Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1nRvJygKxebeDK3hEq_7qIYAuGc.roa
File: 1nRvJygKxebeDK3hEq_7qIYAuGc.roa (raw, json)
Hash identifier: ocww4qWN3nciHlHA5kqH0383MpNFri0Pq5NK0fJftZc=
Subject key identifier: D6:74:6F:27:28:0A:C5:E6:DE:0C:AD:E1:12:AF:FB:A8:86:00:B8:67
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E9036AB2000CAFAC778BFE24A9AD00C63
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1nRvJygKxebeDK3hEq_7qIYAuGc.roa
Signing time: Sat 30 Mar 2024 16:34:45 +0000
ROA not before: Sat 30 Mar 2024 16:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a0e:b107:27d0::/46 maxlen: 48
2a0e:b107:27d4::/46 maxlen: 48
2a0e:b107:27f4::/46 maxlen: 48
2a0e:b107:27f8::/46 maxlen: 48
2a0e:b107:27fc::/46 maxlen: 48
2a0e:b107:2800::/46 maxlen: 48
2a0e:b107:2804::/46 maxlen: 48
2a0e:b107:2810::/46 maxlen: 48
2a0e:b107:2814::/46 maxlen: 48
2a0e:b107:2818::/46 maxlen: 48
2a0e:b107:281c::/46 maxlen: 48
2a0e:b107:2820::/46 maxlen: 48
2a0e:b107:2824::/46 maxlen: 48
2a0e:b107:2828::/46 maxlen: 48
2a0e:b107:282c::/46 maxlen: 48
2a0e:b107:2840::/46 maxlen: 48
2a0e:b107:2844::/46 maxlen: 48
2a0e:b107:2858::/46 maxlen: 48
2a0e:b107:285c::/46 maxlen: 48
2a0e:b107:2860::/46 maxlen: 48
2a0e:b107:2864::/46 maxlen: 48
2a0e:b107:2868::/46 maxlen: 48
2a0e:b107:286c::/46 maxlen: 48
2a0e:b107:2870::/46 maxlen: 48
2a0e:b107:2874::/46 maxlen: 48
2a0e:b107:2878::/46 maxlen: 48
2a0e:b107:287c::/46 maxlen: 48
2a0e:b107:2888::/46 maxlen: 48
2a0e:b107:288c::/46 maxlen: 48
2a0e:b107:2890::/46 maxlen: 48
2a0e:b107:2894::/46 maxlen: 48
2a0e:b107:2898::/46 maxlen: 48
2a0e:b107:289c::/46 maxlen: 48
2a0e:b107:28a0::/46 maxlen: 48
2a0e:b107:28b0::/46 maxlen: 48
2a0e:b107:28b4::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:90:36:ab:20:00:ca:fa:c7:78:bf:e2:4a:9a:d0:0c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 30 16:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6746f27280ac5e6de0cade112affba88600b867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2c:c4:b9:a7:b2:c8:4c:9b:bd:e8:f9:8a:37:
d2:94:cf:f8:c3:43:d7:8c:29:ec:80:79:01:c5:36:
1e:6a:df:66:83:83:27:ca:25:a2:e4:a3:97:95:b6:
cd:6a:9e:78:b4:06:06:e5:c3:9f:a5:84:6b:e3:f1:
98:45:e9:d9:86:bb:3d:b3:4e:39:c8:dc:be:90:1a:
04:ec:29:5f:c2:0e:51:93:40:76:f4:5c:22:8e:12:
a8:8b:16:b9:35:17:bd:85:55:60:18:b0:28:21:55:
ea:1a:fe:85:38:b6:85:48:da:8c:3b:6a:e4:bf:bc:
6d:d2:49:41:6b:a7:ea:f1:bf:c8:f6:db:ee:96:d9:
b6:1f:30:27:72:f3:c0:ca:a6:64:ec:08:b2:68:ca:
33:5f:c0:6a:b9:fb:20:55:22:89:af:68:ae:e7:d8:
2a:83:5b:cb:81:72:e9:86:93:37:9f:25:19:69:f2:
cd:80:92:77:2c:8c:17:4a:b2:39:b8:d9:db:5d:84:
27:98:e6:bd:d5:87:e6:c4:61:64:e2:21:00:bb:13:
b9:0e:42:34:17:7e:68:c2:9f:ce:d3:26:be:21:16:
d0:23:a5:8d:3b:06:bd:83:5e:bb:40:94:0d:37:16:
22:26:32:99:db:cf:95:df:43:9e:97:d4:c0:7a:e8:
ee:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:74:6F:27:28:0A:C5:E6:DE:0C:AD:E1:12:AF:FB:A8:86:00:B8:67
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1nRvJygKxebeDK3hEq_7qIYAuGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27d0::/45
2a0e:b107:27f4::-2a0e:b107:2807:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2810::-2a0e:b107:282f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2840::/45
2a0e:b107:2858::-2a0e:b107:287f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2888::-2a0e:b107:28a3:ffff:ffff:ffff:ffff:ffff
2a0e:b107:28b0::/45
Signature Algorithm: sha256WithRSAEncryption
12:f9:ab:9f:b7:ce:e7:d4:06:bd:c1:b1:d8:70:2f:1a:23:7d:
e3:f6:c5:35:10:ae:a9:1b:fd:53:5f:7d:1c:05:f0:d5:78:c1:
a4:5b:79:d7:a9:01:7f:03:f7:2e:2e:e9:70:db:64:e9:7c:69:
1e:8a:24:2a:07:0b:22:f2:c2:0b:65:23:31:5e:f2:a2:39:5f:
32:2d:40:37:9c:17:d1:44:19:db:38:3d:96:b3:d5:ae:f1:16:
13:c0:14:c9:29:c0:2d:46:62:d6:31:be:b2:d3:46:ba:a2:bd:
2e:91:d5:a6:51:3f:f4:6d:e9:ed:2f:8c:e3:3d:55:c7:23:6b:
03:b1:c1:8c:ce:1f:19:40:f5:39:8f:d9:0f:3d:f3:a4:e9:b4:
45:9d:f5:22:62:67:8b:67:c3:4b:02:d8:c1:cd:90:46:31:1a:
e1:c4:e1:fb:da:78:69:ab:ed:fd:02:54:09:cb:cf:f7:65:f6:
08:2e:9a:87:5f:99:4a:a8:ed:dd:cc:1a:74:8d:4d:13:0e:87:
09:27:30:fb:dc:1e:15:f6:3a:2f:42:a6:73:3c:1a:fc:45:6e:
bc:42:c3:58:26:7a:95:c6:49:b0:73:74:fa:23:2f:d1:ac:3e:
50:d4:05:57:bb:f4:71:ba:de:29:97:ce:a9:d8:49:bb:59:f1:
e6:c9:dd:c6
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAY6QNqsgAMr6x3i/4kqa0AxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzMwMTYzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjc0NmYyNzI4MGFjNWU2ZGUwY2FkZTExMmFmZmJhODg2MDBiODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSzEuaeyyEybvej5ijfSlM/4w0PX
jCnsgHkBxTYeat9mg4MnyiWi5KOXlbbNap54tAYG5cOfpYRr4/GYRenZhrs9s045
yNy+kBoE7Clfwg5Rk0B29FwijhKoixa5NRe9hVVgGLAoIVXqGv6FOLaFSNqMO2rk
v7xt0klBa6fq8b/I9tvultm2HzAncvPAyqZk7AiyaMozX8BqufsgVSKJr2iu59gq
g1vLgXLphpM3nyUZafLNgJJ3LIwXSrI5uNnbXYQnmOa91YfmxGFk4iEAuxO5DkI0
F35owp/O0ya+IRbQI6WNOwa9g167QJQNNxYiJjKZ28+V30Oel9TAeujuIQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFNZ0bycoCsXm3gyt4RKv+6iGALhnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMW5Sdkp5Z0t4ZWJlREszaEVxXzdxSVlBdUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwcQQCAAIwawMHAyoOsQcn
0DASAwcCKg6xByf0AwcDKg6xBygAMBIDBwQqDrEHKBADBwQqDrEHKCADBwMqDrEH
KEAwEgMHAyoOsQcoWAMHByoOsQcoADASAwcDKg6xByiIAwcCKg6xByigAwcDKg6x
ByiwMA0GCSqGSIb3DQEBCwUAA4IBAQAS+auft87n1Aa9wbHYcC8aI33j9sU1EK6p
G/1TX30cBfDVeMGkW3nXqQF/A/cuLulw22TpfGkeiiQqBwsi8sILZSMxXvKiOV8y
LUA3nBfRRBnbOD2Ws9Wu8RYTwBTJKcAtRmLWMb6y00a6or0ukdWmUT/0bentL4zj
PVXHI2sDscGMzh8ZQPU5j9kPPfOk6bRFnfUiYmeLZ8NLAtjBzZBGMRrhxOH72nhp
q+39AlQJy8/3ZfYILpqHX5lKqO3dzBp0jU0TDocJJzD73B4V9jovQqZzPBr8RW68
QsNYJnqVxkmwc3T6Iy/RrD5Q1AVXu/Rxut4pl86p2Em7WfHmyd3G
-----END CERTIFICATE-----
Generated at Fri May 3 03:33:15 2024 by rpki-client on console-ams.rpki-client.org