Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4p3Ztjtg_jJ0skT-FLs4p6Gl0vc.roa
File: 4p3Ztjtg_jJ0skT-FLs4p6Gl0vc.roa (raw, json)
Hash identifier: j0yt46xo/1rRt0PxwQ9+dM8ujlPMOCDIr+cb1h0ucwo=
Subject key identifier: E2:9D:D9:B6:3B:60:FE:32:74:B2:44:FE:14:BB:38:A7:A1:A5:D2:F7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521CA0C37D78870244B4261D03E79C3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4p3Ztjtg_jJ0skT-FLs4p6Gl0vc.roa
Signing time: Thu 02 Jan 2025 03:49:18 +0000
ROA not before: Thu 02 Jan 2025 03:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31898
IP address blocks: 2a0e:97c0:aba::/48 maxlen: 48
2a0e:b107:19::/48 maxlen: 48
2a0e:b107:360::/48 maxlen: 48
2a0e:b107:361::/48 maxlen: 48
2a0e:b107:362::/48 maxlen: 48
2a0e:b107:363::/48 maxlen: 48
2a0e:b107:364::/48 maxlen: 48
2a0e:b107:365::/48 maxlen: 48
2a0e:b107:367::/48 maxlen: 48
2a0e:b107:f50::/44 maxlen: 48
2a0e:b107:1d13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ca:0c:37:d7:88:70:24:4b:42:61:d0:3e:79:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e29dd9b63b60fe3274b244fe14bb38a7a1a5d2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ca:74:86:c5:e6:dc:0d:f0:e8:3e:8a:39:13:
cb:87:55:e2:21:1d:77:de:2e:a2:a4:6f:30:a7:27:
cf:3c:4b:37:b4:73:65:c1:54:64:64:6c:c1:55:37:
71:94:9f:31:69:30:d5:f0:28:55:63:db:e1:66:20:
4f:e8:49:40:84:1f:5a:bb:1e:f7:66:3b:7d:90:29:
35:d3:4b:c7:ba:c9:bc:3d:80:7f:53:ab:69:9f:70:
d8:9e:c6:95:a1:bd:13:4e:e5:ee:77:91:9d:e7:b4:
08:9c:88:f5:0a:16:b0:74:17:e2:0b:c7:37:fb:55:
14:25:4b:a3:e9:2f:a9:d1:4b:87:5b:83:35:82:6d:
1e:9f:6c:90:c7:0c:c4:1d:ff:10:a9:f2:8d:7c:d0:
0d:a3:b1:3b:a8:2d:ae:98:5a:a9:64:b1:60:d0:a0:
af:8a:93:b3:5a:17:00:ea:19:cd:ac:b7:93:b8:76:
a7:34:6e:d8:af:52:2e:d5:df:96:c6:70:33:3f:96:
86:43:ab:58:dd:73:0e:ce:76:30:6b:8d:78:29:c4:
e7:4c:a3:20:b2:a7:8f:da:d1:27:af:88:ac:1b:a6:
18:42:10:4b:60:c4:2a:ec:59:bd:98:bf:69:30:60:
fa:18:68:e6:ed:a7:4c:ca:95:6e:b0:21:79:2b:41:
61:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9D:D9:B6:3B:60:FE:32:74:B2:44:FE:14:BB:38:A7:A1:A5:D2:F7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4p3Ztjtg_jJ0skT-FLs4p6Gl0vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:aba::/48
2a0e:b107:19::/48
2a0e:b107:360::-2a0e:b107:365:ffff:ffff:ffff:ffff:ffff
2a0e:b107:367::/48
2a0e:b107:f50::/44
2a0e:b107:1d13::/48
Signature Algorithm: sha256WithRSAEncryption
76:c9:f7:c6:ab:b9:f7:20:18:98:4d:c5:46:3a:9d:1e:55:63:
1a:b1:00:80:6d:52:57:4e:a1:a2:69:e6:db:a3:27:1f:bb:9a:
f9:4d:51:1e:b4:cf:22:38:23:b7:36:85:fc:e1:dc:11:6a:00:
d3:80:ce:9d:c7:1d:32:4f:a2:e6:c5:e5:cc:96:46:25:18:6c:
0c:04:08:9f:f9:5f:9e:52:92:57:2c:17:12:f9:c1:21:0e:b5:
40:37:a4:12:80:01:22:3d:e5:dd:48:58:47:a9:53:38:ef:46:
f8:7e:aa:4a:f3:8a:b6:83:47:fe:f9:e3:1b:f3:12:96:01:aa:
a6:20:82:4a:e6:fe:ad:57:07:9d:7f:9a:6f:30:6c:47:c8:cc:
68:f5:b7:12:23:45:e3:04:42:68:87:3b:98:b2:87:83:ae:31:
c9:e6:a6:76:c5:37:72:d9:94:66:9e:96:f6:64:38:99:83:c1:
d0:69:a7:c8:6f:a3:92:69:aa:a8:bd:f1:d9:03:1f:65:de:c9:
30:78:7d:5f:2c:94:74:e2:e1:4d:46:05:36:59:63:14:e6:d1:
f7:8b:73:8e:48:fa:36:59:79:65:eb:aa:aa:41:96:16:d9:0a:
ad:77:11:1d:6e:18:6d:da:67:aa:b8:77:2b:df:0c:ea:23:e2:
d6:a7:15:43
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQlIcoMN9eIcCRLQmHQPnnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjlkZDliNjNiNjBmZTMyNzRiMjQ0ZmUxNGJiMzhhN2ExYTVkMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsp0hsXm3A3w6D6KORPLh1XiIR13
3i6ipG8wpyfPPEs3tHNlwVRkZGzBVTdxlJ8xaTDV8ChVY9vhZiBP6ElAhB9aux73
Zjt9kCk100vHusm8PYB/U6tpn3DYnsaVob0TTuXud5Gd57QInIj1ChawdBfiC8c3
+1UUJUuj6S+p0UuHW4M1gm0en2yQxwzEHf8QqfKNfNANo7E7qC2umFqpZLFg0KCv
ipOzWhcA6hnNrLeTuHanNG7Yr1Iu1d+WxnAzP5aGQ6tY3XMOznYwa414KcTnTKMg
sqeP2tEnr4isG6YYQhBLYMQq7Fm9mL9pMGD6GGjm7adMypVusCF5K0Fh0wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFOKd2bY7YP4ydLJE/hS7OKehpdL3MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNHAzWnRqdGdfakowc2tULUZMczRwNkdsMHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAKg6XwAq6
AwcAKg6xBwAZMBIDBwUqDrEHA2ADBwEqDrEHA2QDBwAqDrEHA2cDBwQqDrEHD1AD
BwAqDrEHHRMwDQYJKoZIhvcNAQELBQADggEBAHbJ98arufcgGJhNxUY6nR5VYxqx
AIBtUldOoaJp5tujJx+7mvlNUR60zyI4I7c2hfzh3BFqANOAzp3HHTJPoubF5cyW
RiUYbAwECJ/5X55SklcsFxL5wSEOtUA3pBKAASI95d1IWEepUzjvRvh+qkrziraD
R/754xvzEpYBqqYggkrm/q1XB51/mm8wbEfIzGj1txIjReMEQmiHO5iyh4OuMcnm
pnbFN3LZlGaelvZkOJmDwdBpp8hvo5Jpqqi98dkDH2XeyTB4fV8slHTi4U1GBTZZ
YxTm0feLc45I+jZZeWXrqqpBlhbZCq13ER1uGG3aZ6q4dyvfDOoj4tanFUM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:54:44 2025 by rpki-client