Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BlVZ9y0NRed8Y5mmU9GK8VSjghU.roa
File: BlVZ9y0NRed8Y5mmU9GK8VSjghU.roa (raw, json)
Hash identifier: AyK3uuk7SQ06lfbFmndDSKRJ4ZgBe5fv7T/M71QpegA=
Subject key identifier: 06:55:59:F7:2D:0D:45:E7:7C:63:99:A6:53:D1:8A:F1:54:A3:82:15
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD16D0432152D15929F9C6A74CD078
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BlVZ9y0NRed8Y5mmU9GK8VSjghU.roa
Signing time: Tue 02 Jan 2024 10:34:21 +0000
ROA not before: Tue 02 Jan 2024 10:34:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208191
IP address blocks: 2a0e:b107:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:16:d0:43:21:52:d1:59:29:f9:c6:a7:4c:d0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=065559f72d0d45e77c6399a653d18af154a38215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4c:b4:ca:da:e0:93:78:23:70:46:16:bf:ab:
55:ac:4b:8a:df:3a:39:07:19:15:9d:9d:f8:73:88:
36:01:a3:42:7b:1d:21:a2:99:31:ed:6a:fe:77:b0:
ee:d5:c9:cb:6b:71:7d:94:42:5f:8a:f6:fb:62:17:
ef:a4:68:8e:49:ee:da:cb:5a:7c:e4:91:bd:44:7b:
b0:e0:fd:90:e8:8c:ac:ac:6d:99:f6:93:93:4e:9f:
8d:2d:26:14:51:f0:57:d2:d6:32:be:6b:f5:75:9f:
0a:67:44:52:56:29:a3:a0:16:ab:92:d9:26:08:4d:
64:b0:3d:e5:85:23:ce:4e:3e:03:fc:8e:74:69:ee:
d8:62:14:5a:1f:fe:9c:ec:47:9a:13:63:fc:fc:2c:
9a:79:30:dd:18:f4:df:34:fc:81:ef:c0:7c:45:f4:
ac:19:13:41:29:cd:43:ec:40:9e:ba:43:2f:38:88:
23:6b:6e:5c:66:85:8f:71:48:37:3f:00:cf:82:1a:
19:3f:fb:d5:ed:a3:f9:15:97:6d:48:f5:a0:93:19:
72:fe:a3:88:0e:60:58:a7:3f:b1:42:95:17:48:c3:
ab:a3:19:12:fd:d5:d3:ea:a4:22:85:da:01:d8:c6:
f5:f3:10:09:86:1e:65:d7:3d:5a:68:ea:dc:64:ed:
1a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:55:59:F7:2D:0D:45:E7:7C:63:99:A6:53:D1:8A:F1:54:A3:82:15
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/BlVZ9y0NRed8Y5mmU9GK8VSjghU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:16::/48
Signature Algorithm: sha256WithRSAEncryption
79:0a:9d:47:4b:48:eb:53:5e:e4:95:ce:bb:f2:af:71:66:4d:
91:96:e4:06:e7:a2:5c:2a:9e:10:c2:88:a0:15:55:42:69:f3:
55:d9:99:ba:3c:a9:e1:31:8b:5d:2f:e8:91:b3:b4:17:3a:bf:
70:db:e2:d6:eb:8d:d6:1a:0d:bb:2f:3c:ab:ff:51:7d:ba:2b:
12:05:24:46:1c:72:f5:42:79:ac:a4:cc:a6:7a:c5:02:48:1a:
b6:3c:6a:95:f2:92:bb:00:c9:d9:9f:9e:e9:c8:ce:7b:fd:24:
31:5d:64:06:1b:cb:d2:13:5c:a1:dd:f5:1b:d6:8f:a1:4a:af:
a9:13:56:cf:9e:9c:fd:f8:70:0f:cb:53:b6:af:e5:76:c6:b0:
38:32:f9:98:7a:15:13:a8:9a:76:84:02:b9:b4:f5:2b:af:17:
c9:50:6e:ba:cb:38:ea:cf:12:0c:db:6f:a2:f1:e5:5d:48:70:
27:5c:6f:78:fb:dc:0c:de:94:5f:88:d5:cc:c6:ba:0e:9e:13:
82:ab:c3:f5:5e:e6:db:82:03:78:5c:92:e3:fc:4e:da:60:a3:
1a:80:8c:87:ed:0b:c4:d7:0a:06:38:93:7a:22:47:db:7f:04:
6d:2c:0c:cf:9e:8f:fe:3d:28:63:93:38:c9:74:06:b5:04:7e:
5d:07:a5:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvRbQQyFS0Vkp+canTNB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU1NTlmNzJkMGQ0NWU3N2M2Mzk5YTY1M2QxOGFmMTU0YTM4MjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjky0ytrgk3gjcEYWv6tVrEuK3zo5
BxkVnZ34c4g2AaNCex0hopkx7Wr+d7Du1cnLa3F9lEJfivb7YhfvpGiOSe7ay1p8
5JG9RHuw4P2Q6IysrG2Z9pOTTp+NLSYUUfBX0tYyvmv1dZ8KZ0RSVimjoBarktkm
CE1ksD3lhSPOTj4D/I50ae7YYhRaH/6c7EeaE2P8/CyaeTDdGPTfNPyB78B8RfSs
GRNBKc1D7ECeukMvOIgja25cZoWPcUg3PwDPghoZP/vV7aP5FZdtSPWgkxly/qOI
DmBYpz+xQpUXSMOroxkS/dXT6qQihdoB2Mb18xAJhh5l1z1aaOrcZO0alwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAZVWfctDUXnfGOZplPRivFUo4IVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQmxWWjl5ME5SZWQ4WTVtbVU5R0s4VlNqZ2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwAW
MA0GCSqGSIb3DQEBCwUAA4IBAQB5Cp1HS0jrU17klc678q9xZk2RluQG56JcKp4Q
woigFVVCafNV2Zm6PKnhMYtdL+iRs7QXOr9w2+LW643WGg27Lzyr/1F9uisSBSRG
HHL1QnmspMymesUCSBq2PGqV8pK7AMnZn57pyM57/SQxXWQGG8vSE1yh3fUb1o+h
Sq+pE1bPnpz9+HAPy1O2r+V2xrA4MvmYehUTqJp2hAK5tPUrrxfJUG66yzjqzxIM
22+i8eVdSHAnXG94+9wM3pRfiNXMxroOnhOCq8P1XubbggN4XJLj/E7aYKMagIyH
7QvE1woGOJN6IkfbfwRtLAzPno/+PShjkzjJdAa1BH5dB6Xm
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:29 2024 by rpki-client on console-fra.rpki-client.org