Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/85zUvL_s9GuZF2k3SjcY5orX0jE.roa
File: 85zUvL_s9GuZF2k3SjcY5orX0jE.roa (raw, json)
Hash identifier: Qv1pz670NciftNV+/tu/wb98jsBpIIHNacqBcCRRzjI=
Subject key identifier: F3:9C:D4:BC:BF:EC:F4:6B:99:17:69:37:4A:37:18:E6:8A:D7:D2:31
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD2DF7647EC0864684C656C9E6444D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/85zUvL_s9GuZF2k3SjcY5orX0jE.roa
Signing time: Tue 02 Jan 2024 10:34:27 +0000
ROA not before: Tue 02 Jan 2024 10:34:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210980
IP address blocks: 2a0e:b107:ae0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:2d:f7:64:7e:c0:86:46:84:c6:56:c9:e6:44:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f39cd4bcbfecf46b991769374a3718e68ad7d231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:fd:74:08:c6:23:c3:41:49:15:ed:29:6c:
cd:5c:0f:11:22:1c:5e:61:17:cf:b4:82:6b:ef:9c:
b9:7b:37:70:d8:1a:b9:f5:d4:ec:46:78:34:8c:64:
5e:7e:ea:28:08:1e:48:44:a7:1e:7a:fd:04:ca:ac:
63:1e:21:51:5e:b7:f5:28:d6:c3:6c:ee:a0:ac:3e:
2d:73:43:46:81:3c:9c:69:cf:5d:41:ab:24:3a:0a:
bd:3d:d0:fb:85:e2:a4:d1:dd:21:80:59:dc:40:05:
aa:bd:b3:90:fd:8e:74:26:95:43:47:9e:28:fe:ab:
1c:45:25:37:f8:56:bd:eb:86:f6:18:33:9b:47:46:
fb:3d:d1:ce:27:5f:e8:3a:94:1a:ca:bf:d4:2a:96:
d1:11:2f:bc:e8:ef:47:22:42:b4:08:d1:e0:a2:4e:
80:55:55:39:dd:a7:d5:d5:bc:07:a0:44:8e:73:4b:
f0:c9:0c:0c:94:da:58:96:4b:6c:82:2a:0a:ff:3d:
58:f8:3c:5d:8c:71:41:bf:2b:75:bf:df:af:bc:78:
37:c6:55:aa:aa:44:d1:6f:37:b6:9b:6b:06:84:f4:
5f:70:78:8a:18:e6:51:e5:43:d1:c7:7c:c5:3f:36:
b2:64:ad:53:a4:cc:2d:8d:9f:7d:d3:e6:89:20:5c:
1c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9C:D4:BC:BF:EC:F4:6B:99:17:69:37:4A:37:18:E6:8A:D7:D2:31
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/85zUvL_s9GuZF2k3SjcY5orX0jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ae0::/44
Signature Algorithm: sha256WithRSAEncryption
05:15:b7:01:03:48:b0:b7:ba:8c:20:19:bd:02:cc:11:96:14:
6c:d4:ad:04:5f:fe:a3:7a:6d:c8:88:0c:26:13:a6:28:51:0f:
01:ee:de:12:bc:45:83:e8:54:78:f6:15:d9:ac:58:00:ee:96:
a1:bd:1c:57:9d:06:93:0d:ab:c2:c4:fc:59:78:e8:b7:87:80:
86:83:38:cc:41:c7:b5:4b:4f:5f:c7:f3:f4:05:78:18:55:bd:
3c:44:8b:90:9a:18:72:38:4a:c7:b6:56:4f:56:66:e6:ee:78:
dc:8f:5a:fc:58:b8:e4:78:1c:70:84:9d:87:4d:a8:5f:d6:5f:
53:0c:be:45:27:40:97:c5:26:48:01:20:8b:d5:25:c0:f8:01:
52:fa:df:c5:1e:06:c4:56:f2:2f:91:6f:1d:fb:f7:d7:53:40:
6b:d4:67:dc:18:7d:01:48:98:76:4a:9f:e2:12:87:50:65:aa:
e3:d9:86:c0:b3:fd:26:fa:c1:bd:0d:92:03:ff:5c:b1:87:22:
b1:59:91:f7:5f:30:e9:fa:89:93:a3:f2:ca:41:2a:9c:c1:26:
70:e8:c0:c3:73:24:cb:8e:16:f8:3d:f5:a4:0d:f0:5f:e2:8d:
89:79:9e:78:1e:da:f2:5f:a8:86:83:8d:2f:8f:7d:5e:1a:63:
f8:35:f2:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvS33ZH7AhkaExlbJ5kRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzljZDRiY2JmZWNmNDZiOTkxNzY5Mzc0YTM3MThlNjhhZDdkMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYr9dAjGI8NBSRXtKWzNXA8RIhxe
YRfPtIJr75y5ezdw2Bq59dTsRng0jGRefuooCB5IRKceev0EyqxjHiFRXrf1KNbD
bO6grD4tc0NGgTycac9dQaskOgq9PdD7heKk0d0hgFncQAWqvbOQ/Y50JpVDR54o
/qscRSU3+Fa964b2GDObR0b7PdHOJ1/oOpQayr/UKpbRES+86O9HIkK0CNHgok6A
VVU53afV1bwHoESOc0vwyQwMlNpYlktsgioK/z1Y+DxdjHFBvyt1v9+vvHg3xlWq
qkTRbze2m2sGhPRfcHiKGOZR5UPRx3zFPzayZK1TpMwtjZ990+aJIFwceQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPOc1Ly/7PRrmRdpN0o3GOaK19IxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvODV6VXZMX3M5R3VaRjJrM1NqY1k1b3JYMGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwrg
MA0GCSqGSIb3DQEBCwUAA4IBAQAFFbcBA0iwt7qMIBm9AswRlhRs1K0EX/6jem3I
iAwmE6YoUQ8B7t4SvEWD6FR49hXZrFgA7pahvRxXnQaTDavCxPxZeOi3h4CGgzjM
Qce1S09fx/P0BXgYVb08RIuQmhhyOErHtlZPVmbm7njcj1r8WLjkeBxwhJ2HTahf
1l9TDL5FJ0CXxSZIASCL1SXA+AFS+t/FHgbEVvIvkW8d+/fXU0Br1GfcGH0BSJh2
Sp/iEodQZarj2YbAs/0m+sG9DZID/1yxhyKxWZH3XzDp+omTo/LKQSqcwSZw6MDD
cyTLjhb4PfWkDfBf4o2JeZ54HtryX6iGg40vj31eGmP4NfJI
-----END CERTIFICATE-----
Generated at Fri May 3 05:22:00 2024 by rpki-client on console-fra.rpki-client.org