Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3DY4wvAIWQUCTobdqcctSBDMgNE.roa
File: 3DY4wvAIWQUCTobdqcctSBDMgNE.roa (raw, json)
Hash identifier: /ys2HJsxNJQaPVzq3lP4Vcm/xWJlLvzwYOGbNhYGRVs=
Subject key identifier: DC:36:38:C2:F0:08:59:05:02:4E:86:DD:A9:C7:2D:48:10:CC:80:D1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521C4783259B5F02F00AE0178879B7C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3DY4wvAIWQUCTobdqcctSBDMgNE.roa
Signing time: Thu 02 Jan 2025 03:49:17 +0000
ROA not before: Thu 02 Jan 2025 03:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13852
IP address blocks: 2a06:de03:3690::/44 maxlen: 48
2a06:de03:3690::/48 maxlen: 48
2a06:de03:3692::/48 maxlen: 48
2a06:de03:3693::/48 maxlen: 48
2a06:de03:3694::/48 maxlen: 48
2a06:de03:3695::/48 maxlen: 48
2a06:de03:3696::/48 maxlen: 48
2a06:de03:3697::/48 maxlen: 48
2a06:de03:3698::/48 maxlen: 48
2a06:de03:3699::/48 maxlen: 48
2a06:de03:369a::/48 maxlen: 48
2a06:de03:369b::/48 maxlen: 48
2a06:de03:369c::/48 maxlen: 48
2a06:de03:369d::/48 maxlen: 48
2a06:de03:369e::/48 maxlen: 48
2a06:de03:369f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c4:78:32:59:b5:f0:2f:00:ae:01:78:87:9b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc3638c2f0085905024e86dda9c72d4810cc80d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:af:e9:04:29:4f:80:79:1c:15:47:ef:bb:3a:
70:45:1b:b1:73:41:83:5f:8f:76:ac:41:3c:21:20:
be:1f:33:07:d0:89:ed:a9:d5:b6:3e:c0:1b:a1:4d:
c0:3e:31:9e:24:87:fb:26:c0:61:7e:98:a7:d0:be:
7b:3e:ea:ae:97:de:3c:5d:5f:a3:f9:39:1b:cb:c7:
6f:00:53:df:8a:8f:2b:0f:f4:06:9c:a5:74:9a:ea:
53:da:63:db:7f:e5:42:94:ba:5b:32:08:1b:5b:c3:
15:f0:f2:5a:a3:21:cc:89:d8:58:ca:7a:7f:68:a2:
63:81:82:28:8c:06:94:17:e8:37:ff:a2:cb:91:ca:
e2:94:89:f7:26:f6:0c:e8:e4:7c:b7:b0:c2:40:aa:
b2:61:9a:a2:a4:fc:e2:17:a3:4f:30:49:4f:66:97:
1c:6b:7b:fc:2e:25:da:65:96:30:12:57:46:09:53:
21:c2:28:96:4a:46:af:65:07:15:36:84:14:c9:01:
88:79:b3:30:d8:4d:a2:27:a4:a3:0e:61:73:a9:39:
67:62:ac:d6:c1:c2:c2:bb:e7:5c:bf:1a:8e:85:ce:
9d:2a:6f:2b:82:32:b2:50:92:3e:a7:1f:d4:e5:e5:
98:c4:74:40:25:4b:05:19:12:21:76:cb:96:a2:a3:
2e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:36:38:C2:F0:08:59:05:02:4E:86:DD:A9:C7:2D:48:10:CC:80:D1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3DY4wvAIWQUCTobdqcctSBDMgNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de03:3690::/44
Signature Algorithm: sha256WithRSAEncryption
97:00:70:e2:cb:b3:ad:36:82:24:c1:1a:f5:79:fa:d5:ce:ff:
eb:52:71:4c:3b:64:d5:58:9f:51:5e:85:ba:c0:69:9e:4c:3e:
eb:e1:8d:e6:a9:7b:af:ae:d8:5b:d1:2d:1b:aa:d1:07:1f:a6:
e9:13:c3:ab:f8:e7:d9:63:ef:96:40:fc:8f:6f:5c:a5:32:c6:
e4:7c:74:c9:73:76:08:a6:e0:34:c7:d6:a4:49:9e:9f:7d:2a:
8e:d1:6f:64:75:10:ea:e1:e5:2f:f3:9e:db:a0:85:f8:48:ac:
85:bf:6a:c6:b8:c0:15:51:2d:4f:d3:d5:ff:b8:9b:9c:d7:4a:
90:a0:aa:74:db:9a:c4:8b:72:07:59:74:a3:bc:44:bc:bc:5f:
fc:4b:89:6a:fc:c5:cc:f9:1a:c9:4a:ff:89:44:f5:c9:e4:c0:
da:57:28:62:7c:3e:ae:6f:92:1e:5b:86:1b:d3:e7:c4:bf:a1:
55:25:4f:02:39:0f:13:54:d6:ba:95:0f:2a:4d:9f:88:b2:32:
13:2a:83:27:6c:dd:5d:19:ea:89:73:d3:5a:1f:ef:79:51:43:
d1:c7:69:71:9e:38:44:ae:d6:4a:05:c4:e5:96:49:20:1a:4a:
35:f4:fd:3c:ca:58:83:e6:61:b1:a8:78:90:04:4d:66:17:83:
ef:69:59:6d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIcR4Mlm18C8ArgF4h5t8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM2MzhjMmYwMDg1OTA1MDI0ZTg2ZGRhOWM3MmQ0ODEwY2M4MGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK/pBClPgHkcFUfvuzpwRRuxc0GD
X492rEE8ISC+HzMH0IntqdW2PsAboU3APjGeJIf7JsBhfpin0L57Puqul948XV+j
+Tkby8dvAFPfio8rD/QGnKV0mupT2mPbf+VClLpbMggbW8MV8PJaoyHMidhYynp/
aKJjgYIojAaUF+g3/6LLkcrilIn3JvYM6OR8t7DCQKqyYZqipPziF6NPMElPZpcc
a3v8LiXaZZYwEldGCVMhwiiWSkavZQcVNoQUyQGIebMw2E2iJ6SjDmFzqTlnYqzW
wcLCu+dcvxqOhc6dKm8rgjKyUJI+px/U5eWYxHRAJUsFGRIhdsuWoqMudQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNw2OMLwCFkFAk6G3anHLUgQzIDRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM0RZNHd2QUlXUVVDVG9iZHFjY3RTQkRNZ05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAzaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCXAHDiy7OtNoIkwRr1efrVzv/rUnFMO2TVWJ9R
XoW6wGmeTD7r4Y3mqXuvrthb0S0bqtEHH6bpE8Or+OfZY++WQPyPb1ylMsbkfHTJ
c3YIpuA0x9akSZ6ffSqO0W9kdRDq4eUv857boIX4SKyFv2rGuMAVUS1P09X/uJuc
10qQoKp025rEi3IHWXSjvES8vF/8S4lq/MXM+RrJSv+JRPXJ5MDaVyhifD6ub5Ie
W4Yb0+fEv6FVJU8COQ8TVNa6lQ8qTZ+IsjITKoMnbN1dGeqJc9NaH+95UUPRx2lx
njhErtZKBcTllkkgGko19P08yliD5mGxqHiQBE1mF4PvaVlt
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:41:29 2025 by rpki-client