Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FPRpWfJ56bA4Vu7zWdoTB6tynJs.roa
File: FPRpWfJ56bA4Vu7zWdoTB6tynJs.roa (raw, json)
Hash identifier: 5SvzGN5d1D5BBGjTDEtg01M9bciIzElk08WfH8ugJws=
Subject key identifier: 14:F4:69:59:F2:79:E9:B0:38:56:EE:F3:59:DA:13:07:AB:72:9C:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521C37693AEBFB6F435B8129CB89BC2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FPRpWfJ56bA4Vu7zWdoTB6tynJs.roa
Signing time: Thu 02 Jan 2025 03:49:17 +0000
ROA not before: Thu 02 Jan 2025 03:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 2a0e:97c0:b18::/48 maxlen: 48
2a0e:b107:27c7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c3:76:93:ae:bf:b6:f4:35:b8:12:9c:b8:9b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14f46959f279e9b03856eef359da1307ab729c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:b7:92:5b:4f:c1:08:32:53:ec:3c:58:fa:
77:01:b5:9c:0c:e2:63:f1:27:4e:f7:4c:3e:cc:43:
7c:1b:db:f4:c6:80:b1:3e:c7:9d:7b:34:1f:8d:1e:
e2:9e:5a:49:e0:b8:24:46:b9:6b:fd:94:c7:30:a7:
14:af:52:5a:a7:ef:ef:cf:31:17:62:2e:2c:c2:c7:
e4:0e:a4:fa:ce:f8:6b:60:36:50:4a:c6:10:00:3c:
0b:7e:05:c5:27:26:40:d5:c4:e4:dd:c2:95:5e:7e:
f6:31:23:88:5f:5e:17:e3:e0:bc:e2:df:ef:3a:79:
cf:40:36:d7:0c:21:93:bf:cf:53:8e:85:75:47:00:
5c:c0:8b:49:f3:92:e2:27:b7:51:0d:c8:fa:1c:00:
47:83:a0:5d:a7:a4:4d:7a:56:dd:95:45:9d:0b:93:
9d:eb:e9:25:37:20:fd:35:6c:71:6e:2f:8c:7d:00:
1e:a7:05:3e:30:ca:a8:bf:75:16:68:55:7d:72:e9:
84:f3:ef:10:2e:8f:90:60:fd:9d:6f:5e:76:b5:8b:
df:3c:0c:a3:1c:11:1f:e6:4e:5e:38:71:85:a7:5f:
31:37:9a:45:d4:d0:7a:2a:10:f1:65:d1:ba:4a:13:
2c:fe:e3:8f:3e:34:f8:b9:ca:16:c0:a5:35:e9:cb:
f4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F4:69:59:F2:79:E9:B0:38:56:EE:F3:59:DA:13:07:AB:72:9C:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FPRpWfJ56bA4Vu7zWdoTB6tynJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b18::/48
2a0e:b107:27c7::/48
Signature Algorithm: sha256WithRSAEncryption
9b:3a:13:8e:85:bb:0d:00:1f:1f:fc:bc:84:ce:0e:e4:89:e4:
f6:58:e1:d8:1d:7e:98:34:c5:18:a8:43:ec:71:c7:98:ae:01:
e1:0d:65:16:8d:12:94:c6:17:7f:cb:7f:b7:d5:7b:f1:10:48:
1b:aa:1c:c9:67:fb:f0:aa:f5:a9:51:e7:ce:ad:5c:29:94:3b:
56:5c:49:7e:5a:51:a4:4e:4c:c4:52:5d:ec:6d:01:34:59:14:
db:9e:f8:b5:e5:13:08:03:ac:9c:30:be:ad:56:6a:34:f1:88:
96:d4:db:c2:ac:79:20:ca:0b:d2:0f:bf:bf:af:a7:bd:f8:55:
c2:e1:28:7a:ea:63:5f:2b:3f:b0:6b:5f:3a:79:74:40:b0:a6:
3f:44:53:d9:3a:2d:68:a7:78:ed:44:38:67:3c:f0:53:8a:9f:
d9:9f:15:88:0a:21:37:40:54:09:8c:a4:b0:4e:57:6c:35:3f:
08:36:45:2e:0b:05:97:2a:3b:4d:64:1d:c7:a7:f1:89:57:9e:
36:a8:72:16:ee:a2:e6:f7:60:86:77:4c:ef:2a:cd:9b:ab:0a:
b6:68:0a:94:8f:a1:44:fc:72:12:4d:f0:42:9c:00:ae:0a:81:
0c:90:88:5e:9c:6d:80:63:28:8f:d7:91:8b:22:ae:aa:11:b3:
38:bc:0d:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIcN2k66/tvQ1uBKcuJvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGY0Njk1OWYyNzllOWIwMzg1NmVlZjM1OWRhMTMwN2FiNzI5YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLq3kltPwQgyU+w8WPp3AbWcDOJj
8SdO90w+zEN8G9v0xoCxPsedezQfjR7inlpJ4LgkRrlr/ZTHMKcUr1Jap+/vzzEX
Yi4swsfkDqT6zvhrYDZQSsYQADwLfgXFJyZA1cTk3cKVXn72MSOIX14X4+C84t/v
OnnPQDbXDCGTv89TjoV1RwBcwItJ85LiJ7dRDcj6HABHg6Bdp6RNelbdlUWdC5Od
6+klNyD9NWxxbi+MfQAepwU+MMqov3UWaFV9cumE8+8QLo+QYP2db152tYvfPAyj
HBEf5k5eOHGFp18xN5pF1NB6KhDxZdG6ShMs/uOPPjT4ucoWwKU16cv0DQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBT0aVnyeemwOFbu81naEwercpybMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRlBScFdmSjU2YkE0VnU3eldkb1RCNnR5bkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6XwAsY
AwcAKg6xByfHMA0GCSqGSIb3DQEBCwUAA4IBAQCbOhOOhbsNAB8f/LyEzg7kieT2
WOHYHX6YNMUYqEPscceYrgHhDWUWjRKUxhd/y3+31XvxEEgbqhzJZ/vwqvWpUefO
rVwplDtWXEl+WlGkTkzEUl3sbQE0WRTbnvi15RMIA6ycML6tVmo08YiW1NvCrHkg
ygvSD7+/r6e9+FXC4Sh66mNfKz+wa186eXRAsKY/RFPZOi1op3jtRDhnPPBTip/Z
nxWICiE3QFQJjKSwTldsNT8INkUuCwWXKjtNZB3Hp/GJV542qHIW7qLm92CGd0zv
Ks2bqwq2aAqUj6FE/HISTfBCnACuCoEMkIhenG2AYyiP15GLIq6qEbM4vA0n
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:54:17 2025 by rpki-client