Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BLds5eNTgG6q7Q0HW-I0XIvp3ig.roa
File: BLds5eNTgG6q7Q0HW-I0XIvp3ig.roa (raw, json)
Hash identifier: ARd+/A7UJifI1iTS8bOZzABum/RyAEea2LswAIfrJy8=
Subject key identifier: 04:B7:6C:E5:E3:53:80:6E:AA:ED:0D:07:5B:E2:34:5C:8B:E9:DE:28
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD4CF429E1D758BA1F519773850946
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BLds5eNTgG6q7Q0HW-I0XIvp3ig.roa
Signing time: Tue 02 Jan 2024 10:34:35 +0000
ROA not before: Tue 02 Jan 2024 10:34:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213215
IP address blocks: 2a0e:b107:a20::/44 maxlen: 48
2a0e:b107:6e3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:4c:f4:29:e1:d7:58:ba:1f:51:97:73:85:09:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04b76ce5e353806eaaed0d075be2345c8be9de28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ef:6c:77:1b:24:2b:f1:c5:20:31:b9:aa:81:
ef:fd:82:a6:f7:4a:21:9a:95:81:a0:b5:09:a8:50:
15:d7:06:14:f3:3d:36:35:0a:cf:a9:e5:42:a1:33:
37:ef:24:f1:5e:dd:c8:2d:2b:f1:bb:dc:8f:29:35:
3b:3b:6b:e8:6e:45:ba:c6:e3:da:34:f6:3c:65:cd:
1c:58:53:b8:49:67:e4:79:11:c2:af:c1:92:4b:cf:
00:1a:15:2f:cb:29:da:1b:90:c1:06:5e:39:6f:4a:
b7:2b:7a:27:c1:23:26:e8:3e:29:ec:0e:9f:5c:01:
69:03:28:ce:03:bf:a6:99:29:6e:ea:4e:77:e1:1e:
13:8a:50:9a:f3:3f:da:2a:96:1e:d8:62:e9:1e:ec:
ea:fc:84:b6:b3:c7:97:9b:27:35:1b:af:ab:d0:f2:
2c:0e:18:e0:c5:86:ad:a8:aa:b2:2a:c7:4d:da:0f:
1e:f4:5a:94:b3:57:48:e5:e9:8e:39:51:f3:06:94:
3c:2f:90:4b:c2:9d:ae:51:8d:b4:c7:8c:42:41:eb:
73:0e:bc:4f:01:22:d3:b2:05:60:1a:36:0a:d7:ad:
60:4d:55:65:fa:15:c1:15:7a:c7:1e:f1:b0:35:6f:
c8:dc:f4:5c:bc:d1:07:26:7c:a3:b7:cd:41:a0:f7:
f6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B7:6C:E5:E3:53:80:6E:AA:ED:0D:07:5B:E2:34:5C:8B:E9:DE:28
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BLds5eNTgG6q7Q0HW-I0XIvp3ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:6e3::/48
2a0e:b107:a20::/44
Signature Algorithm: sha256WithRSAEncryption
8f:4a:ad:88:00:bf:b2:10:1a:e8:5c:b0:22:6f:8b:9a:5c:c0:
d3:64:02:e2:08:c6:9c:ca:0b:05:47:f3:73:e9:3b:e5:52:c1:
f2:67:4a:03:18:ce:ae:b1:f0:6e:a6:b7:9d:3f:82:26:9d:3b:
d7:ee:9e:34:51:46:10:e1:be:cf:6b:13:08:01:70:80:7e:21:
36:86:c0:5c:3d:78:d4:69:b6:c7:5c:69:cc:d4:73:d0:91:34:
09:cc:b2:10:39:67:2d:24:24:8f:bd:0c:19:a9:91:06:20:1c:
bc:dc:0c:02:2d:7e:bf:71:56:01:8d:b0:98:d4:d8:dd:87:b7:
4a:47:d6:11:7b:55:70:6e:06:88:13:aa:eb:0d:21:a0:0a:ef:
00:67:7f:1d:21:6d:5a:6a:ae:5a:e6:be:ac:45:f9:ae:d7:c9:
19:d7:d4:59:46:9a:ed:cf:7e:f3:c2:57:88:84:ff:6e:eb:26:
a0:01:16:ea:87:d7:21:ea:df:83:ec:9b:f8:96:3f:8b:15:cc:
da:1b:7d:f5:34:8f:ca:51:43:93:ab:37:88:5e:68:9d:be:99:
57:7d:d9:b3:70:86:f3:19:66:e1:a3:f6:83:d0:60:92:65:0d:
3f:a7:8a:94:4c:ed:91:2b:39:1d:bc:c3:bd:6a:bc:c7:cf:7b:
36:ee:08:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvUz0KeHXWLofUZdzhQlGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI3NmNlNWUzNTM4MDZlYWFlZDBkMDc1YmUyMzQ1YzhiZTlkZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+9sdxskK/HFIDG5qoHv/YKm90oh
mpWBoLUJqFAV1wYU8z02NQrPqeVCoTM37yTxXt3ILSvxu9yPKTU7O2vobkW6xuPa
NPY8Zc0cWFO4SWfkeRHCr8GSS88AGhUvyynaG5DBBl45b0q3K3onwSMm6D4p7A6f
XAFpAyjOA7+mmSlu6k534R4TilCa8z/aKpYe2GLpHuzq/IS2s8eXmyc1G6+r0PIs
DhjgxYatqKqyKsdN2g8e9FqUs1dI5emOOVHzBpQ8L5BLwp2uUY20x4xCQetzDrxP
ASLTsgVgGjYK161gTVVl+hXBFXrHHvGwNW/I3PRcvNEHJnyjt81BoPf2/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAS3bOXjU4Buqu0NB1viNFyL6d4oMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQkxkczVlTlRnRzZxN1EwSFctSTBYSXZwM2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBwbj
AwcEKg6xBwogMA0GCSqGSIb3DQEBCwUAA4IBAQCPSq2IAL+yEBroXLAib4uaXMDT
ZALiCMacygsFR/Nz6TvlUsHyZ0oDGM6usfBupredP4ImnTvX7p40UUYQ4b7PaxMI
AXCAfiE2hsBcPXjUabbHXGnM1HPQkTQJzLIQOWctJCSPvQwZqZEGIBy83AwCLX6/
cVYBjbCY1Njdh7dKR9YRe1VwbgaIE6rrDSGgCu8AZ38dIW1aaq5a5r6sRfmu18kZ
19RZRprtz37zwleIhP9u6yagARbqh9ch6t+D7Jv4lj+LFczaG331NI/KUUOTqzeI
XmidvplXfdmzcIbzGWbho/aD0GCSZQ0/p4qUTO2RKzkdvMO9arzHz3s27ghC
-----END CERTIFICATE-----
Generated at Fri May 3 11:06:41 2024 by rpki-client on console-ams.rpki-client.org