Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-uIUZr1IduwxAsSek6oBSuBEtfg.roa
File: 1-uIUZr1IduwxAsSek6oBSuBEtfg.roa (raw, json)
Hash identifier: Pwc+poYn3holKDwDBYhyp521QCFzeHMhY0plvpbN9kk=
Subject key identifier: FA:E2:14:66:BD:48:76:EC:31:02:C4:9E:93:AA:01:4A:E0:44:B5:F8
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425226F131E1133373A3F3114BF9FFD4D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-uIUZr1IduwxAsSek6oBSuBEtfg.roa
Signing time: Thu 02 Jan 2025 03:50:01 +0000
ROA not before: Thu 02 Jan 2025 03:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213250
IP address blocks: 2a0e:97c0:3e3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:6f:13:1e:11:33:37:3a:3f:31:14:bf:9f:fd:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fae21466bd4876ec3102c49e93aa014ae044b5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:42:aa:0f:c7:17:8d:a8:db:15:07:14:27:6c:
6f:f0:13:90:b7:6f:3c:f4:82:ee:0d:87:52:ba:61:
8f:53:cb:a0:6e:7d:bd:f6:21:de:83:79:f2:5a:00:
68:b7:fa:b7:8c:96:e9:b0:8a:cc:58:83:79:d9:0e:
80:e1:4b:37:48:37:2e:6f:3a:03:0c:35:2e:65:6a:
4c:c9:85:82:1a:3e:a0:f3:71:3f:9c:79:d1:3d:ac:
9c:6f:0f:d8:20:7e:3c:b6:33:a0:ec:13:8c:0c:34:
1b:7a:3d:f6:39:0c:96:da:28:0b:89:f8:27:dd:8a:
1d:03:f2:ca:ab:7e:b8:c0:4d:32:6a:42:4c:6f:e6:
74:01:69:e2:56:4e:36:65:86:2a:ac:ec:1f:77:9e:
a9:6a:01:82:91:06:e5:05:0f:57:30:6b:b4:68:3c:
9b:e6:6e:4d:08:45:96:26:83:24:8d:75:63:b1:e8:
06:fb:ee:40:ba:9d:4f:d7:6e:23:9c:42:ce:b6:ac:
ac:94:7e:30:d6:a4:52:1e:ee:61:43:3c:f2:40:3c:
44:96:b9:f5:a3:f5:02:87:0e:1e:16:03:0d:d5:5b:
e6:93:74:30:bb:76:67:47:1b:62:9a:4f:60:68:8d:
a1:ff:3a:d9:28:f0:59:84:06:0f:ed:28:02:1c:dc:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E2:14:66:BD:48:76:EC:31:02:C4:9E:93:AA:01:4A:E0:44:B5:F8
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-uIUZr1IduwxAsSek6oBSuBEtfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3e3::/48
Signature Algorithm: sha256WithRSAEncryption
64:62:c0:f6:b5:0d:8e:c1:ea:5c:bc:6a:fd:c5:a7:8f:25:09:
5c:47:89:1a:b7:10:fc:12:54:c0:6b:db:47:c0:66:57:ba:74:
76:3e:06:91:22:97:40:71:37:e0:c8:f0:d5:9a:f2:0a:62:a0:
1a:fa:6a:37:3d:fe:79:8e:4f:96:80:d0:c9:5f:02:7a:a0:33:
75:51:8f:7f:3b:40:c3:fb:29:2f:44:8f:a8:91:87:63:60:45:
f4:5f:74:bf:4c:35:13:44:f0:eb:38:60:95:83:e5:5a:7a:22:
d8:be:f9:b2:ee:32:a4:cd:a5:e6:89:80:c1:c5:c2:45:f5:59:
98:6e:5c:12:9d:09:d7:b3:0e:27:6d:68:4d:97:b6:25:aa:83:
ab:b0:6e:d3:73:b2:bc:16:16:98:38:2e:fc:b4:cb:96:c1:7b:
d2:9b:e3:87:c6:d9:3e:66:e9:44:af:37:cd:2f:52:5c:5f:f2:
d0:a6:6d:5e:e9:68:e8:ef:93:a5:44:68:63:58:3c:a0:80:3b:
66:c4:d9:8c:30:81:04:39:56:73:06:a2:1c:a3:fa:07:83:54:
26:ae:fd:3e:58:8b:68:6f:20:5d:98:7c:68:cb:ec:88:ea:65:
93:46:e2:38:c6:d2:71:31:b8:dc:fb:49:c2:8a:8b:a5:dc:f9:
82:9b:25:9a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQlIm8THhEzNzo/MRS/n/1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWUyMTQ2NmJkNDg3NmVjMzEwMmM0OWU5M2FhMDE0YWUwNDRiNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEKqD8cXjajbFQcUJ2xv8BOQt288
9ILuDYdSumGPU8ugbn299iHeg3nyWgBot/q3jJbpsIrMWIN52Q6A4Us3SDcubzoD
DDUuZWpMyYWCGj6g83E/nHnRPaycbw/YIH48tjOg7BOMDDQbej32OQyW2igLifgn
3YodA/LKq364wE0yakJMb+Z0AWniVk42ZYYqrOwfd56pagGCkQblBQ9XMGu0aDyb
5m5NCEWWJoMkjXVjsegG++5Aup1P124jnELOtqyslH4w1qRSHu5hQzzyQDxElrn1
o/UChw4eFgMN1Vvmk3Qwu3ZnRxtimk9gaI2h/zrZKPBZhAYP7SgCHNws4wIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPriFGa9SHbsMQLEnpOqAUrgRLX4MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS11SVVacjFJZHV3eEFzU2VrNm9CU3VCRXRmZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoOl8AD
4zANBgkqhkiG9w0BAQsFAAOCAQEAZGLA9rUNjsHqXLxq/cWnjyUJXEeJGrcQ/BJU
wGvbR8BmV7p0dj4GkSKXQHE34Mjw1ZryCmKgGvpqNz3+eY5PloDQyV8CeqAzdVGP
fztAw/spL0SPqJGHY2BF9F90v0w1E0Tw6zhglYPlWnoi2L75su4ypM2l5omAwcXC
RfVZmG5cEp0J17MOJ21oTZe2JaqDq7Bu03OyvBYWmDgu/LTLlsF70pvjh8bZPmbp
RK83zS9SXF/y0KZtXulo6O+TpURoY1g8oIA7ZsTZjDCBBDlWcwaiHKP6B4NUJq79
PliLaG8gXZh8aMvsiOplk0biOMbScTG43PtJwoqLpdz5gpslmg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:51:17 2025 by rpki-client