Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C0GnqF62gD_TwognpBO5Lig9Z1U.roa
File: C0GnqF62gD_TwognpBO5Lig9Z1U.roa (raw, json)
Hash identifier: nSyLYeGv/TeXjHPqROLUGQSfNP399uIOaIYFEcc9fMc=
Subject key identifier: 0B:41:A7:A8:5E:B6:80:3F:D3:C2:88:27:A4:13:B9:2E:28:3D:67:55
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD33EC8252D386D30395F883F721D9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C0GnqF62gD_TwognpBO5Lig9Z1U.roa
Signing time: Tue 02 Jan 2024 10:34:29 +0000
ROA not before: Tue 02 Jan 2024 10:34:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211284
IP address blocks: 2a0e:b107:13e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:33:ec:82:52:d3:86:d3:03:95:f8:83:f7:21:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b41a7a85eb6803fd3c28827a413b92e283d6755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6a:f8:e9:f6:b7:ad:a7:a1:17:b8:31:d3:44:
7c:15:44:ce:20:7d:e7:e0:bf:7a:87:0d:40:cb:75:
0f:bd:97:05:52:1b:e0:eb:f4:07:8d:f0:02:92:9f:
f3:1a:34:06:ab:03:e8:4b:7c:bc:c5:fa:eb:e9:15:
fa:fa:d9:04:67:8d:0d:10:ac:d5:75:dd:e8:52:fa:
f9:25:08:73:6d:03:0c:e2:67:24:53:56:18:4f:86:
00:8e:84:1a:70:bc:1d:49:c8:af:5b:02:78:73:70:
62:b6:8b:1d:94:4a:ba:16:62:8a:23:d5:a7:44:ed:
ce:19:01:dd:90:88:0f:ef:9f:c8:db:06:3a:d5:1c:
3c:0e:2e:1a:4c:35:4c:34:91:4f:59:a2:88:14:ac:
1d:da:03:b6:3b:f6:5b:46:7d:a2:37:3c:12:9a:4a:
ef:83:ae:11:df:3d:dd:ac:56:90:9d:fb:2a:3c:42:
d4:f0:dc:7c:27:fe:20:46:76:fd:00:ce:c4:b2:49:
56:d2:c1:ea:bd:95:27:4c:32:61:f7:16:d6:5b:18:
12:f7:83:48:1d:bc:99:d9:80:c4:e0:fd:0d:ac:b7:
61:ff:f4:fc:3a:09:dc:04:a3:35:70:3f:fd:ed:a3:
09:35:ca:10:8d:ea:ac:27:05:be:50:3d:46:20:d6:
f0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:41:A7:A8:5E:B6:80:3F:D3:C2:88:27:A4:13:B9:2E:28:3D:67:55
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C0GnqF62gD_TwognpBO5Lig9Z1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:13e0::/44
Signature Algorithm: sha256WithRSAEncryption
b8:6e:50:e2:da:a0:a9:ff:48:17:42:b4:fb:07:da:e7:e6:c3:
90:d8:fb:27:f5:58:24:fe:bc:65:f9:4b:e1:86:47:95:92:05:
50:9f:4b:2a:a5:b5:71:55:0d:4f:00:92:95:3b:47:79:f1:1f:
ef:ce:80:78:5f:28:e4:a9:69:fb:00:c6:f8:86:1a:8f:e5:e0:
82:bf:68:d6:e2:ec:e7:24:67:ad:5b:41:01:52:cd:eb:34:ca:
1b:b3:cb:3a:03:bd:19:c8:25:05:ed:70:e5:aa:90:30:c8:04:
a9:99:47:22:51:a5:e9:24:90:d2:8c:5f:bc:d0:38:4c:1b:be:
da:6b:34:0d:c2:f2:25:0a:e5:56:5f:5d:c8:d2:87:78:6e:31:
88:68:f2:58:a7:fc:09:3e:cb:91:d9:c5:43:b1:38:ee:a7:c1:
0f:e7:3d:9f:78:1b:3e:0a:c9:4c:d3:ee:f9:9e:36:3b:77:a7:
48:66:32:86:e9:e4:72:85:75:a8:e0:cb:d3:3e:91:3a:a3:5c:
bb:51:59:76:41:55:2e:16:55:8f:22:30:c1:82:d0:87:6a:04:
6d:89:72:b8:66:81:34:67:cb:c6:5e:d7:c4:e9:a8:39:0f:75:
ac:9f:1c:0a:9f:76:55:ef:7e:9a:a9:ef:3a:e2:31:8f:72:b2:
c3:be:73:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvTPsglLThtMDlfiD9yHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQxYTdhODVlYjY4MDNmZDNjMjg4MjdhNDEzYjkyZTI4M2Q2NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGr46fa3raehF7gx00R8FUTOIH3n
4L96hw1Ay3UPvZcFUhvg6/QHjfACkp/zGjQGqwPoS3y8xfrr6RX6+tkEZ40NEKzV
dd3oUvr5JQhzbQMM4mckU1YYT4YAjoQacLwdScivWwJ4c3BitosdlEq6FmKKI9Wn
RO3OGQHdkIgP75/I2wY61Rw8Di4aTDVMNJFPWaKIFKwd2gO2O/ZbRn2iNzwSmkrv
g64R3z3drFaQnfsqPELU8Nx8J/4gRnb9AM7EsklW0sHqvZUnTDJh9xbWWxgS94NI
HbyZ2YDE4P0NrLdh//T8OgncBKM1cD/97aMJNcoQjeqsJwW+UD1GINbw8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAtBp6hetoA/08KIJ6QTuS4oPWdVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQzBHbnFGNjJnRF9Ud29nbnBCTzVMaWc5WjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxPg
MA0GCSqGSIb3DQEBCwUAA4IBAQC4blDi2qCp/0gXQrT7B9rn5sOQ2Psn9Vgk/rxl
+UvhhkeVkgVQn0sqpbVxVQ1PAJKVO0d58R/vzoB4XyjkqWn7AMb4hhqP5eCCv2jW
4uznJGetW0EBUs3rNMobs8s6A70ZyCUF7XDlqpAwyASpmUciUaXpJJDSjF+80DhM
G77aazQNwvIlCuVWX13I0od4bjGIaPJYp/wJPsuR2cVDsTjup8EP5z2feBs+CslM
0+75njY7d6dIZjKG6eRyhXWo4MvTPpE6o1y7UVl2QVUuFlWPIjDBgtCHagRtiXK4
ZoE0Z8vGXtfE6ag5D3WsnxwKn3ZV736aqe864jGPcrLDvnO7
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:54 2024 by rpki-client on console-ams.rpki-client.org