Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ILptmQxQENU7MK7aNq-YGfWrUlg.roa
File: ILptmQxQENU7MK7aNq-YGfWrUlg.roa (raw, json)
Hash identifier: pPtwv1UD8s4Zhd1fy915O4N+uab4ZQCLyhJxO46nv0c=
Subject key identifier: 20:BA:6D:99:0C:50:10:D5:3B:30:AE:DA:36:AF:98:19:F5:AB:52:58
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521C8C8651C5F5257489F97967E0803
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ILptmQxQENU7MK7aNq-YGfWrUlg.roa
Signing time: Thu 02 Jan 2025 03:49:18 +0000
ROA not before: Thu 02 Jan 2025 03:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 2a0e:97c0:300::/44 maxlen: 48
2a0e:97c0:650::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c8:c8:65:1c:5f:52:57:48:9f:97:96:7e:08:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20ba6d990c5010d53b30aeda36af9819f5ab5258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:06:1a:84:d3:1f:32:c5:4b:5f:2e:00:a4:d8:
5c:64:f8:82:0a:a0:18:56:9d:6b:12:85:fa:ab:ae:
da:a9:4e:30:88:dd:ed:86:1b:51:71:61:b4:49:39:
b1:d5:51:38:ab:2e:cf:36:e9:8b:7a:ff:d1:44:08:
4b:df:14:17:2e:db:26:e9:d9:ed:8d:5c:4b:11:2a:
50:c3:9c:f5:f3:82:99:a2:43:88:37:b8:55:9c:07:
f5:b6:a8:7b:83:2f:99:f4:83:2c:81:03:09:82:4a:
ec:68:83:43:a3:dc:7a:6b:59:02:d6:63:2e:05:13:
24:35:81:29:ec:6a:e6:e1:6e:58:89:82:4f:81:c8:
e4:ba:e9:ab:36:a2:58:b2:18:af:dd:d9:a8:38:8f:
d9:25:0c:31:4a:86:41:46:9b:94:ac:ca:44:49:f7:
99:78:4f:aa:c7:37:22:fa:62:0b:15:b0:33:74:c9:
37:45:b4:f0:c6:35:6a:23:01:46:31:7c:0c:51:f5:
b6:7a:98:12:9c:ef:64:64:65:29:c3:8e:49:e2:d5:
e4:3b:e4:55:e6:7b:e0:f2:4b:5f:70:f4:3e:aa:72:
a5:98:48:02:87:47:a7:0f:e9:ce:b0:46:15:86:b4:
16:bc:93:61:bf:d9:72:44:86:d2:d6:48:18:d6:06:
2e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BA:6D:99:0C:50:10:D5:3B:30:AE:DA:36:AF:98:19:F5:AB:52:58
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ILptmQxQENU7MK7aNq-YGfWrUlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:300::/44
2a0e:97c0:650::/44
Signature Algorithm: sha256WithRSAEncryption
3c:0b:06:5b:1a:69:2f:a1:5a:9a:29:39:8c:da:cd:15:02:d0:
4b:b7:2c:2a:02:35:57:46:aa:27:e0:94:4e:85:be:3e:21:7f:
e3:bf:7e:4d:0f:4b:85:26:59:a0:9c:b2:2b:cb:25:60:6e:99:
47:4a:53:b2:2c:29:ce:ec:2b:42:0a:70:14:d1:60:53:8d:14:
e0:3f:b7:43:83:af:ee:a6:aa:b5:4e:5d:a7:40:9a:ce:b2:33:
bd:85:5e:41:fa:a0:a6:2b:8b:17:06:1d:86:90:18:c4:46:1c:
22:1e:8e:32:ff:5c:d5:f9:1d:c0:df:fb:1e:b4:28:60:23:18:
f8:c8:f5:d2:12:e5:dd:f9:86:73:1d:23:bd:32:cb:37:98:7b:
28:b3:d8:df:54:5f:b4:5d:10:ea:8e:13:ed:34:34:52:e7:9b:
fa:d8:99:75:d2:25:4d:dd:00:27:72:02:27:aa:dd:69:41:3b:
d3:43:00:b0:6e:00:a1:71:de:08:aa:17:31:8c:ca:a9:06:4b:
a6:6e:d1:c8:ba:9e:e6:68:35:0a:42:e1:1f:05:a8:07:53:36:
b8:7d:95:f7:07:c0:d5:2a:1d:9f:c7:f7:e5:bf:2d:a4:9d:6e:
ce:e8:b5:bb:28:4d:c5:2e:19:82:93:f6:39:d3:f9:94:51:ed:
b9:5f:7f:3c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIcjIZRxfUldIn5eWfggDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGJhNmQ5OTBjNTAxMGQ1M2IzMGFlZGEzNmFmOTgxOWY1YWI1MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgYahNMfMsVLXy4ApNhcZPiCCqAY
Vp1rEoX6q67aqU4wiN3thhtRcWG0STmx1VE4qy7PNumLev/RRAhL3xQXLtsm6dnt
jVxLESpQw5z184KZokOIN7hVnAf1tqh7gy+Z9IMsgQMJgkrsaINDo9x6a1kC1mMu
BRMkNYEp7Grm4W5YiYJPgcjkuumrNqJYshiv3dmoOI/ZJQwxSoZBRpuUrMpESfeZ
eE+qxzci+mILFbAzdMk3RbTwxjVqIwFGMXwMUfW2epgSnO9kZGUpw45J4tXkO+RV
5nvg8ktfcPQ+qnKlmEgCh0enD+nOsEYVhrQWvJNhv9lyRIbS1kgY1gYucQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCC6bZkMUBDVOzCu2javmBn1q1JYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSUxwdG1ReFFFTlU3TUs3YU5xLVlHZldyVWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAMA
AwcEKg6XwAZQMA0GCSqGSIb3DQEBCwUAA4IBAQA8CwZbGmkvoVqaKTmM2s0VAtBL
tywqAjVXRqon4JROhb4+IX/jv35ND0uFJlmgnLIryyVgbplHSlOyLCnO7CtCCnAU
0WBTjRTgP7dDg6/upqq1Tl2nQJrOsjO9hV5B+qCmK4sXBh2GkBjERhwiHo4y/1zV
+R3A3/setChgIxj4yPXSEuXd+YZzHSO9Mss3mHsos9jfVF+0XRDqjhPtNDRS55v6
2Jl10iVN3QAncgInqt1pQTvTQwCwbgChcd4IqhcxjMqpBkumbtHIup7maDUKQuEf
BagHUza4fZX3B8DVKh2fx/flvy2knW7O6LW7KE3FLhmCk/Y50/mUUe25X388
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:39:55 2025 by rpki-client