Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1ujG7K-LC6oonEWRO56lAgG1cqM.roa
File: 1ujG7K-LC6oonEWRO56lAgG1cqM.roa (raw, json)
Hash identifier: GdWAiCF7ue67eWIMsOs/nxeQdXbC61h31CJfjkIkbUs=
Subject key identifier: D6:E8:C6:EC:AF:8B:0B:AA:28:9C:45:91:3B:9E:A5:02:01:B5:72:A3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DBDF4A23A25F5F2C4622D58CAF2377F04
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1ujG7K-LC6oonEWRO56lAgG1cqM.roa
Signing time: Sun 18 Feb 2024 20:42:22 +0000
ROA not before: Sun 18 Feb 2024 20:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31898
IP address blocks: 2a0e:97c0:aba::/48 maxlen: 48
2a0e:b107:19::/48 maxlen: 48
2a0e:b107:360::/48 maxlen: 48
2a0e:b107:361::/48 maxlen: 48
2a0e:b107:362::/48 maxlen: 48
2a0e:b107:363::/48 maxlen: 48
2a0e:b107:364::/48 maxlen: 48
2a0e:b107:365::/48 maxlen: 48
2a0e:b107:367::/48 maxlen: 48
2a0e:b107:f50::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bd:f4:a2:3a:25:f5:f2:c4:62:2d:58:ca:f2:37:7f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 18 20:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6e8c6ecaf8b0baa289c45913b9ea50201b572a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:db:3e:30:d7:95:d8:fc:57:1e:a4:04:2e:
db:51:6d:cf:38:88:64:66:89:86:37:e4:b5:d4:9d:
26:3c:0e:8d:ee:e3:5c:6d:5c:a8:e7:73:38:0e:bf:
55:fa:eb:2d:47:38:3e:23:d4:e2:a3:08:fb:ad:3c:
7c:57:f1:08:bc:70:0a:57:d1:94:c6:6a:19:12:fc:
59:51:2a:2d:7e:7f:60:54:95:ef:e1:ce:15:23:0a:
14:25:f7:21:b9:c9:01:45:27:5d:c9:cb:89:12:98:
cb:06:f7:9d:f1:24:f9:8c:fc:1f:36:0d:fd:3e:90:
e4:47:54:a4:e8:45:ff:70:3b:13:01:d7:d3:ad:b5:
e4:a9:56:ed:71:2b:97:07:40:ed:cf:b8:a4:7e:4e:
14:a7:dd:d2:b9:74:63:9d:4e:17:9b:e6:1c:00:b7:
90:b1:56:d5:9f:36:10:52:6b:48:c8:6b:5b:8c:e6:
86:bf:a4:32:bf:bf:cc:13:f5:d3:d1:d6:81:fc:77:
8d:b6:23:7b:93:d7:92:54:24:48:21:44:60:7e:53:
7c:e1:f6:67:b2:b3:e3:43:1f:9a:17:28:e4:c8:4b:
7f:b0:d5:94:c8:11:51:c0:ec:76:fc:27:5d:4a:a1:
d9:a8:8e:99:64:d1:af:c4:b6:c5:d9:6c:c3:43:05:
e8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E8:C6:EC:AF:8B:0B:AA:28:9C:45:91:3B:9E:A5:02:01:B5:72:A3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1ujG7K-LC6oonEWRO56lAgG1cqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:aba::/48
2a0e:b107:19::/48
2a0e:b107:360::-2a0e:b107:365:ffff:ffff:ffff:ffff:ffff
2a0e:b107:367::/48
2a0e:b107:f50::/44
Signature Algorithm: sha256WithRSAEncryption
6e:98:6b:1b:61:66:8d:50:da:4d:75:17:f9:a6:41:3c:75:cf:
68:58:fa:f9:69:8c:1f:11:1b:c3:a8:a4:c0:0c:f1:48:29:bf:
23:3f:91:0f:b2:4b:7a:0b:c9:dc:0a:a7:25:c8:b6:ea:ad:48:
28:c8:8b:31:9b:b4:aa:82:2b:07:95:1e:d9:a4:b5:82:62:f3:
7f:f9:48:6f:a5:46:1e:f1:92:fb:ff:20:65:a1:4b:4c:69:26:
8c:2b:e9:f1:1c:9e:68:e9:29:7a:40:91:24:d7:34:6c:7e:c2:
fb:43:70:b4:1d:15:fa:b7:f1:0a:a4:1b:36:4e:44:e5:d2:39:
7f:4b:e5:51:69:e8:ed:65:0a:f6:45:9c:20:08:ef:7f:08:51:
62:52:c7:09:16:89:a7:a6:bc:b4:d5:39:06:97:b9:f0:bb:f3:
12:33:bf:3b:b5:8e:53:23:ba:26:d5:ac:0f:94:96:4d:be:df:
8e:71:3e:20:8e:39:a9:10:1f:c1:e7:b4:d5:fd:3f:fd:72:7c:
a7:7f:f1:96:3e:5d:2b:5b:5d:c2:e0:28:53:6d:00:ba:56:88:
10:2b:a4:b8:9b:ca:d4:21:96:61:e6:d4:dc:14:2f:6c:3d:31:
26:9a:f7:83:b1:fe:6d:dc:54:8f:67:6f:5f:35:32:65:5f:22:
a2:bf:fb:14
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY299KI6JfXyxGItWMryN38EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjE4MjA0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU4YzZlY2FmOGIwYmFhMjg5YzQ1OTEzYjllYTUwMjAxYjU3MmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApePbPjDXldj8Vx6kBC7bUW3POIhk
ZomGN+S11J0mPA6N7uNcbVyo53M4Dr9V+ustRzg+I9Tiowj7rTx8V/EIvHAKV9GU
xmoZEvxZUSotfn9gVJXv4c4VIwoUJfchuckBRSddycuJEpjLBved8ST5jPwfNg39
PpDkR1Sk6EX/cDsTAdfTrbXkqVbtcSuXB0Dtz7ikfk4Up93SuXRjnU4Xm+YcALeQ
sVbVnzYQUmtIyGtbjOaGv6Qyv7/ME/XT0daB/HeNtiN7k9eSVCRIIURgflN84fZn
srPjQx+aFyjkyEt/sNWUyBFRwOx2/CddSqHZqI6ZZNGvxLbF2WzDQwXoOQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNboxuyviwuqKJxFkTuepQIBtXKjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMXVqRzdLLUxDNm9vbkVXUk81NmxBZ0cxY3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcAKg6XwAq6
AwcAKg6xBwAZMBIDBwUqDrEHA2ADBwEqDrEHA2QDBwAqDrEHA2cDBwQqDrEHD1Aw
DQYJKoZIhvcNAQELBQADggEBAG6YaxthZo1Q2k11F/mmQTx1z2hY+vlpjB8RG8Oo
pMAM8UgpvyM/kQ+yS3oLydwKpyXItuqtSCjIizGbtKqCKweVHtmktYJi83/5SG+l
Rh7xkvv/IGWhS0xpJowr6fEcnmjpKXpAkSTXNGx+wvtDcLQdFfq38QqkGzZOROXS
OX9L5VFp6O1lCvZFnCAI738IUWJSxwkWiaemvLTVOQaXufC78xIzvzu1jlMjuibV
rA+Ulk2+345xPiCOOakQH8HntNX9P/1yfKd/8ZY+XStbXcLgKFNtALpWiBArpLib
ytQhlmHm1NwUL2w9MSaa94Ox/m3cVI9nb181MmVfIqK/+xQ=
-----END CERTIFICATE-----
Generated at Fri Apr 26 04:21:04 2024 by rpki-client on console-ams.rpki-client.org