Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/18JpiMO2zBMD4xK3tspqS6Ys2cs.roa
File: 18JpiMO2zBMD4xK3tspqS6Ys2cs.roa (raw, json)
Hash identifier: EbOCCrY/kPFdvCbaRZxQTg0hdnpTSRzwldxzb3dogEg=
Subject key identifier: D7:C2:69:88:C3:B6:CC:13:03:E3:12:B7:B6:CA:6A:4B:A6:2C:D9:CB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD09DB3B1271263E9353C48F021795
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/18JpiMO2zBMD4xK3tspqS6Ys2cs.roa
Signing time: Tue 02 Jan 2024 10:34:18 +0000
ROA not before: Tue 02 Jan 2024 10:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204617
IP address blocks: 2a0e:97c0:b40::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:09:db:3b:12:71:26:3e:93:53:c4:8f:02:17:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7c26988c3b6cc1303e312b7b6ca6a4ba62cd9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ee:42:e0:5b:ab:8b:42:4a:cb:c5:bc:96:c2:
ef:7c:de:73:d0:04:58:20:dc:c4:91:fb:ee:49:fb:
69:8a:d9:0a:85:32:63:00:3f:8a:b5:f8:fa:98:69:
fa:d1:2d:cd:8d:fb:8f:83:1a:5a:f3:f7:0b:8f:b6:
f3:b1:a4:40:21:7a:d0:12:20:e4:80:95:77:3c:8b:
dc:a8:99:ec:54:a9:ae:e8:e6:ce:f3:96:41:43:7a:
8d:3f:e8:c5:ba:87:dc:ba:57:88:11:29:44:31:c3:
e1:88:89:ee:a6:d9:a3:0d:4d:5d:24:ae:3e:a7:76:
85:28:aa:cb:e9:df:df:03:fc:5b:fa:6b:4d:57:b1:
22:98:4c:c1:a3:61:57:e7:9f:6e:34:43:7c:61:c9:
02:07:2c:89:1f:53:10:ce:3b:bd:86:fc:47:a6:b1:
f7:c0:b3:ae:d2:c3:fa:52:42:04:10:dd:00:7b:f4:
79:bc:62:b9:33:57:6f:f4:d5:ba:b4:33:ce:82:ed:
9d:cb:04:c4:80:56:69:97:03:0f:dc:64:fd:ec:a8:
f3:d6:e7:2f:f0:cb:50:58:35:c2:6f:1f:97:1e:76:
b4:9c:b7:f3:43:79:aa:6f:1f:18:76:58:89:61:d5:
29:cc:ca:47:d2:c6:33:fb:14:83:d4:bd:db:2b:33:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C2:69:88:C3:B6:CC:13:03:E3:12:B7:B6:CA:6A:4B:A6:2C:D9:CB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/18JpiMO2zBMD4xK3tspqS6Ys2cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b40::/44
Signature Algorithm: sha256WithRSAEncryption
21:7c:ac:c2:a8:65:9b:3e:3e:5c:51:9d:93:d3:28:4b:a3:22:
50:e1:54:6a:d8:82:4a:2d:87:51:d9:22:30:21:a9:57:83:97:
ca:95:4e:fd:92:b4:48:7c:80:6a:8a:e1:5c:6a:f0:fb:be:b6:
0f:a1:f6:17:32:df:b7:34:71:7a:71:b3:6f:1d:ee:e9:3a:6a:
35:f3:47:91:ed:0a:e5:c0:6f:eb:9a:f1:04:72:0d:33:53:8b:
e2:27:36:0c:78:f7:59:41:22:de:f7:78:60:94:1a:00:96:03:
fe:26:50:de:78:4a:1e:c4:f2:f1:84:89:3f:3e:e2:d3:96:f4:
c3:b5:8e:2b:c3:32:d8:f2:eb:75:5e:62:7f:9b:29:3d:a2:c1:
38:28:0c:77:a0:67:0b:ed:c7:e1:ca:f8:72:c4:18:8c:79:82:
f6:d0:be:ee:71:9a:e3:ef:af:68:b3:38:0c:be:b1:a9:41:e8:
c1:bd:98:93:86:15:ff:bb:c5:d9:ee:85:9c:8f:56:8f:05:60:
35:01:c8:15:fd:e1:7c:1d:f7:62:16:77:f4:1d:3c:96:b4:90:
80:8f:ab:8f:22:da:82:a2:4f:b2:89:f9:5e:c3:5e:52:38:92:
ae:7a:62:7d:2f:55:f3:d7:ea:01:3c:41:f2:1f:24:61:9c:a6:
50:36:01:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvQnbOxJxJj6TU8SPAheVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2MyNjk4OGMzYjZjYzEzMDNlMzEyYjdiNmNhNmE0YmE2MmNkOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO5C4Furi0JKy8W8lsLvfN5z0ARY
INzEkfvuSftpitkKhTJjAD+Ktfj6mGn60S3NjfuPgxpa8/cLj7bzsaRAIXrQEiDk
gJV3PIvcqJnsVKmu6ObO85ZBQ3qNP+jFuofculeIESlEMcPhiInuptmjDU1dJK4+
p3aFKKrL6d/fA/xb+mtNV7EimEzBo2FX559uNEN8YckCByyJH1MQzju9hvxHprH3
wLOu0sP6UkIEEN0Ae/R5vGK5M1dv9NW6tDPOgu2dywTEgFZplwMP3GT97Kjz1ucv
8MtQWDXCbx+XHna0nLfzQ3mqbx8YdliJYdUpzMpH0sYz+xSD1L3bKzPQxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNfCaYjDtswTA+MSt7bKakumLNnLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMThKcGlNTzJ6Qk1ENHhLM3RzcHFTNllzMmNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAtA
MA0GCSqGSIb3DQEBCwUAA4IBAQAhfKzCqGWbPj5cUZ2T0yhLoyJQ4VRq2IJKLYdR
2SIwIalXg5fKlU79krRIfIBqiuFcavD7vrYPofYXMt+3NHF6cbNvHe7pOmo180eR
7QrlwG/rmvEEcg0zU4viJzYMePdZQSLe93hglBoAlgP+JlDeeEoexPLxhIk/PuLT
lvTDtY4rwzLY8ut1XmJ/myk9osE4KAx3oGcL7cfhyvhyxBiMeYL20L7ucZrj769o
szgMvrGpQejBvZiThhX/u8XZ7oWcj1aPBWA1AcgV/eF8HfdiFnf0HTyWtJCAj6uP
ItqCok+yiflew15SOJKuemJ9L1Xz1+oBPEHyHyRhnKZQNgFX
-----END CERTIFICATE-----
Generated at Sun Nov 24 06:51:28 2024 by rpki-client on console-fra.rpki-client.org