Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1NKP_TLfUS9c-PMyP2di_qELRV0.roa
File: 1NKP_TLfUS9c-PMyP2di_qELRV0.roa (raw, json)
Hash identifier: Seo3np79siJz9GcEE1s7fnP98Ni9dbCz4BlSFMYFMoQ=
Subject key identifier: D4:D2:8F:FD:32:DF:51:2F:5C:F8:F3:32:3F:67:62:FE:A1:0B:45:5D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521C5731B9EE16A87CB891D7A8984BA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1NKP_TLfUS9c-PMyP2di_qELRV0.roa
Signing time: Thu 02 Jan 2025 03:49:17 +0000
ROA not before: Thu 02 Jan 2025 03:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c5:73:1b:9e:e1:6a:87:cb:89:1d:7a:89:84:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4d28ffd32df512f5cf8f3323f6762fea10b455d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:65:f8:ed:21:24:46:d1:28:59:f9:06:84:5a:
25:5a:0a:6f:0b:01:01:26:60:87:24:57:cc:01:e4:
e3:48:94:3d:04:38:3e:87:33:53:74:23:57:df:92:
98:9a:71:0f:2c:f5:65:ed:1c:b3:36:7b:9b:5e:96:
bc:7f:ef:ae:53:b2:1f:ea:d6:5f:67:39:8f:9c:1e:
3c:18:45:41:44:53:52:2f:91:85:f1:af:cc:9d:6c:
0d:ac:80:47:5c:58:b9:57:cc:57:ef:a4:94:48:66:
76:50:6f:15:1a:d2:65:d3:29:12:02:69:e4:bb:02:
cc:c5:07:3f:34:5f:ab:0f:c2:c8:b0:b0:9d:34:38:
de:8c:ad:28:4b:9c:27:00:6a:b4:b1:d5:3c:bd:f8:
3a:97:6c:a1:ca:90:39:ed:68:4c:94:76:47:b8:54:
7e:5e:68:ae:bf:cf:6c:67:91:27:25:8c:d1:12:50:
fc:ab:97:4b:95:05:c9:48:1a:fe:9e:c8:3b:8d:5e:
8d:8d:6b:77:27:f8:96:ab:e2:d5:3b:c0:11:61:df:
29:3f:af:e3:f7:5f:cb:f9:83:c7:51:b4:59:48:2e:
ba:f6:f9:52:ad:d9:88:b6:ea:eb:38:72:4f:46:ac:
77:e7:6a:2b:90:81:8c:08:42:81:13:1d:09:56:21:
f2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D2:8F:FD:32:DF:51:2F:5C:F8:F3:32:3F:67:62:FE:A1:0B:45:5D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1NKP_TLfUS9c-PMyP2di_qELRV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
Signature Algorithm: sha256WithRSAEncryption
95:2c:b0:aa:15:07:b9:c1:6a:bd:be:81:3e:a1:69:6c:91:d6:
b4:3e:81:5a:df:2c:19:bc:b1:3d:9a:4c:f1:a8:c8:ba:89:27:
e7:22:da:82:51:89:ce:65:ae:a0:5a:cf:b2:3a:58:3f:6f:01:
1d:22:07:fa:ed:05:5c:da:9e:19:f0:dd:e0:7d:7f:52:3f:d5:
2e:52:1b:29:5f:24:82:a8:75:8d:78:bb:55:20:27:8f:91:d0:
73:82:2a:03:b1:ef:0d:da:e8:27:dc:a4:68:41:eb:80:f0:37:
b4:a2:96:ca:e7:d7:6e:66:56:ba:21:83:0f:b4:51:b5:19:65:
1f:99:20:4d:a5:cd:7b:00:05:72:bb:34:a5:2d:33:65:04:c0:
ec:28:8f:67:b4:5f:28:42:e0:a1:7e:a4:b1:c3:8d:74:18:db:
d7:0f:4b:0d:db:47:50:a0:da:06:fb:c1:5a:b4:29:d7:ac:64:
1b:27:15:be:7e:8b:a4:6b:0e:d5:04:c6:c3:fd:1d:af:0e:87:
95:bb:1b:cc:63:59:f9:34:6c:00:2c:cd:0d:c0:fc:ef:81:75:
e1:c4:89:8c:20:3c:80:f2:52:a0:e3:7f:1d:1b:ea:34:9f:0b:
f9:d9:38:e4:fc:b1:31:fe:cb:47:99:42:46:06:57:ec:a4:c3:
09:bb:7b:d5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQlIcVzG57haofLiR16iYS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQyOGZmZDMyZGY1MTJmNWNmOGYzMzIzZjY3NjJmZWExMGI0NTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmX47SEkRtEoWfkGhFolWgpvCwEB
JmCHJFfMAeTjSJQ9BDg+hzNTdCNX35KYmnEPLPVl7RyzNnubXpa8f++uU7If6tZf
ZzmPnB48GEVBRFNSL5GF8a/MnWwNrIBHXFi5V8xX76SUSGZ2UG8VGtJl0ykSAmnk
uwLMxQc/NF+rD8LIsLCdNDjejK0oS5wnAGq0sdU8vfg6l2yhypA57WhMlHZHuFR+
Xmiuv89sZ5EnJYzRElD8q5dLlQXJSBr+nsg7jV6NjWt3J/iWq+LVO8ARYd8pP6/j
91/L+YPHUbRZSC669vlSrdmIturrOHJPRqx352orkIGMCEKBEx0JViHyswIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNTSj/0y31EvXPjzMj9nYv6hC0VdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMU5LUF9UTGZVUzljLVBNeVAyZGlfcUVMUlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcAKg6XwAQR
AwcAKg6XwAjgAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQDBwIqDrEHKIAw
DQYJKoZIhvcNAQELBQADggEBAJUssKoVB7nBar2+gT6haWyR1rQ+gVrfLBm8sT2a
TPGoyLqJJ+ci2oJRic5lrqBaz7I6WD9vAR0iB/rtBVzanhnw3eB9f1I/1S5SGylf
JIKodY14u1UgJ4+R0HOCKgOx7w3a6CfcpGhB64DwN7Silsrn125mVrohgw+0UbUZ
ZR+ZIE2lzXsABXK7NKUtM2UEwOwoj2e0XyhC4KF+pLHDjXQY29cPSw3bR1Cg2gb7
wVq0KdesZBsnFb5+i6RrDtUExsP9Ha8Oh5W7G8xjWfk0bAAszQ3A/O+BdeHEiYwg
PIDyUqDjfx0b6jSfC/nZOOT8sTH+y0eZQkYGV+ykwwm7e9U=
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:42:29 2025 by rpki-client