Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7MxHlsJ06OEyQ5H-REjv2FqCpHs.roa
File: 7MxHlsJ06OEyQ5H-REjv2FqCpHs.roa (raw, json)
Hash identifier: iGYmy+iPwP6D52Qxb2uCgfi0JpZEoNF6l1hk+nfMn1g=
Subject key identifier: EC:CC:47:96:C2:74:E8:E1:32:43:91:FE:44:48:EF:D8:5A:82:A4:7B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522564F165290A2D25029D25A7DDDAB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7MxHlsJ06OEyQ5H-REjv2FqCpHs.roa
Signing time: Thu 02 Jan 2025 03:49:54 +0000
ROA not before: Thu 02 Jan 2025 03:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211722
IP address blocks: 2a0e:b107:12f0::/48 maxlen: 48
2a0e:b107:12f1::/48 maxlen: 48
2a0e:b107:12f2::/48 maxlen: 48
2a0e:b107:12f3::/48 maxlen: 48
2a0e:b107:12f4::/48 maxlen: 48
2a0e:b107:12f5::/48 maxlen: 48
2a0e:b107:12f6::/48 maxlen: 48
2a0e:b107:12f7::/48 maxlen: 48
2a0e:b107:12f8::/48 maxlen: 48
2a0e:b107:12fa::/48 maxlen: 48
2a0e:b107:12fb::/48 maxlen: 48
2a0e:b107:12fc::/48 maxlen: 48
2a0e:b107:12fd::/48 maxlen: 48
2a0e:b107:12fe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:56:4f:16:52:90:a2:d2:50:29:d2:5a:7d:dd:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eccc4796c274e8e1324391fe4448efd85a82a47b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:81:fa:fd:99:4a:75:2d:f5:6a:3b:78:80:eb:
a7:3c:1f:88:f7:8f:a4:f8:bb:60:58:d5:db:cd:fe:
6b:c4:68:f6:2f:39:8e:04:ac:80:49:e2:70:04:26:
28:20:d7:0e:98:a2:a7:9d:8f:e4:8a:c1:62:22:21:
ef:30:72:4b:ac:31:67:71:bd:2b:74:b2:65:fd:25:
77:36:d0:ff:ed:f4:72:f2:31:11:3d:d7:c5:c0:83:
16:2e:7f:41:81:cd:d2:64:71:12:d2:ef:c6:05:39:
b8:ac:6b:6f:1c:27:0a:05:d4:a7:b7:61:b1:ec:54:
c8:a6:a2:53:57:f1:e5:59:8f:c6:82:f6:a9:85:29:
12:6b:56:6d:20:94:77:5e:86:b9:43:00:59:5f:43:
96:c9:10:e3:0d:2c:10:5d:54:80:90:d9:8f:85:8b:
b8:af:4e:fe:bf:64:0d:08:21:4b:3e:68:24:39:fa:
20:9b:cb:07:90:52:52:1e:9e:a8:ce:3c:ff:7b:03:
44:2e:b7:02:34:5d:b2:4a:a3:fd:72:dc:58:9c:fd:
b5:27:71:ae:32:cc:64:65:23:fe:20:37:98:6a:dd:
1c:a7:af:a0:a3:52:ae:a0:77:87:04:4a:c7:15:a7:
0b:c2:3e:2c:c1:0f:ad:01:29:b4:d4:c2:06:c5:c8:
0b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CC:47:96:C2:74:E8:E1:32:43:91:FE:44:48:EF:D8:5A:82:A4:7B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7MxHlsJ06OEyQ5H-REjv2FqCpHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12f0::-2a0e:b107:12f8:ffff:ffff:ffff:ffff:ffff
2a0e:b107:12fa::-2a0e:b107:12fe:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
cc:64:77:db:25:34:84:ea:0f:b1:99:78:e9:78:7f:23:bf:1b:
c6:eb:f3:85:01:d0:dc:f1:51:7a:70:da:59:df:ef:28:47:24:
17:ae:d6:c3:e7:bd:b9:17:10:96:a5:d6:9e:da:cc:9c:a3:90:
3d:78:ed:fc:be:cb:63:3d:0c:2a:a5:31:9d:1a:2e:da:e2:71:
79:78:ca:ab:fe:f2:32:77:af:e6:b8:d7:10:b1:1f:58:5d:14:
1f:a3:0a:4c:84:88:97:db:7d:0f:17:5f:b8:9d:41:dc:cd:65:
c0:43:91:53:16:35:de:ad:76:c2:0d:56:44:33:ae:8a:a7:c6:
5f:f0:df:d1:47:a1:56:23:1b:46:c2:1b:d5:2a:da:33:cc:a6:
5b:fb:8b:7a:4d:a6:8a:e5:05:b7:c7:e9:7a:2f:85:60:55:ee:
ba:69:ad:9e:b7:61:30:64:f8:fe:7c:03:9f:b6:2b:2c:78:9e:
09:32:1c:97:05:1d:ea:cb:52:0e:1b:ed:ce:ba:0e:5c:aa:9b:
7a:8f:26:6a:97:b6:77:9f:74:07:c4:4d:0c:9f:2d:c0:98:57:
12:c9:d8:21:64:27:a1:60:e4:ab:e1:ab:ee:bf:5f:8a:3b:94:
ca:22:1e:ca:54:e3:4b:a9:ae:68:b3:71:e5:e4:c4:d6:61:92:
39:50:c0:a5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQlIlZPFlKQotJQKdJafd2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2NjNDc5NmMyNzRlOGUxMzI0MzkxZmU0NDQ4ZWZkODVhODJhNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIH6/ZlKdS31ajt4gOunPB+I94+k
+LtgWNXbzf5rxGj2LzmOBKyASeJwBCYoINcOmKKnnY/kisFiIiHvMHJLrDFncb0r
dLJl/SV3NtD/7fRy8jERPdfFwIMWLn9Bgc3SZHES0u/GBTm4rGtvHCcKBdSnt2Gx
7FTIpqJTV/HlWY/GgvaphSkSa1ZtIJR3Xoa5QwBZX0OWyRDjDSwQXVSAkNmPhYu4
r07+v2QNCCFLPmgkOfogm8sHkFJSHp6ozjz/ewNELrcCNF2ySqP9ctxYnP21J3Gu
MsxkZSP+IDeYat0cp6+go1KuoHeHBErHFacLwj4swQ+tASm01MIGxcgLtQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOzMR5bCdOjhMkOR/kRI79hagqR7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvN014SGxzSjA2T0V5UTVILVJFanYyRnFDcEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMBIDBwQqDrEH
EvADBwAqDrEHEvgwEgMHASoOsQcS+gMHACoOsQcS/jANBgkqhkiG9w0BAQsFAAOC
AQEAzGR32yU0hOoPsZl46Xh/I78bxuvzhQHQ3PFRenDaWd/vKEckF67Ww+e9uRcQ
lqXWntrMnKOQPXjt/L7LYz0MKqUxnRou2uJxeXjKq/7yMnev5rjXELEfWF0UH6MK
TISIl9t9DxdfuJ1B3M1lwEORUxY13q12wg1WRDOuiqfGX/Df0UehViMbRsIb1Sra
M8ymW/uLek2miuUFt8fpei+FYFXuummtnrdhMGT4/nwDn7YrLHieCTIclwUd6stS
DhvtzroOXKqbeo8mape2d590B8RNDJ8twJhXEsnYIWQnoWDkq+Gr7r9fijuUyiIe
ylTjS6muaLNx5eTE1mGSOVDApQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:59:17 2025 by rpki-client