Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CV3OZ4ozfxEeREVHNTCrf5fCIyo.roa
File: CV3OZ4ozfxEeREVHNTCrf5fCIyo.roa (raw, json)
Hash identifier: HOJ3vHjZXDX+zwlvLSX4+OuyZTgvAqyv0ISBUSPSNks=
Subject key identifier: 09:5D:CE:67:8A:33:7F:11:1E:44:45:47:35:30:AB:7F:97:C2:23:2A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D1D2221B7D0AA135E9D251A555E0C6D73
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CV3OZ4ozfxEeREVHNTCrf5fCIyo.roa
Signing time: Thu 18 Jan 2024 15:13:12 +0000
ROA not before: Thu 18 Jan 2024 15:13:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216026
IP address blocks: 2a0e:97c0:580::/48 maxlen: 48
2a0e:97c0:581::/48 maxlen: 48
2a0e:97c0:582::/48 maxlen: 48
2a0e:97c0:583::/48 maxlen: 48
2a0e:97c0:584::/48 maxlen: 48
2a0e:97c0:585::/48 maxlen: 48
2a0e:97c0:586::/48 maxlen: 48
2a0e:97c0:588::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:22:21:b7:d0:aa:13:5e:9d:25:1a:55:5e:0c:6d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 18 15:13:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=095dce678a337f111e4445473530ab7f97c2232a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:62:1b:46:cb:4c:59:cc:f8:46:68:b3:c9:
05:a8:f7:b1:90:7d:96:1c:b1:90:52:49:20:c3:9d:
fd:83:55:83:a3:c1:a4:9a:a4:3f:86:51:4d:e1:95:
7a:86:cb:ac:ae:4a:be:d8:e2:a2:e7:76:96:81:f2:
1b:2e:fe:98:96:b4:be:cc:fb:4a:d1:76:17:fc:ef:
14:75:49:59:6a:92:18:52:34:07:5f:16:4d:1b:5f:
7d:94:cb:3c:98:35:42:7f:54:34:eb:93:7a:67:84:
9f:ab:93:f8:2b:9b:cf:6b:2b:84:e8:fa:77:de:0e:
31:44:dd:11:10:83:13:b0:33:a8:74:57:f9:ea:96:
32:f3:28:f0:e2:e9:c7:60:e4:88:a9:b6:39:4c:f3:
3e:8c:21:f1:9c:93:6d:da:e0:03:59:58:68:8e:2f:
0a:03:8c:b4:c2:4c:24:e3:11:57:6b:5a:2c:73:56:
56:1b:16:2c:8f:e4:4a:77:8d:a4:29:83:c8:82:96:
44:11:42:f5:d1:e2:fa:16:ca:74:58:9e:0c:ed:29:
be:87:eb:24:a4:97:a3:26:79:48:72:ef:ef:0b:49:
09:48:1f:7d:ff:5a:71:9c:80:85:70:e9:06:98:f1:
77:a5:21:87:b5:9b:2d:8c:af:a1:f2:a6:2d:21:84:
63:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5D:CE:67:8A:33:7F:11:1E:44:45:47:35:30:AB:7F:97:C2:23:2A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/CV3OZ4ozfxEeREVHNTCrf5fCIyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:580::-2a0e:97c0:586:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:588::/47
Signature Algorithm: sha256WithRSAEncryption
a3:6d:59:d9:c4:84:f1:ad:9f:03:4e:0e:a3:81:77:68:9a:6a:
e2:db:09:03:bf:ef:df:af:14:e6:67:c5:52:f6:c6:29:02:aa:
75:1c:b1:03:b8:e2:b8:22:71:e3:f4:d2:e1:c0:0a:82:06:91:
f5:7f:17:2c:fa:4d:13:60:4e:33:2d:8d:e3:d8:89:33:3d:60:
65:01:55:a8:7b:ee:e4:2f:cb:ff:80:e4:ed:86:31:8c:fe:af:
ab:32:c2:d9:b3:c4:20:4f:dd:9b:f6:9d:48:68:d6:a3:d6:82:
74:a1:b7:56:58:26:69:bc:0a:89:39:ab:a6:db:86:ef:52:e1:
1e:f1:e6:b2:65:46:5a:a6:f5:9f:26:83:7c:86:db:54:cc:62:
cb:7c:6b:c1:e7:be:4b:0b:54:cf:5e:59:5a:49:08:42:23:36:
cd:92:fd:5c:14:4f:bd:a7:ac:92:4a:e2:43:e2:15:b1:bc:01:
3d:65:4b:c1:6d:f5:0d:34:c0:a4:4d:b5:f9:f9:be:c7:0f:0e:
83:f8:29:e2:ab:34:62:1a:0b:1b:a3:26:34:d9:ff:14:06:41:
82:d0:e2:5c:51:75:5e:6c:f8:50:31:76:2f:9d:39:c5:67:9d:
de:6f:7a:c4:af:84:8d:33:96:c4:ba:bb:da:7e:0d:6f:39:18:
b4:44:31:51
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY0dIiG30KoTXp0lGlVeDG1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE4MTUxMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTVkY2U2NzhhMzM3ZjExMWU0NDQ1NDczNTMwYWI3Zjk3YzIyMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgdiG0bLTFnM+EZos8kFqPexkH2W
HLGQUkkgw539g1WDo8GkmqQ/hlFN4ZV6hsusrkq+2OKi53aWgfIbLv6YlrS+zPtK
0XYX/O8UdUlZapIYUjQHXxZNG199lMs8mDVCf1Q065N6Z4Sfq5P4K5vPayuE6Pp3
3g4xRN0REIMTsDOodFf56pYy8yjw4unHYOSIqbY5TPM+jCHxnJNt2uADWVhoji8K
A4y0wkwk4xFXa1osc1ZWGxYsj+RKd42kKYPIgpZEEUL10eL6Fsp0WJ4M7Sm+h+sk
pJejJnlIcu/vC0kJSB99/1pxnICFcOkGmPF3pSGHtZstjK+h8qYtIYRjeQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAldzmeKM38RHkRFRzUwq3+XwiMqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ1YzT1o0b3pmeEVlUkVWSE5UQ3JmNWZDSXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwcqDpfA
BYADBwAqDpfABYYDBwEqDpfABYgwDQYJKoZIhvcNAQELBQADggEBAKNtWdnEhPGt
nwNODqOBd2iaauLbCQO/79+vFOZnxVL2xikCqnUcsQO44rgiceP00uHACoIGkfV/
Fyz6TRNgTjMtjePYiTM9YGUBVah77uQvy/+A5O2GMYz+r6sywtmzxCBP3Zv2nUho
1qPWgnSht1ZYJmm8Cok5q6bbhu9S4R7x5rJlRlqm9Z8mg3yG21TMYst8a8HnvksL
VM9eWVpJCEIjNs2S/VwUT72nrJJK4kPiFbG8AT1lS8Ft9Q00wKRNtfn5vscPDoP4
KeKrNGIaCxujJjTZ/xQGQYLQ4lxRdV5s+FAxdi+dOcVnnd5vesSvhI0zlsS6u9p+
DW85GLREMVE=
-----END CERTIFICATE-----
Generated at Fri May 3 06:34:59 2024 by rpki-client on console-ams.rpki-client.org