Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3FJzjTC3EBhhpJCbWDdPq8y_CcU.roa
File: 3FJzjTC3EBhhpJCbWDdPq8y_CcU.roa (raw, json)
Hash identifier: Ke9z+LFGaTdJ8cNnvsDMqBIaLYRxF200Nnpj+Y5UvQ0=
Subject key identifier: DC:52:73:8D:30:B7:10:18:61:A4:90:9B:58:37:4F:AB:CC:BF:09:C5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425223B96792847DA8C970E6A9D1C4300
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3FJzjTC3EBhhpJCbWDdPq8y_CcU.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210013
IP address blocks: 2a0e:97c0:6c0::/44 maxlen: 48
2a0e:97c0:6c0::/48 maxlen: 48
2a0e:97c0:6c1::/48 maxlen: 48
2a0e:97c0:6c2::/48 maxlen: 48
2a0e:97c0:6c3::/48 maxlen: 48
2a0e:97c0:6c4::/48 maxlen: 48
2a0e:97c0:6c5::/48 maxlen: 48
2a0e:97c0:6c6::/48 maxlen: 48
2a0e:97c0:6c7::/48 maxlen: 48
2a0e:97c0:6c8::/48 maxlen: 48
2a0e:97c0:6c9::/48 maxlen: 48
2a0e:97c0:6ca::/48 maxlen: 48
2a0e:97c0:6cb::/48 maxlen: 48
2a0e:97c0:6cc::/48 maxlen: 48
2a0e:97c0:6cd::/48 maxlen: 48
2a0e:97c0:6ce::/48 maxlen: 48
2a0e:97c0:6cf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:3b:96:79:28:47:da:8c:97:0e:6a:9d:1c:43:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc52738d30b7101861a4909b58374fabccbf09c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:68:01:d8:68:4a:92:b8:d7:e0:bf:20:a6:95:
65:f3:09:a2:fe:33:2f:81:df:fd:35:de:82:a2:a4:
2a:8d:e0:8e:3a:46:2c:78:49:22:1f:4d:0d:d2:47:
c5:df:9d:cd:29:cf:44:61:62:d1:f6:0c:f5:d6:d7:
aa:e9:83:30:27:52:78:07:55:34:54:82:bf:96:90:
f2:b2:ab:1c:df:36:e8:8c:9c:4e:00:f0:20:ed:30:
59:3b:0d:26:b8:9f:a8:8a:24:d5:6e:87:2c:97:4e:
e2:2a:96:60:54:53:04:09:1d:a9:e1:df:cd:ff:67:
8f:2c:03:d0:32:a7:61:fa:0e:56:f0:c0:83:8c:8e:
7f:d1:37:fd:c3:5e:43:a8:f0:34:2c:81:7d:04:08:
fc:7e:68:71:a9:b9:99:9f:45:1d:e9:52:09:57:7a:
45:71:6c:43:48:70:b3:8d:66:d2:e1:f7:36:e8:0d:
22:e3:7a:0a:11:a8:b1:37:2d:58:be:c8:e3:ab:ca:
67:17:8d:09:25:ce:2c:6e:95:96:28:97:50:81:d5:
c2:88:70:71:9f:29:08:b6:7b:30:3b:ef:a8:74:47:
2c:5a:a0:63:90:d6:83:d3:01:ee:16:b5:a1:4b:ae:
5d:50:9b:b4:3d:56:bf:ad:d4:6f:a0:ba:6e:7b:26:
af:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:52:73:8D:30:B7:10:18:61:A4:90:9B:58:37:4F:AB:CC:BF:09:C5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/3FJzjTC3EBhhpJCbWDdPq8y_CcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:6c0::/44
Signature Algorithm: sha256WithRSAEncryption
ac:28:80:0b:d8:6b:1f:62:75:31:8c:eb:80:20:d4:f1:5b:a0:
90:ef:b1:77:45:53:cd:ee:bf:78:56:0c:d9:1c:8e:1b:4a:ac:
0f:a3:01:36:68:ce:77:2c:7c:55:8f:01:b9:1b:93:d0:23:67:
d6:5b:29:6d:3e:9a:18:c7:36:53:07:fa:d7:a7:9d:d0:4d:84:
4d:3b:70:85:45:cd:8c:83:33:ad:29:3a:49:0f:55:e3:48:09:
8f:3e:77:b7:ee:df:52:25:0d:09:6e:00:21:32:ca:80:15:20:
43:e7:91:d3:5f:b2:72:15:10:46:72:9c:79:f2:da:4f:b6:6c:
6b:d9:41:45:af:42:03:5e:c7:7d:c8:12:1b:97:6c:ae:d5:cc:
54:e3:a8:5d:d4:61:4c:a7:9c:c0:76:b2:d0:b4:38:b5:47:40:
b0:e3:6c:ce:01:a7:13:ab:83:de:5a:09:44:0b:33:1e:f7:7b:
84:4c:2c:5d:98:af:3a:3d:6c:07:79:5c:0f:ca:57:3a:34:cc:
72:c8:ec:18:c7:27:10:90:c0:dd:98:94:83:cc:fa:cd:85:14:
c2:d0:d4:fe:ef:9f:4e:2a:e5:e8:b7:c1:f0:ea:b5:d8:e9:05:
3b:be:5b:a8:f9:16:17:a8:8f:7f:3a:2b:6f:63:36:b3:b3:a9:
91:8a:5e:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIjuWeShH2oyXDmqdHEMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUyNzM4ZDMwYjcxMDE4NjFhNDkwOWI1ODM3NGZhYmNjYmYwOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mgB2GhKkrjX4L8gppVl8wmi/jMv
gd/9Nd6CoqQqjeCOOkYseEkiH00N0kfF353NKc9EYWLR9gz11teq6YMwJ1J4B1U0
VIK/lpDysqsc3zbojJxOAPAg7TBZOw0muJ+oiiTVbocsl07iKpZgVFMECR2p4d/N
/2ePLAPQMqdh+g5W8MCDjI5/0Tf9w15DqPA0LIF9BAj8fmhxqbmZn0Ud6VIJV3pF
cWxDSHCzjWbS4fc26A0i43oKEaixNy1Yvsjjq8pnF40JJc4sbpWWKJdQgdXCiHBx
nykItnswO++odEcsWqBjkNaD0wHuFrWhS65dUJu0PVa/rdRvoLpueyavYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNxSc40wtxAYYaSQm1g3T6vMvwnFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvM0ZKempUQzNFQmhocEpDYldEZFBxOHlfQ2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCsKIAL2GsfYnUxjOuAINTxW6CQ77F3RVPN7r94
VgzZHI4bSqwPowE2aM53LHxVjwG5G5PQI2fWWyltPpoYxzZTB/rXp53QTYRNO3CF
Rc2MgzOtKTpJD1XjSAmPPne37t9SJQ0JbgAhMsqAFSBD55HTX7JyFRBGcpx58tpP
tmxr2UFFr0IDXsd9yBIbl2yu1cxU46hd1GFMp5zAdrLQtDi1R0Cw42zOAacTq4Pe
WglECzMe93uETCxdmK86PWwHeVwPylc6NMxyyOwYxycQkMDdmJSDzPrNhRTC0NT+
759OKuXot8Hw6rXY6QU7vluo+RYXqI9/OitvYzazs6mRil59
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:37:06 2025 by rpki-client