Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GvNbreiITsOCCZ3d9eVIvTdCri8.roa
File: GvNbreiITsOCCZ3d9eVIvTdCri8.roa (raw, json)
Hash identifier: NbCbzYIqziVjjap7WTs9HePaUtrJ17at/E6cUVz+kbU=
Subject key identifier: 1A:F3:5B:AD:E8:88:4E:C3:82:09:9D:DD:F5:E5:48:BD:37:42:AE:2F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425228A7BF07C4A8566093495B874DC45
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GvNbreiITsOCCZ3d9eVIvTdCri8.roa
Signing time: Thu 02 Jan 2025 03:50:08 +0000
ROA not before: Thu 02 Jan 2025 03:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215536
IP address blocks: 2a0e:b107:12d6::/48 maxlen: 48
2a0e:b107:12d8::/48 maxlen: 48
2a0e:b107:12db::/48 maxlen: 48
2a0e:b107:12dd::/48 maxlen: 48
2a0e:b107:12df::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:8a:7b:f0:7c:4a:85:66:09:34:95:b8:74:dc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1af35bade8884ec382099dddf5e548bd3742ae2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:80:2b:63:f2:a6:3b:47:75:12:36:43:6a:23:
5b:8d:17:5a:4e:5f:6a:31:b2:ff:e6:5d:4f:57:a1:
b6:1b:74:c2:f0:68:24:15:d0:01:43:b2:6f:5c:75:
f5:94:ed:d3:79:41:98:03:5c:10:b1:9e:b5:b8:8b:
08:fc:af:6a:fd:65:a9:69:6d:e9:23:52:15:1e:40:
6d:83:70:76:3d:09:e6:5d:88:ca:49:5b:4f:d5:55:
04:f5:30:04:df:9e:09:75:8d:f0:db:2c:08:67:d0:
17:45:db:f7:7c:2e:81:a1:f5:43:ea:61:03:b0:fb:
e2:6e:7d:8c:cd:aa:dd:57:88:90:fb:67:bd:c7:b8:
55:32:b4:ad:4a:b5:71:7e:ba:8d:4a:c9:51:72:8d:
73:86:8e:8b:31:bf:e5:b7:9f:85:25:01:08:29:ca:
29:52:c9:f6:d2:02:d1:b3:f3:86:d9:76:6b:64:7f:
72:69:ef:53:4c:57:95:e4:09:5b:bb:00:92:51:22:
b2:84:4d:41:1b:17:f2:dd:6a:3a:fd:44:ca:10:f6:
a9:3a:a4:15:5c:83:32:0a:31:eb:68:0f:ef:db:0e:
6b:f0:5a:6b:7b:4d:60:58:13:ce:36:f6:3e:73:79:
60:44:22:80:ab:96:6b:6e:b3:11:3b:e4:9f:a6:fd:
d9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F3:5B:AD:E8:88:4E:C3:82:09:9D:DD:F5:E5:48:BD:37:42:AE:2F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/GvNbreiITsOCCZ3d9eVIvTdCri8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:12d6::/48
2a0e:b107:12d8::/48
2a0e:b107:12db::/48
2a0e:b107:12dd::/48
2a0e:b107:12df::/48
Signature Algorithm: sha256WithRSAEncryption
46:fb:55:c1:8c:50:a4:2f:6d:83:af:3b:56:b8:a6:8d:50:03:
0a:6d:ee:8b:4c:af:74:b8:d0:9b:0a:77:04:76:f9:4d:e4:59:
42:20:a4:ad:f2:09:1d:45:37:0b:ef:5d:e8:31:0d:c8:c6:f4:
77:d1:49:da:62:af:c6:d3:09:20:05:9c:f5:ef:91:1b:72:30:
d7:4e:83:36:2b:0f:60:87:4b:35:ea:87:60:ce:c3:38:89:b8:
0e:2f:1b:0c:ad:73:92:ec:7a:fa:2b:ad:76:7a:37:0f:7b:7a:
03:ba:39:7f:69:4d:25:71:fa:c2:b7:bb:77:ed:b7:75:5d:6d:
4f:e6:a4:92:13:a5:34:19:ae:5c:57:fa:80:04:b8:e6:fe:52:
88:16:4b:b3:08:76:f5:45:dd:e4:4f:01:dc:6f:83:5b:0d:44:
10:a5:db:31:12:a2:ce:96:88:7e:79:72:5e:0a:31:85:ca:6d:
d6:be:91:6f:cd:52:39:69:71:90:7e:f7:6c:86:5a:10:f9:64:
21:9f:98:da:c7:f9:9d:27:b2:ba:5e:ed:2e:d5:0b:cd:97:79:
7a:d0:ec:b0:ed:b1:7a:05:13:ed:0c:bc:4b:c7:62:a0:3d:c5:
c1:be:dc:87:25:50:36:f8:21:8d:e2:ec:84:32:83:a7:49:93:
90:85:84:95
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQlIop78HxKhWYJNJW4dNxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWYzNWJhZGU4ODg0ZWMzODIwOTlkZGRmNWU1NDhiZDM3NDJhZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4ArY/KmO0d1EjZDaiNbjRdaTl9q
MbL/5l1PV6G2G3TC8GgkFdABQ7JvXHX1lO3TeUGYA1wQsZ61uIsI/K9q/WWpaW3p
I1IVHkBtg3B2PQnmXYjKSVtP1VUE9TAE354JdY3w2ywIZ9AXRdv3fC6BofVD6mED
sPvibn2MzardV4iQ+2e9x7hVMrStSrVxfrqNSslRco1zho6LMb/lt5+FJQEIKcop
Usn20gLRs/OG2XZrZH9yae9TTFeV5AlbuwCSUSKyhE1BGxfy3Wo6/UTKEPapOqQV
XIMyCjHraA/v2w5r8Fpre01gWBPONvY+c3lgRCKAq5ZrbrMRO+Sfpv3ZQwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBrzW63oiE7Dggmd3fXlSL03Qq4vMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvR3ZOYnJlaUlUc09DQ1ozZDllVkl2VGRDcmk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKg6xBxLW
AwcAKg6xBxLYAwcAKg6xBxLbAwcAKg6xBxLdAwcAKg6xBxLfMA0GCSqGSIb3DQEB
CwUAA4IBAQBG+1XBjFCkL22DrztWuKaNUAMKbe6LTK90uNCbCncEdvlN5FlCIKSt
8gkdRTcL713oMQ3IxvR30UnaYq/G0wkgBZz175EbcjDXToM2Kw9gh0s16odgzsM4
ibgOLxsMrXOS7Hr6K612ejcPe3oDujl/aU0lcfrCt7t37bd1XW1P5qSSE6U0Ga5c
V/qABLjm/lKIFkuzCHb1Rd3kTwHcb4NbDUQQpdsxEqLOloh+eXJeCjGFym3WvpFv
zVI5aXGQfvdshloQ+WQhn5jax/mdJ7K6Xu0u1QvNl3l60Oyw7bF6BRPtDLxLx2Kg
PcXBvtyHJVA2+CGN4uyEMoOnSZOQhYSV
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:54:50 2025 by rpki-client