Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Cv-GOtO7njkx0WXxGoyp1GWE4lA.roa
File: Cv-GOtO7njkx0WXxGoyp1GWE4lA.roa (raw, json)
Hash identifier: 7P3njJOqC21MTcxvlj4+qTwPOp1TxHSjyDSnUvAmQEU=
Subject key identifier: 0A:FF:86:3A:D3:BB:9E:39:31:D1:65:F1:1A:8C:A9:D4:65:84:E2:50
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD37B8623F067545AF6C1A9CF6862A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Cv-GOtO7njkx0WXxGoyp1GWE4lA.roa
Signing time: Tue 02 Jan 2024 10:34:30 +0000
ROA not before: Tue 02 Jan 2024 10:34:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211548
IP address blocks: 2a0e:97c0:2c0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:37:b8:62:3f:06:75:45:af:6c:1a:9c:f6:86:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aff863ad3bb9e3931d165f11a8ca9d46584e250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7e:98:4e:70:4b:cf:87:a4:31:f0:69:1c:57:
1f:85:ca:b5:2d:90:4d:2d:69:d4:bc:b6:9b:fb:8b:
83:be:38:82:4e:da:e7:00:5b:e5:b5:5c:4d:63:d5:
9d:29:70:59:ef:86:d7:91:10:bf:99:46:6b:3b:62:
e0:82:b0:04:c8:a3:5f:cd:58:80:42:c8:bc:c5:09:
c2:89:e8:5e:01:e1:e1:32:84:fb:7f:ad:36:a1:f8:
4f:42:a0:54:3d:0f:16:77:75:f4:9b:d8:ea:0f:36:
49:c9:6d:91:fb:d3:cc:4c:5f:26:39:20:99:8d:68:
f5:af:f9:07:66:ac:78:a5:91:01:8e:b3:03:ac:05:
74:2d:69:df:dc:7d:e3:1c:f1:e5:9c:05:78:ac:92:
68:c5:ac:ad:02:b1:91:91:df:88:94:94:09:7c:69:
3d:bf:8a:04:47:14:5b:df:79:8e:cc:68:b6:6c:33:
3b:ef:c3:c0:ca:65:12:f5:ad:5d:4b:2d:14:e1:7d:
df:ed:b8:ee:67:5d:7c:10:ca:88:b6:10:d9:6f:10:
37:f0:96:52:93:81:49:95:8c:09:a2:88:43:0f:72:
5e:ac:19:63:38:b2:b5:0d:45:60:6a:94:37:eb:b8:
d7:0a:01:1a:e2:23:29:34:71:8d:f2:61:cc:68:a2:
1b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FF:86:3A:D3:BB:9E:39:31:D1:65:F1:1A:8C:A9:D4:65:84:E2:50
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Cv-GOtO7njkx0WXxGoyp1GWE4lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:2c0::/44
Signature Algorithm: sha256WithRSAEncryption
cc:2d:df:35:6d:ca:4b:1d:1a:c6:c4:c8:f9:9e:c1:68:1d:fa:
fd:28:be:7c:0f:91:c7:f6:36:aa:ef:ea:96:00:45:5b:18:11:
13:e1:f0:8e:81:62:ab:7f:c0:1f:c3:d1:d5:9b:f2:7b:ae:0a:
99:20:6c:d8:b6:8a:be:3a:18:8f:f5:34:03:b2:d3:14:90:53:
96:24:38:0b:db:78:9c:38:21:7c:dd:55:c8:2d:b8:cb:51:51:
76:27:3d:8f:40:8f:89:a5:4c:18:13:29:28:83:70:30:cc:c4:
ce:6f:4e:db:97:23:e4:94:3b:d1:c7:3b:f6:f3:f9:98:0e:55:
59:28:e5:1b:db:6d:71:28:9a:11:c3:a8:ef:a8:a6:95:08:7b:
44:7d:69:d6:b3:2f:4f:69:f4:1b:74:69:53:13:62:92:5a:6d:
52:3a:7c:ff:d6:1e:ec:84:92:82:5f:10:d1:bc:72:25:c3:16:
4a:a1:93:e7:ec:99:ef:e7:c3:53:ff:40:b8:80:86:4d:35:58:
8a:59:a9:97:30:9a:9c:4a:4d:aa:9e:01:82:f1:03:e5:7a:e3:
f8:aa:ec:55:4e:2e:b3:05:14:6d:73:8d:05:c3:56:a6:d6:b8:
af:83:5d:72:4e:70:c4:3d:33:b5:9e:6f:77:c8:f8:a6:79:ce:
65:16:bf:c8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvTe4Yj8GdUWvbBqc9oYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWZmODYzYWQzYmI5ZTM5MzFkMTY1ZjExYThjYTlkNDY1ODRlMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX6YTnBLz4ekMfBpHFcfhcq1LZBN
LWnUvLab+4uDvjiCTtrnAFvltVxNY9WdKXBZ74bXkRC/mUZrO2LggrAEyKNfzViA
Qsi8xQnCieheAeHhMoT7f602ofhPQqBUPQ8Wd3X0m9jqDzZJyW2R+9PMTF8mOSCZ
jWj1r/kHZqx4pZEBjrMDrAV0LWnf3H3jHPHlnAV4rJJoxaytArGRkd+IlJQJfGk9
v4oERxRb33mOzGi2bDM778PAymUS9a1dSy0U4X3f7bjuZ118EMqIthDZbxA38JZS
k4FJlYwJoohDD3JerBljOLK1DUVgapQ367jXCgEa4iMpNHGN8mHMaKIbQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAr/hjrTu545MdFl8RqMqdRlhOJQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQ3YtR090Tzduamt4MFdYeEdveXAxR1dFNGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwALA
MA0GCSqGSIb3DQEBCwUAA4IBAQDMLd81bcpLHRrGxMj5nsFoHfr9KL58D5HH9jaq
7+qWAEVbGBET4fCOgWKrf8Afw9HVm/J7rgqZIGzYtoq+OhiP9TQDstMUkFOWJDgL
23icOCF83VXILbjLUVF2Jz2PQI+JpUwYEykog3AwzMTOb07blyPklDvRxzv28/mY
DlVZKOUb221xKJoRw6jvqKaVCHtEfWnWsy9PafQbdGlTE2KSWm1SOnz/1h7shJKC
XxDRvHIlwxZKoZPn7Jnv58NT/0C4gIZNNViKWamXMJqcSk2qngGC8QPleuP4quxV
Ti6zBRRtc40Fw1am1rivg11yTnDEPTO1nm93yPimec5lFr/I
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:54 2024 by rpki-client on console-ams.rpki-client.org