Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9z9MYdzfUUQjW1Oqx3oVOyUpH9k.roa
File: 9z9MYdzfUUQjW1Oqx3oVOyUpH9k.roa (raw, json)
Hash identifier: BpZPZTtUD8Mz0Vrf5RQH5QXBtOFsdNWQprjjrivvUQo=
Subject key identifier: F7:3F:4C:61:DC:DF:51:44:23:5B:53:AA:C7:7A:15:3B:25:29:1F:D9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCD3A931E1C0CEEE071170B475E307
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9z9MYdzfUUQjW1Oqx3oVOyUpH9k.roa
Signing time: Tue 02 Jan 2024 10:34:04 +0000
ROA not before: Tue 02 Jan 2024 10:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57266
IP address blocks: 2a0e:97c0:110::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d3:a9:31:e1:c0:ce:ee:07:11:70:b4:75:e3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f73f4c61dcdf5144235b53aac77a153b25291fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0d:33:d2:cd:e7:c3:8c:77:44:93:7b:43:30:
b8:d6:fc:1b:d6:17:f8:a0:60:ab:15:c5:be:6c:74:
21:3c:85:de:86:05:5c:2c:bb:08:d2:bc:6b:f8:60:
40:30:d2:49:84:33:2b:9d:50:6f:50:9d:c4:3c:e0:
46:7e:01:d8:65:28:20:4f:7f:46:6d:1b:d2:4f:5d:
01:ea:70:2e:c1:1b:27:f4:fa:f8:99:c8:09:8f:c6:
f2:e3:ee:6f:12:72:d7:a0:6c:42:4b:09:11:1e:c2:
88:6f:bb:c4:f4:22:fe:0f:71:d4:4d:1d:2e:57:7e:
9e:57:b6:cb:3f:98:5a:b1:03:3d:f4:9d:81:d4:19:
73:00:d5:58:87:28:a3:12:fa:d0:34:af:c6:82:ee:
a1:94:62:d9:7e:a1:df:5d:3f:ae:0e:29:38:2c:1c:
3e:08:d1:6c:06:6c:b1:1e:52:fd:43:6d:7b:6e:84:
d3:da:1a:af:90:fa:89:2a:97:59:3d:d8:d2:df:5b:
ca:cd:b1:96:1a:b3:be:40:dc:91:fe:f5:c9:4b:62:
ad:26:88:58:e3:fc:8f:3e:65:ba:e7:b7:7d:3f:8b:
da:f0:a7:70:40:08:32:7b:1c:19:a5:d9:59:a9:38:
48:03:3f:64:48:ac:a1:21:6a:5b:d6:40:53:b6:db:
72:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3F:4C:61:DC:DF:51:44:23:5B:53:AA:C7:7A:15:3B:25:29:1F:D9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/9z9MYdzfUUQjW1Oqx3oVOyUpH9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:110::/44
Signature Algorithm: sha256WithRSAEncryption
9a:5d:48:85:97:fe:c6:5c:6b:e9:48:72:04:51:d7:45:99:8d:
11:c4:f8:84:c4:20:9d:cd:9a:1f:d3:f6:1f:cf:7b:26:35:60:
fd:be:84:55:6c:a2:47:f2:6f:6a:65:72:1a:9c:b9:c0:35:7e:
70:f9:a9:71:b1:33:2b:56:01:d7:d1:82:19:dd:8f:4a:66:da:
2b:73:91:9b:56:c1:0a:36:0d:3a:b9:1f:ab:53:b7:46:34:72:
2f:4a:20:e1:a2:0c:c4:0c:71:60:8f:e0:46:74:60:8c:91:4d:
bd:97:1e:3a:70:8f:06:2e:6f:69:b9:0f:76:69:00:ed:1d:6c:
be:7e:6f:d6:25:3e:03:78:b6:72:9d:ba:b9:a7:a6:81:f6:ce:
52:7c:85:c6:7e:63:d9:3f:58:fb:36:f1:24:dd:59:2e:ec:bb:
07:9c:58:39:86:b1:72:a5:c8:84:71:38:bc:75:a9:cb:f2:c0:
2e:46:b3:0d:6c:0f:82:c6:fd:e6:87:69:1b:2b:df:5c:76:1b:
d1:07:74:2a:d2:eb:c1:c0:a5:1f:24:bb:67:ee:06:f4:56:a7:
96:d3:fe:cc:5f:5a:63:cb:22:da:76:63:6e:36:1a:3a:4d:10:
a3:6d:28:47:bf:5e:f5:84:bf:55:b5:70:85:7a:60:58:82:1c:
64:4a:33:c3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvNOpMeHAzu4HEXC0deMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNmNGM2MWRjZGY1MTQ0MjM1YjUzYWFjNzdhMTUzYjI1MjkxZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7g0z0s3nw4x3RJN7QzC41vwb1hf4
oGCrFcW+bHQhPIXehgVcLLsI0rxr+GBAMNJJhDMrnVBvUJ3EPOBGfgHYZSggT39G
bRvST10B6nAuwRsn9Pr4mcgJj8by4+5vEnLXoGxCSwkRHsKIb7vE9CL+D3HUTR0u
V36eV7bLP5hasQM99J2B1BlzANVYhyijEvrQNK/Ggu6hlGLZfqHfXT+uDik4LBw+
CNFsBmyxHlL9Q217boTT2hqvkPqJKpdZPdjS31vKzbGWGrO+QNyR/vXJS2KtJohY
4/yPPmW657d9P4va8KdwQAgyexwZpdlZqThIAz9kSKyhIWpb1kBTtttyjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPc/TGHc31FEI1tTqsd6FTslKR/ZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvOXo5TVlkemZVVVFqVzFPcXgzb1ZPeVVwSDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCaXUiFl/7GXGvpSHIEUddFmY0RxPiExCCdzZof
0/Yfz3smNWD9voRVbKJH8m9qZXIanLnANX5w+alxsTMrVgHX0YIZ3Y9KZtorc5Gb
VsEKNg06uR+rU7dGNHIvSiDhogzEDHFgj+BGdGCMkU29lx46cI8GLm9puQ92aQDt
HWy+fm/WJT4DeLZynbq5p6aB9s5SfIXGfmPZP1j7NvEk3Vku7LsHnFg5hrFypciE
cTi8danL8sAuRrMNbA+Cxv3mh2kbK99cdhvRB3Qq0uvBwKUfJLtn7gb0VqeW0/7M
X1pjyyLadmNuNho6TRCjbShHv171hL9VtXCFemBYghxkSjPD
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:29 2024 by rpki-client on console-fra.rpki-client.org