Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FXuSi3KYXbwb1CFSVpCjNnbHo2s.roa
File: FXuSi3KYXbwb1CFSVpCjNnbHo2s.roa (raw, json)
Hash identifier: 3pAR5+KlodR+F0j5DkDBsd6lZccKPY6DD8MD3mKZppw=
Subject key identifier: 15:7B:92:8B:72:98:5D:BC:1B:D4:21:52:56:90:A3:36:76:C7:A3:6B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425225221AAF4BEC96D81DA67BBC370A5
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FXuSi3KYXbwb1CFSVpCjNnbHo2s.roa
Signing time: Thu 02 Jan 2025 03:49:53 +0000
ROA not before: Thu 02 Jan 2025 03:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211509
IP address blocks: 2a0e:b107:1180::/48 maxlen: 48
2a0e:b107:1181::/48 maxlen: 48
2a0e:b107:1182::/48 maxlen: 48
2a0e:b107:1183::/48 maxlen: 48
2a0e:b107:1184::/48 maxlen: 48
2a0e:b107:1185::/48 maxlen: 48
2a0e:b107:1186::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:52:21:aa:f4:be:c9:6d:81:da:67:bb:c3:70:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=157b928b72985dbc1bd421525690a33676c7a36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:89:02:de:f3:b7:98:d7:f5:40:95:ac:7a:c0:
53:58:bc:48:1a:4a:e9:36:69:97:7a:81:1e:31:f5:
80:9e:79:be:62:23:fd:25:6b:4a:da:38:56:0b:78:
68:69:8a:cb:7b:52:3d:5c:17:47:46:e1:68:f5:6d:
64:6a:bb:03:c5:4f:d2:3c:30:cb:12:fc:b0:20:3a:
78:fa:a3:2a:70:cf:df:7f:00:30:d5:79:6e:c4:c5:
e8:89:89:41:8b:65:80:9c:6a:fd:24:be:4a:62:88:
bc:3e:ed:4e:ad:fc:79:da:42:fc:44:16:bf:ea:45:
f6:35:4d:55:50:99:bf:a1:8e:41:e0:57:8a:3a:f9:
4f:93:22:43:10:f8:1a:4c:42:4c:e5:c1:fd:5f:7c:
72:1b:d2:28:fd:9a:29:28:cc:23:29:a5:32:2c:a0:
23:4f:4f:37:e1:44:ef:eb:a5:09:9c:12:6a:1d:27:
1f:2c:74:b9:7e:fd:52:c6:6c:a9:ec:1a:24:e8:8a:
9a:74:36:66:2e:a4:8a:65:49:a1:89:e6:e8:99:d7:
c6:bb:49:e1:23:14:4a:ed:58:0a:df:41:34:60:7f:
42:59:fd:52:9c:0a:7c:f6:1e:dc:b6:93:8a:03:1e:
16:5c:e3:2e:b5:4c:0c:e7:7b:57:1e:27:34:1d:d7:
ae:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7B:92:8B:72:98:5D:BC:1B:D4:21:52:56:90:A3:36:76:C7:A3:6B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FXuSi3KYXbwb1CFSVpCjNnbHo2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1180::-2a0e:b107:1186:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
86:eb:42:4e:54:0d:28:24:b3:92:53:75:b3:78:cd:72:8a:59:
a7:84:10:14:02:ee:8c:93:69:eb:06:e7:a2:6b:86:6b:14:40:
ea:f5:4f:9a:8f:d4:69:9d:47:b3:d6:de:be:85:ee:17:36:73:
2c:99:37:b4:e5:1d:d3:3d:46:82:72:ed:a9:2f:0a:51:91:ef:
c8:08:66:99:a0:66:61:e2:21:30:12:64:4f:9c:1c:7e:ae:23:
5f:50:e7:81:42:ea:6b:cf:13:40:2b:18:26:f9:ac:e4:da:97:
dd:b2:28:c9:3d:3c:8c:9c:fb:1d:28:56:38:87:34:a7:5f:6b:
13:eb:66:87:20:f4:66:d9:3d:3e:8f:14:f4:a9:c3:5e:dd:54:
fb:0c:de:64:6c:db:ec:99:6e:4d:42:d3:d0:18:e2:24:b5:b4:
f2:74:d3:bd:e2:b6:a1:ac:cf:2e:2f:6b:d9:09:47:d4:0d:9b:
b7:c9:a2:03:6a:2c:1d:9f:ae:62:f7:92:85:b5:ea:d7:5e:f3:
07:5c:84:87:6e:c0:6b:7f:00:9d:0d:d4:bd:54:4a:54:a1:4e:
96:24:38:3b:43:c1:b5:3d:7e:e2:b1:17:dc:c2:08:4f:3c:78:
5a:b0:cb:f7:05:3b:ff:58:c2:9b:f7:20:dc:9c:cb:e8:b8:f5:
ff:89:02:71
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIlIhqvS+yW2B2me7w3ClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdiOTI4YjcyOTg1ZGJjMWJkNDIxNTI1NjkwYTMzNjc2YzdhMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzokC3vO3mNf1QJWsesBTWLxIGkrp
NmmXeoEeMfWAnnm+YiP9JWtK2jhWC3hoaYrLe1I9XBdHRuFo9W1karsDxU/SPDDL
EvywIDp4+qMqcM/ffwAw1XluxMXoiYlBi2WAnGr9JL5KYoi8Pu1Orfx52kL8RBa/
6kX2NU1VUJm/oY5B4FeKOvlPkyJDEPgaTEJM5cH9X3xyG9Io/ZopKMwjKaUyLKAj
T0834UTv66UJnBJqHScfLHS5fv1Sxmyp7Bok6IqadDZmLqSKZUmhiebomdfGu0nh
IxRK7VgK30E0YH9CWf1SnAp89h7ctpOKAx4WXOMutUwM53tXHic0HdeunwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBV7kotymF28G9QhUlaQozZ2x6NrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRlh1U2kzS1lYYndiMUNGU1ZwQ2pObmJIbzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwcqDrEH
EYADBwAqDrEHEYYwDQYJKoZIhvcNAQELBQADggEBAIbrQk5UDSgks5JTdbN4zXKK
WaeEEBQC7oyTaesG56JrhmsUQOr1T5qP1GmdR7PW3r6F7hc2cyyZN7TlHdM9RoJy
7akvClGR78gIZpmgZmHiITASZE+cHH6uI19Q54FC6mvPE0ArGCb5rOTal92yKMk9
PIyc+x0oVjiHNKdfaxPrZocg9GbZPT6PFPSpw17dVPsM3mRs2+yZbk1C09AY4iS1
tPJ0073itqGszy4va9kJR9QNm7fJogNqLB2frmL3koW16tde8wdchIduwGt/AJ0N
1L1USlShTpYkODtDwbU9fuKxF9zCCE88eFqwy/cFO/9Ywpv3INycy+i49f+JAnE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:46:28 2025 by rpki-client