Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1PNNooQunH6a2cWtB7lTudrbOlk.roa
File: 1PNNooQunH6a2cWtB7lTudrbOlk.roa (raw, json)
Hash identifier: MOVL7+h45KosZ+3fEucjAoqN2/UJPA0d/60FCz4nIQs=
Subject key identifier: D4:F3:4D:A2:84:2E:9C:7E:9A:D9:C5:AD:07:B9:53:B9:DA:DB:3A:59
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD1D8DA3F5D943DB1367E7FE32A16B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1PNNooQunH6a2cWtB7lTudrbOlk.roa
Signing time: Tue 02 Jan 2024 10:34:23 +0000
ROA not before: Tue 02 Jan 2024 10:34:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209460
IP address blocks: 2a0e:b107:19a1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 09:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:1d:8d:a3:f5:d9:43:db:13:67:e7:fe:32:a1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4f34da2842e9c7e9ad9c5ad07b953b9dadb3a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5f:e2:89:85:a5:72:8c:4e:5d:3e:58:43:c7:
01:12:6c:4e:6d:61:da:22:9f:da:bd:cf:f5:cc:f8:
28:8e:d8:61:c8:d3:d8:ea:b7:eb:f0:73:b9:d6:7c:
c8:be:36:fb:90:2c:41:b6:dd:31:8d:89:8d:cf:29:
b4:f4:62:61:c9:33:cc:67:8d:3a:ae:88:f1:bc:a0:
3d:c0:9e:34:f1:bf:b5:5f:b6:a1:e8:b1:24:5a:a0:
19:87:ee:9f:5e:60:72:b4:e0:71:60:69:2a:c6:54:
09:b6:fe:95:1a:46:d3:f4:46:a9:d6:2f:57:8f:21:
8f:9d:bf:9b:9f:f5:51:d4:af:ae:44:b4:87:7b:5e:
fa:ab:8d:16:d4:0f:8a:9d:bf:44:5d:ef:16:4a:da:
8d:68:21:53:ba:99:fc:2a:2c:f5:5a:08:59:da:95:
ba:18:fd:93:1d:ee:38:f1:0e:6d:7f:f2:cd:95:f7:
e6:16:c6:c3:60:78:cc:50:18:12:ce:08:f4:48:bd:
16:63:00:f3:22:2e:55:5e:63:f5:f6:78:7a:20:45:
f7:1e:cc:73:4d:46:87:ed:e6:27:1b:82:89:93:9a:
86:06:32:3d:1a:51:56:6e:1c:48:67:4b:51:a0:5b:
57:74:20:ce:77:66:d1:75:03:bb:5f:87:91:83:2b:
d7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F3:4D:A2:84:2E:9C:7E:9A:D9:C5:AD:07:B9:53:B9:DA:DB:3A:59
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1PNNooQunH6a2cWtB7lTudrbOlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:19a1::/48
Signature Algorithm: sha256WithRSAEncryption
69:b0:b7:d5:e5:c2:ae:a9:f7:7b:d3:cb:63:f6:a1:80:f9:dd:
25:73:50:8c:53:fe:2a:03:3b:40:0a:da:1f:fc:65:da:c3:aa:
ed:7e:e6:85:ce:77:69:81:70:20:84:06:f4:79:3a:47:2a:39:
dc:8e:c5:b0:57:2f:e9:ff:6d:52:2b:5d:9e:44:f9:76:db:41:
73:bc:0b:3f:2c:80:5a:64:c4:51:4b:16:86:05:d4:f7:0f:44:
a9:c2:4d:59:f6:d0:5f:d2:46:c5:f3:8c:7f:4c:98:b9:20:4f:
dc:98:d0:df:5d:36:d8:eb:68:80:f5:e9:66:ca:64:d5:95:d3:
21:65:e5:3f:f6:73:6c:72:7b:8d:2d:b3:38:95:2c:f1:e2:f1:
c3:15:a1:e8:77:f0:57:79:3f:85:d7:35:73:d8:50:8e:23:45:
7c:ee:6f:74:02:0c:cf:0e:50:c1:c2:de:a7:fa:a3:44:3f:b6:
55:b1:a7:97:2a:81:75:b2:2d:fb:5f:c7:56:07:ac:11:e1:08:
85:0a:51:64:17:89:77:d8:24:6a:1b:54:5c:d0:36:58:02:a8:
1f:0d:64:54:d0:67:1f:7e:f8:a8:13:b6:f9:7f:71:37:e6:92:
06:18:50:50:a3:a9:09:07:a6:13:a9:f3:0e:1d:2f:55:4f:48:
d8:b2:e6:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvR2No/XZQ9sTZ+f+MqFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGYzNGRhMjg0MmU5YzdlOWFkOWM1YWQwN2I5NTNiOWRhZGIzYTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1/iiYWlcoxOXT5YQ8cBEmxObWHa
Ip/avc/1zPgojthhyNPY6rfr8HO51nzIvjb7kCxBtt0xjYmNzym09GJhyTPMZ406
rojxvKA9wJ408b+1X7ah6LEkWqAZh+6fXmBytOBxYGkqxlQJtv6VGkbT9Eap1i9X
jyGPnb+bn/VR1K+uRLSHe176q40W1A+Knb9EXe8WStqNaCFTupn8Kiz1WghZ2pW6
GP2THe448Q5tf/LNlffmFsbDYHjMUBgSzgj0SL0WYwDzIi5VXmP19nh6IEX3Hsxz
TUaH7eYnG4KJk5qGBjI9GlFWbhxIZ0tRoFtXdCDOd2bRdQO7X4eRgyvXXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNTzTaKELpx+mtnFrQe5U7na2zpZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMVBOTm9vUXVuSDZhMmNXdEI3bFR1ZHJiT2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxmh
MA0GCSqGSIb3DQEBCwUAA4IBAQBpsLfV5cKuqfd708tj9qGA+d0lc1CMU/4qAztA
Ctof/GXaw6rtfuaFzndpgXAghAb0eTpHKjncjsWwVy/p/21SK12eRPl220FzvAs/
LIBaZMRRSxaGBdT3D0Spwk1Z9tBf0kbF84x/TJi5IE/cmNDfXTbY62iA9elmymTV
ldMhZeU/9nNscnuNLbM4lSzx4vHDFaHod/BXeT+F1zVz2FCOI0V87m90AgzPDlDB
wt6n+qNEP7ZVsaeXKoF1si37X8dWB6wR4QiFClFkF4l32CRqG1Rc0DZYAqgfDWRU
0GcffvioE7b5f3E35pIGGFBQo6kJB6YTqfMOHS9VT0jYsuYD
-----END CERTIFICATE-----
Generated at Fri May 3 13:17:50 2024 by rpki-client on console-ams.rpki-client.org