Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7UcIL5TFjavGr9vFxuLyTF9KDJs.roa
File: 7UcIL5TFjavGr9vFxuLyTF9KDJs.roa (raw, json)
Hash identifier: R86/bPOjm4FoToY8KJx6Q+uJxoTAAbGFkorWbhuT62w=
Subject key identifier: ED:47:08:2F:94:C5:8D:AB:C6:AF:DB:C5:C6:E2:F2:4C:5F:4A:0C:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521DE6AF78D45F6691200512014EDD0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7UcIL5TFjavGr9vFxuLyTF9KDJs.roa
Signing time: Thu 02 Jan 2025 03:49:23 +0000
ROA not before: Thu 02 Jan 2025 03:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59922
IP address blocks: 2a0e:97c0:f20::/44 maxlen: 48
2a0e:b107:13de::/48 maxlen: 48
2a10:cc44:110::/44 maxlen: 48
2a10:cc44:110::/48 maxlen: 48
2a10:cc44:112::/48 maxlen: 48
2a10:ccc4:2020::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:de:6a:f7:8d:45:f6:69:12:00:51:20:14:ed:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed47082f94c58dabc6afdbc5c6e2f24c5f4a0c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:22:9f:c1:4a:f0:63:20:02:0e:ad:c6:13:54:
a0:66:22:52:45:c3:65:19:95:a4:25:6b:ce:fb:da:
f7:ee:74:0e:85:f6:dd:64:ca:c5:39:be:da:84:fb:
0e:13:9a:44:db:e1:06:b0:e3:55:f2:d5:2c:aa:01:
a0:40:81:9d:43:05:79:55:76:91:85:05:95:c4:d7:
55:57:8f:02:86:58:c3:4b:2f:f5:c8:70:54:6d:61:
1f:df:b2:87:d2:4d:cb:49:42:0c:57:d5:d3:98:10:
f2:92:99:af:3d:c9:a0:ec:74:6c:33:bd:85:3c:4b:
44:5f:f9:f3:cc:31:6e:f6:a6:42:42:5d:de:25:fe:
86:98:04:29:06:8a:4f:88:8b:8f:69:88:46:d9:4e:
06:44:e0:7e:34:e7:d7:a5:a3:49:aa:c4:47:0e:50:
93:9a:5a:eb:5a:13:5e:24:a8:ad:8b:7f:67:94:fb:
fa:64:58:2f:61:b7:24:f5:87:ff:1c:8d:e8:44:07:
72:ea:9c:45:04:72:c0:71:ee:4a:e6:c8:33:9b:4e:
de:0c:9a:ee:46:99:fa:cb:cf:2f:77:35:2c:21:c2:
10:5a:2d:dc:c9:c2:97:0f:5a:36:e7:0d:dd:69:4b:
cb:34:66:bb:1c:cc:04:91:49:69:1d:f9:19:19:37:
38:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:47:08:2F:94:C5:8D:AB:C6:AF:DB:C5:C6:E2:F2:4C:5F:4A:0C:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/7UcIL5TFjavGr9vFxuLyTF9KDJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:f20::/44
2a0e:b107:13de::/48
2a10:cc44:110::/44
2a10:ccc4:2020::/44
Signature Algorithm: sha256WithRSAEncryption
0b:c4:56:25:c0:33:01:d9:d1:4a:d1:4e:c5:1a:e1:d1:88:40:
6d:2a:70:6b:b7:f5:8e:16:7a:65:34:bc:0d:5a:bc:ea:31:ac:
7a:de:4a:a9:0a:af:b4:21:f3:9e:e5:0a:ac:90:dd:95:2c:a1:
fb:5a:b8:2c:04:9c:e4:f3:69:7e:71:2f:33:09:cb:67:13:99:
1d:b4:b3:55:86:cb:e6:8a:c4:e3:6c:3f:b3:9d:b5:dc:d7:de:
c4:2d:53:6d:f3:5e:c4:ab:fb:b3:80:3c:b9:fa:31:6f:0c:11:
94:29:e4:08:a9:09:61:bd:1a:44:dd:94:28:1a:b4:09:f3:ce:
68:2d:70:81:35:a3:de:dc:2b:c0:1b:fd:7a:d7:35:77:ef:c2:
1e:ad:61:a2:77:61:de:f5:2e:a2:84:77:4a:2b:b1:87:3f:6e:
e2:d4:dd:cd:d8:52:54:0b:0d:c5:23:d6:e6:ee:8a:8e:12:88:
5c:ab:be:d0:31:be:67:cc:45:2a:0e:d6:48:76:81:51:f9:4e:
cc:0d:04:42:fa:05:e3:1e:f1:0b:8a:7b:b1:31:f9:08:0f:dc:
51:89:81:3d:33:09:e8:35:c4:dc:81:fa:75:cc:4e:cc:46:53:
fc:fc:f8:57:08:7b:03:56:ff:a5:4c:5c:01:a8:96:9f:9c:bd:
d2:73:3f:97
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlId5q941F9mkSAFEgFO3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ3MDgyZjk0YzU4ZGFiYzZhZmRiYzVjNmUyZjI0YzVmNGEwYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiKfwUrwYyACDq3GE1SgZiJSRcNl
GZWkJWvO+9r37nQOhfbdZMrFOb7ahPsOE5pE2+EGsONV8tUsqgGgQIGdQwV5VXaR
hQWVxNdVV48ChljDSy/1yHBUbWEf37KH0k3LSUIMV9XTmBDykpmvPcmg7HRsM72F
PEtEX/nzzDFu9qZCQl3eJf6GmAQpBopPiIuPaYhG2U4GROB+NOfXpaNJqsRHDlCT
mlrrWhNeJKiti39nlPv6ZFgvYbck9Yf/HI3oRAdy6pxFBHLAce5K5sgzm07eDJru
Rpn6y88vdzUsIcIQWi3cycKXD1o25w3daUvLNGa7HMwEkUlpHfkZGTc4PQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO1HCC+UxY2rxq/bxcbi8kxfSgybMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvN1VjSUw1VEZqYXZHcjl2Rnh1THlURjlLREpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwA8g
AwcAKg6xBxPeAwcEKhDMRAEQAwcEKhDMxCAgMA0GCSqGSIb3DQEBCwUAA4IBAQAL
xFYlwDMB2dFK0U7FGuHRiEBtKnBrt/WOFnplNLwNWrzqMax63kqpCq+0IfOe5Qqs
kN2VLKH7WrgsBJzk82l+cS8zCctnE5kdtLNVhsvmisTjbD+znbXc197ELVNt817E
q/uzgDy5+jFvDBGUKeQIqQlhvRpE3ZQoGrQJ885oLXCBNaPe3CvAG/161zV378Ie
rWGid2He9S6ihHdKK7GHP27i1N3N2FJUCw3FI9bm7oqOEohcq77QMb5nzEUqDtZI
doFR+U7MDQRC+gXjHvELinuxMfkID9xRiYE9MwnoNcTcgfp1zE7MRlP8/PhXCHsD
Vv+lTFwBqJafnL3Scz+X
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:02:10 2025 by rpki-client