Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1mnZWygqMii-7zu6muibDjATos4.roa
File: 1mnZWygqMii-7zu6muibDjATos4.roa (raw, json)
Hash identifier: ProitvUp1jQZgKqmRLI2rDwMgn+Jmwj2ulSn44P8XmQ=
Subject key identifier: D6:69:D9:5B:28:2A:32:28:BE:EF:3B:BA:9A:E8:9B:0E:30:13:A2:CE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD06C3BEB02DCE47BE31A4551EDF7D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1mnZWygqMii-7zu6muibDjATos4.roa
Signing time: Tue 02 Jan 2024 10:34:17 +0000
ROA not before: Tue 02 Jan 2024 10:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203943
IP address blocks: 2a0e:b107:5a2::/48 maxlen: 48
2a0e:b107:5a1::/48 maxlen: 48
2a0e:b107:5a3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:06:c3:be:b0:2d:ce:47:be:31:a4:55:1e:df:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d669d95b282a3228beef3bba9ae89b0e3013a2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:89:cd:1a:01:80:d7:99:cf:54:83:c9:ff:e6:
dd:95:15:3a:d3:46:41:5b:4d:da:e5:af:3e:0a:28:
55:c0:70:53:92:3d:ad:22:8e:fd:23:a6:4e:dd:61:
14:10:49:82:f3:44:14:71:49:ea:ea:d0:41:30:7b:
bd:c4:61:d9:ff:46:e8:c6:23:19:1d:00:36:83:ad:
41:df:83:e7:c0:8b:24:d2:04:34:31:f9:9d:80:9f:
19:8f:40:6e:95:b3:a1:bd:72:5d:6a:5d:a8:53:dc:
84:ce:d7:41:db:70:9f:de:04:97:81:9d:37:36:e8:
bb:2c:07:63:fa:3d:61:5f:d8:13:86:e2:53:3e:f6:
49:84:93:25:1a:47:d8:ba:17:a2:47:69:f0:b3:77:
31:3e:25:18:59:ba:ff:fb:e9:4f:d6:1a:9a:fc:8a:
2c:ca:df:a9:10:02:5b:68:10:71:af:4b:e6:9f:2a:
fe:31:4b:8a:bf:cc:88:a1:af:bb:b2:fc:b4:fa:34:
14:ad:4f:a0:21:b8:38:ad:02:f7:a1:65:05:94:6f:
81:9e:8e:97:d8:2c:2c:fa:ae:6f:44:14:a5:76:84:
8b:cc:ea:7d:15:f0:11:87:14:46:95:4b:0f:dd:a6:
b1:ff:07:00:f9:b6:d5:2f:b3:36:3a:cd:81:6a:11:
e1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:69:D9:5B:28:2A:32:28:BE:EF:3B:BA:9A:E8:9B:0E:30:13:A2:CE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1mnZWygqMii-7zu6muibDjATos4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5a1::-2a0e:b107:5a3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:85:33:26:33:a8:75:f0:ad:27:06:ff:58:82:0f:2f:6b:79:
95:80:3f:ff:bb:da:18:62:dc:e3:08:89:b3:45:e8:60:47:97:
ff:06:c4:21:a0:52:ea:68:79:d1:e5:d6:61:4f:c2:ac:0b:9b:
64:b7:01:4e:bc:a2:92:29:89:eb:48:9b:a4:5f:4c:01:ef:90:
f9:28:f3:cf:4d:b5:be:a9:1a:9e:66:b4:e3:d0:14:50:5c:f7:
7e:8c:6a:19:8e:ca:ea:58:33:7c:90:b9:9f:23:49:35:49:a4:
a5:0c:84:b3:33:7f:24:97:d5:79:b7:82:f1:dc:e4:6a:f2:11:
0c:c4:7b:8a:75:ae:72:40:7c:7f:fe:3e:1f:53:12:d1:fd:29:
1d:2e:e9:43:9a:50:65:9b:07:3d:ae:6a:e1:eb:59:9c:44:5d:
91:e5:07:34:8a:15:76:b8:d4:b3:8b:22:44:9d:cb:38:5a:5e:
36:dd:31:63:aa:dd:92:e6:b7:ab:14:fb:6b:a2:1f:30:07:a8:
cd:4d:ec:44:4c:49:78:96:83:cc:43:0c:bc:36:20:ef:b9:cc:
58:6b:d3:09:b9:3e:5b:cc:11:3c:c1:4f:ad:c9:0e:cc:cf:a5:
76:11:24:72:b7:19:6e:3f:fb:45:a1:6e:6b:71:98:ea:38:5c:
c6:72:89:fa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJvQbDvrAtzke+MaRVHt99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjY5ZDk1YjI4MmEzMjI4YmVlZjNiYmE5YWU4OWIwZTMwMTNhMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmInNGgGA15nPVIPJ/+bdlRU600ZB
W03a5a8+CihVwHBTkj2tIo79I6ZO3WEUEEmC80QUcUnq6tBBMHu9xGHZ/0boxiMZ
HQA2g61B34PnwIsk0gQ0MfmdgJ8Zj0BulbOhvXJdal2oU9yEztdB23Cf3gSXgZ03
Nui7LAdj+j1hX9gThuJTPvZJhJMlGkfYuheiR2nws3cxPiUYWbr/++lP1hqa/Ios
yt+pEAJbaBBxr0vmnyr+MUuKv8yIoa+7svy0+jQUrU+gIbg4rQL3oWUFlG+Bno6X
2Cws+q5vRBSldoSLzOp9FfARhxRGlUsP3aax/wcA+bbVL7M2Os2BahHhhwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNZp2VsoKjIovu87upromw4wE6LOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMW1uWld5Z3FNaWktN3p1Nm11aWJEakFUb3M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqDrEH
BaEDBwIqDrEHBaAwDQYJKoZIhvcNAQELBQADggEBAGOFMyYzqHXwrScG/1iCDy9r
eZWAP/+72hhi3OMIibNF6GBHl/8GxCGgUupoedHl1mFPwqwLm2S3AU68opIpietI
m6RfTAHvkPko889Ntb6pGp5mtOPQFFBc936MahmOyupYM3yQuZ8jSTVJpKUMhLMz
fySX1Xm3gvHc5GryEQzEe4p1rnJAfH/+Ph9TEtH9KR0u6UOaUGWbBz2uauHrWZxE
XZHlBzSKFXa41LOLIkSdyzhaXjbdMWOq3ZLmt6sU+2uiHzAHqM1N7ERMSXiWg8xD
DLw2IO+5zFhr0wm5PlvMETzBT63JDszPpXYRJHK3GW4/+0WhbmtxmOo4XMZyifo=
-----END CERTIFICATE-----
Generated at Fri May 3 06:34:58 2024 by rpki-client on console-ams.rpki-client.org