e:82:8e:23:c7:fb:5b:56:65:fe:9c:
5f:e5:d3:be:ab:21:82:87:89:be:68:49:37:b3:9a:
12:21:b1:67:6b:63:96:ce:5c:ac:4c:d6:aa:3d:1a:
cf:0b:77:6b:2b:9d:d1:43:06:3b:25:e9:93:4e:9d:
59:bc:03:92:f9:c3:28:3e:aa:07:d9:bc:2d:02:e2:
b2:46:55:5e:23:c5:42:8f:b6:c0:a9:99:38:bd:90:
fa:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:70:02:AF:4C:F5:E5:C8:45:1A:F6:09:09:27:9D:40:71:F4:A4:CA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-nACr0z15chFGvYJCSedQHH0pMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:60::/44
Signature Algorithm: sha256WithRSAEncryption
4b:49:9a:b4:27:cf:04:4f:00:ce:a6:35:fc:b7:e5:1b:17:38:
9b:cd:da:82:04:51:4e:b9:c0:d9:8a:2e:6d:e7:60:49:e2:ca:
99:5c:e1:77:3c:5a:d9:d1:a4:e4:1f:57:a4:0f:3a:d3:74:20:
5d:54:23:b5:68:c9:41:b5:ec:41:de:75:e9:d9:f1:ec:03:43:
0e:bf:c0:1d:4e:f0:a5:f2:a9:64:16:54:95:72:d6:72:60:99:
22:d5:46:13:6b:32:2b:8c:16:8a:e1:11:09:4c:13:b4:8c:dd:
14:94:84:21:7a:4e:b5:fb:4a:10:a5:69:81:5b:c6:8e:18:bc:
e8:10:3f:fe:12:f0:96:f0:1c:0a:be:03:4d:91:94:ab:67:a8:
fb:0b:22:89:68:65:d1:08:bc:38:22:d5:c6:6f:9b:17:c7:07:
c3:12:0b:85:6e:f6:a8:44:89:ad:82:57:51:cc:3a:49:44:8e:
82:c6:7a:33:a0:94:e4:43:e1:fc:86:84:08:4c:c1:8b:98:7f:
07:8e:e4:b8:04:e7:8d:37:c1:2b:6d:b6:3f:a5:59:95:cc:43:
b2:c2:df:3d:85:a7:2f:e3:4e:1e:92:cb:85:30:e6:65:bf:92:
b8:0a:d6:32:58:65:0d:4d:9a:8d:4f:88:5c:f5:ab:e9:c2:f7:
a4:46:fb:bd
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzJvOVW0L+6Gf14Ybdmg5LhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTcwMDJhZjRjZjVlNWM4NDUxYWY2MDkwOTI3OWQ0MDcxZjRhNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZdN3xZGb9lA5KQcyAB4Mtw81lrz
fRCntuEsVI0ff8vMcmCthZ9rwmfkQrhUuVd04uQQWPm1XlWfO3eL2EQxPNPmVJBJ
4uTgwinP+Cgqtz2Ex4et4K23+pgOGtErwDx1fSwBKT/UbXzTG9GYArrKsYndk/fL
iVevNSGy4bMkFmHPFINYMrDvEvolRUwGuXZ9cBP34DhkYDGW+pNX1lPv0hxnCzDX
LAVBPoKOI8f7W1Zl/pxf5dO+qyGCh4m+aEk3s5oSIbFna2OWzlysTNaqPRrPC3dr
K53RQwY7JemTTp1ZvAOS+cMoPqoH2bwtAuKyRlVeI8VCj7bAqZk4vZD6wQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPpwAq9M9eXIRRr2CQknnUBx9KTKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1uQUNyMHoxNWNoRkd2WUpDU2VkUUhIMHBNby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoG3gAA
YDANBgkqhkiG9w0BAQsFAAOCAQEAS0matCfPBE8AzqY1/LflGxc4m83aggRRTrnA
2YoubedgSeLKmVzhdzxa2dGk5B9XpA8603QgXVQjtWjJQbXsQd516dnx7ANDDr/A
HU7wpfKpZBZUlXLWcmCZItVGE2syK4wWiuERCUwTtIzdFJSEIXpOtftKEKVpgVvG
jhi86BA//hLwlvAcCr4DTZGUq2eo+wsiiWhl0Qi8OCLVxm+bF8cHwxILhW72qESJ
rYJXUcw6SUSOgsZ6M6CU5EPh/IaECEzBi5h/B47kuATnjTfBK222P6VZlcxDssLf
PYWnL+NOHpLLhTDmZb+SuArWMlhlDU2ajU+IXPWr6cL3pEb7vQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:29 2024 by rpki-client on console-fra.rpki-client.org