Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Fw2iZyV8aZIgg1rhsffulutIC9I.roa
File: Fw2iZyV8aZIgg1rhsffulutIC9I.roa (raw, json)
Hash identifier: ZngdVJNjWs3P+GXlOvR0JjA1zCjX7I9zApfpEz6RQ5s=
Subject key identifier: 17:0D:A2:67:25:7C:69:92:20:83:5A:E1:B1:F7:EE:96:EB:48:0B:D2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0190611057D1F8732089CBE6D5CE17079783
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Fw2iZyV8aZIgg1rhsffulutIC9I.roa
Signing time: Fri 28 Jun 2024 22:56:19 +0000
ROA not before: Fri 28 Jun 2024 22:56:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211063
IP address blocks: 2a0e:97c0:480::/44 maxlen: 48
2a0e:b107:1240::/44 maxlen: 48
2a10:2f00:172::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:61:10:57:d1:f8:73:20:89:cb:e6:d5:ce:17:07:97:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 28 22:56:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=170da267257c699220835ae1b1f7ee96eb480bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:05:ed:20:3b:4a:8e:c5:6d:9c:0c:ed:2b:4a:
3c:b5:9e:c2:10:16:16:85:43:73:f9:85:e8:be:5e:
0e:77:82:c8:c0:31:53:36:a2:be:be:7c:42:d9:7a:
78:6d:9d:12:26:03:a7:b3:de:ab:0c:e2:6e:ed:89:
46:dd:9e:1d:29:7e:be:16:ed:ed:60:6d:c8:ed:30:
5f:aa:c2:50:7a:5f:1c:57:8e:fc:df:46:df:77:76:
15:c5:52:c4:49:b7:ec:a9:06:ad:d1:c7:5a:0b:7a:
20:c6:1e:0b:20:d5:ef:f5:46:03:51:14:73:fa:0f:
e9:f0:81:d9:bf:91:0b:23:95:4c:31:60:30:06:53:
d6:f4:e3:e6:2b:f0:ad:85:88:50:6e:1b:d2:ff:03:
68:e0:51:5f:68:2e:74:e6:5d:a1:df:df:45:1b:2e:
b7:8d:46:e1:41:21:0c:c9:0b:32:f3:55:d3:ad:f8:
5f:a0:fa:2d:9e:68:f1:95:7e:c7:a8:ba:d9:e9:98:
2a:6f:75:23:88:ac:51:26:24:3d:d6:18:37:8c:10:
4c:bc:fc:5e:93:43:b1:7a:76:00:58:92:23:ee:1c:
1a:ab:7f:82:97:ad:48:6a:df:4f:3e:e2:51:3b:3e:
6a:54:12:0c:62:07:d6:d1:b7:b8:5f:10:fc:9d:05:
33:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0D:A2:67:25:7C:69:92:20:83:5A:E1:B1:F7:EE:96:EB:48:0B:D2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Fw2iZyV8aZIgg1rhsffulutIC9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:480::/44
2a0e:b107:1240::/44
2a10:2f00:172::/48
Signature Algorithm: sha256WithRSAEncryption
a9:e5:a7:0e:b9:72:68:3d:12:e2:c6:c0:41:05:9e:4d:1d:f9:
50:eb:0b:32:cc:9e:f7:54:87:74:66:5f:a7:d6:da:23:f6:b1:
29:d9:91:77:bd:a1:5d:3b:bb:e3:86:e1:25:54:63:c0:71:20:
5c:e2:b2:a7:98:11:4b:6a:7b:df:fe:93:83:0b:71:70:e8:11:
77:05:bf:77:6e:7c:5e:2b:14:9d:fa:22:00:3f:e4:24:4c:37:
a7:34:1a:d4:b6:64:70:b4:d2:60:62:f8:fe:d5:e8:e3:d1:b8:
10:ec:ea:ac:7d:de:c9:c2:64:87:be:4f:fd:55:05:c5:ec:fe:
e9:4a:f3:a0:f6:87:de:9f:c4:79:10:71:65:04:a9:97:32:a0:
25:72:c6:0b:53:01:0d:75:17:e6:17:b3:d9:bb:ba:53:06:84:
b7:c0:18:c6:2a:47:8f:87:7f:16:81:b2:76:24:65:07:c1:c9:
52:22:61:b5:14:7f:bf:83:ed:d1:6f:4b:43:79:23:cb:19:16:
4f:26:3d:71:aa:0f:78:28:94:52:87:69:cb:8d:a6:c4:68:e3:
3f:c6:a7:95:73:45:15:38:9e:23:b9:0f:4f:09:b5:af:3a:23:
6d:a5:2d:bf:3c:fe:5a:60:8e:b8:c9:fc:16:4e:ab:8a:d6:f3:
96:5d:70:00
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZBhEFfR+HMgicvm1c4XB5eDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNjI4MjI1NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBkYTI2NzI1N2M2OTkyMjA4MzVhZTFiMWY3ZWU5NmViNDgwYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgXtIDtKjsVtnAztK0o8tZ7CEBYW
hUNz+YXovl4Od4LIwDFTNqK+vnxC2Xp4bZ0SJgOns96rDOJu7YlG3Z4dKX6+Fu3t
YG3I7TBfqsJQel8cV47830bfd3YVxVLESbfsqQat0cdaC3ogxh4LINXv9UYDURRz
+g/p8IHZv5ELI5VMMWAwBlPW9OPmK/CthYhQbhvS/wNo4FFfaC505l2h399FGy63
jUbhQSEMyQsy81XTrfhfoPotnmjxlX7HqLrZ6Zgqb3UjiKxRJiQ91hg3jBBMvPxe
k0OxenYAWJIj7hwaq3+Cl61Iat9PPuJROz5qVBIMYgfW0be4XxD8nQUzaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBcNomclfGmSIINa4bH37pbrSAvSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRncyaVp5VjhhWklnZzFyaHNmZnVsdXRJQzlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwASA
AwcEKg6xBxJAAwcAKhAvAAFyMA0GCSqGSIb3DQEBCwUAA4IBAQCp5acOuXJoPRLi
xsBBBZ5NHflQ6wsyzJ73VId0Zl+n1toj9rEp2ZF3vaFdO7vjhuElVGPAcSBc4rKn
mBFLanvf/pODC3Fw6BF3Bb93bnxeKxSd+iIAP+QkTDenNBrUtmRwtNJgYvj+1ejj
0bgQ7Oqsfd7JwmSHvk/9VQXF7P7pSvOg9ofen8R5EHFlBKmXMqAlcsYLUwENdRfm
F7PZu7pTBoS3wBjGKkePh38WgbJ2JGUHwclSImG1FH+/g+3Rb0tDeSPLGRZPJj1x
qg94KJRSh2nLjabEaOM/xqeVc0UVOJ4juQ9PCbWvOiNtpS2/PP5aYI64yfwWTquK
1vOWXXAA
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:30 2024 by rpki-client on console-fra.rpki-client.org