Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7BNmia0aezH1K_-rf6GnMCL8Ii4.roa
File: 7BNmia0aezH1K_-rf6GnMCL8Ii4.roa (raw, json)
Hash identifier: lmaTpdsUFJJrAa4gjr9UeJvKPPYQKlDMdQzisXWuCPA=
Subject key identifier: EC:13:66:89:AD:1A:7B:31:F5:2B:FF:AB:7F:A1:A7:30:22:FC:22:2E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018FF3574DC5526332040DB2257CA45DF1BA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7BNmia0aezH1K_-rf6GnMCL8Ii4.roa
Signing time: Fri 07 Jun 2024 15:35:36 +0000
ROA not before: Fri 07 Jun 2024 15:35:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205977
IP address blocks: 2a0e:b107:760::/44 maxlen: 48
2a0e:b107:760::/48 maxlen: 48
2a0e:b107:761::/48 maxlen: 48
2a0e:b107:762::/48 maxlen: 48
2a0e:b107:763::/48 maxlen: 48
2a0e:b107:764::/48 maxlen: 48
2a0e:b107:765::/48 maxlen: 48
2a0e:b107:766::/48 maxlen: 48
2a0e:b107:767::/48 maxlen: 48
2a0e:b107:768::/45 maxlen: 48
2a0e:b107:768::/48 maxlen: 48
2a10:2f00:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f3:57:4d:c5:52:63:32:04:0d:b2:25:7c:a4:5d:f1:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 7 15:35:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec136689ad1a7b31f52bffab7fa1a73022fc222e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:df:ae:48:53:78:6d:8e:56:e2:b6:ff:4e:47:
60:73:38:40:8d:03:50:11:12:fd:84:05:16:87:36:
02:e4:cf:ae:5a:0d:a7:61:80:7c:3b:7c:32:d8:95:
3e:38:1d:3e:b3:4c:7e:97:97:54:ac:12:de:70:a0:
b1:39:b6:29:db:43:69:4b:c2:92:98:95:b4:a8:87:
48:ac:15:15:75:62:a4:f1:81:5f:0f:15:f6:7d:2b:
20:42:e7:47:c3:b9:52:33:76:3b:17:e3:40:7e:6a:
cf:ee:a5:f7:64:b0:e0:b4:a7:b6:7c:ae:2b:2c:7e:
64:a5:39:77:98:7f:ab:ef:ac:fe:48:82:80:9a:b9:
4b:2c:0b:9e:68:bd:01:c3:24:57:98:b5:ec:db:06:
5b:ae:1f:e3:38:e2:da:4d:5f:79:44:16:a8:c9:7f:
5d:50:41:fd:d2:aa:e0:b4:f4:d3:92:3f:b8:2c:b0:
93:5e:ae:1b:2f:b2:ff:c8:67:47:c4:88:97:63:f6:
48:f9:6a:00:20:e0:d1:7e:82:bd:c5:b1:97:f7:be:
48:b1:51:48:c8:2e:2e:12:98:d8:8b:91:34:43:db:
d4:1d:8e:52:ec:d3:a9:3b:26:87:18:db:e2:2e:8e:
e2:d9:e7:39:01:55:e3:77:23:9b:49:76:35:8a:46:
9e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:13:66:89:AD:1A:7B:31:F5:2B:FF:AB:7F:A1:A7:30:22:FC:22:2E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7BNmia0aezH1K_-rf6GnMCL8Ii4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:760::/44
2a10:2f00:120::/48
Signature Algorithm: sha256WithRSAEncryption
aa:e1:52:0e:17:4f:5b:81:4f:d2:26:08:f4:d9:17:7f:07:c0:
d2:7e:9e:98:3d:b3:99:40:01:47:c0:3b:87:a6:0a:ee:46:91:
aa:88:c8:12:1a:0d:2c:ac:b8:51:50:e4:8f:8d:35:a6:04:ac:
d0:c6:00:5d:1a:93:de:61:b0:53:2d:5f:36:ed:54:9d:64:b7:
06:7e:08:7c:3d:fc:e8:b4:3b:18:dc:52:e3:09:de:ef:3d:2e:
ce:d2:84:23:c3:74:e3:99:8c:34:00:b8:bc:d9:4e:58:b5:42:
d6:ec:91:8a:ab:95:2a:be:b0:7a:6a:b9:09:ca:e8:45:71:26:
65:a8:d5:bd:ab:73:a5:99:95:ef:38:31:46:d0:69:60:85:2e:
10:ad:0d:75:7c:a2:2b:fd:a4:1e:4b:9f:77:25:1a:ab:92:9d:
e7:d6:4e:bf:a6:fc:4d:a9:62:04:cf:46:b4:4b:b9:73:9a:f1:
30:45:76:dc:cf:d3:10:40:6c:ad:47:02:43:1f:de:81:04:cd:
6a:e0:ff:38:25:f1:a8:a3:a7:30:e6:83:e0:66:79:99:c9:98:
6b:0d:58:0d:71:ce:48:a7:61:bd:8f:a6:d9:0b:a3:95:62:e7:
79:f5:6e:0a:eb:a0:05:0d:c0:b2:37:43:e8:6e:2c:ff:d4:fc:
dc:38:4c:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/zV03FUmMyBA2yJXykXfG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjA3MTUzNTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzEzNjY4OWFkMWE3YjMxZjUyYmZmYWI3ZmExYTczMDIyZmMyMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd+uSFN4bY5W4rb/TkdgczhAjQNQ
ERL9hAUWhzYC5M+uWg2nYYB8O3wy2JU+OB0+s0x+l5dUrBLecKCxObYp20NpS8KS
mJW0qIdIrBUVdWKk8YFfDxX2fSsgQudHw7lSM3Y7F+NAfmrP7qX3ZLDgtKe2fK4r
LH5kpTl3mH+r76z+SIKAmrlLLAueaL0BwyRXmLXs2wZbrh/jOOLaTV95RBaoyX9d
UEH90qrgtPTTkj+4LLCTXq4bL7L/yGdHxIiXY/ZI+WoAIODRfoK9xbGX975IsVFI
yC4uEpjYi5E0Q9vUHY5S7NOpOyaHGNviLo7i2ec5AVXjdyObSXY1ikaetQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOwTZomtGnsx9Sv/q3+hpzAi/CIuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvN0JObWlhMGFlekgxS18tcmY2R25NQ0w4SWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwdg
AwcAKhAvAAEgMA0GCSqGSIb3DQEBCwUAA4IBAQCq4VIOF09bgU/SJgj02Rd/B8DS
fp6YPbOZQAFHwDuHpgruRpGqiMgSGg0srLhRUOSPjTWmBKzQxgBdGpPeYbBTLV82
7VSdZLcGfgh8PfzotDsY3FLjCd7vPS7O0oQjw3TjmYw0ALi82U5YtULW7JGKq5Uq
vrB6arkJyuhFcSZlqNW9q3OlmZXvODFG0GlghS4QrQ11fKIr/aQeS593JRqrkp3n
1k6/pvxNqWIEz0a0S7lzmvEwRXbcz9MQQGytRwJDH96BBM1q4P84JfGoo6cw5oPg
ZnmZyZhrDVgNcc5Ip2G9j6bZC6OVYud59W4K66AFDcCyN0Pobiz/1PzcOEyn
-----END CERTIFICATE-----
Generated at Sun Nov 24 13:23:37 2024 by rpki-client on console-fra.rpki-client.org