Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IRPj7rr_O1dl012NXjUItI7WYIg.roa
File: IRPj7rr_O1dl012NXjUItI7WYIg.roa (raw, json)
Hash identifier: MIMo+rN2wzHa9tTqgz0pUA/RUvyUU6qiSeqV53K+sSk=
Subject key identifier: 21:13:E3:EE:BA:FF:3B:57:65:D3:5D:8D:5E:35:08:B4:8E:D6:60:88
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425223D1AB6768EBC8990B541D8A966AB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IRPj7rr_O1dl012NXjUItI7WYIg.roa
Signing time: Thu 02 Jan 2025 03:49:48 +0000
ROA not before: Thu 02 Jan 2025 03:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210320
IP address blocks: 2a0e:b107:18c0::/48 maxlen: 48
2a0e:b107:18c1::/48 maxlen: 48
2a0e:b107:18c2::/48 maxlen: 48
2a0e:b107:18c3::/48 maxlen: 48
2a0e:b107:18c4::/48 maxlen: 48
2a0e:b107:18c5::/48 maxlen: 48
2a0e:b107:18c6::/48 maxlen: 48
2a0e:b107:18c7::/48 maxlen: 48
2a0e:b107:18c8::/48 maxlen: 48
2a0e:b107:18c9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:3d:1a:b6:76:8e:bc:89:90:b5:41:d8:a9:66:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2113e3eebaff3b5765d35d8d5e3508b48ed66088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a2:ef:d9:0d:8a:f3:2f:0d:cb:49:3f:c6:9d:
b5:f7:c8:c6:82:ea:4a:71:90:1f:05:40:f6:6f:e3:
36:08:5d:6e:bd:2a:07:0f:cf:63:33:eb:f1:11:20:
1d:5b:09:bb:e8:30:71:9a:77:4b:26:4f:2e:77:d9:
47:01:e7:78:cf:b3:a5:e3:8a:f8:c6:0c:17:12:ee:
27:83:8a:44:05:c2:2f:b0:43:84:6b:26:e3:1c:05:
ae:3e:17:25:1b:a9:9e:f7:ca:e7:e9:06:0f:be:91:
de:8e:81:ec:bb:d3:fa:3d:a5:14:d3:c3:54:05:2f:
a5:79:0e:a5:f8:04:04:c8:16:79:81:46:6d:13:60:
34:e3:91:be:c3:d0:91:bc:ad:93:55:ad:d1:6d:b7:
4d:ef:d0:6f:81:72:dd:d8:30:6f:96:44:c0:2c:79:
79:bf:51:da:ae:a3:2f:4b:92:15:a4:2a:92:57:ea:
fc:d6:a2:7a:6e:a9:e5:1d:be:cb:08:e4:98:77:d6:
51:41:0b:1d:9c:cd:11:14:17:c9:59:82:2e:14:59:
dd:b8:30:de:e7:ff:3e:b1:0c:49:1c:83:e2:ba:e0:
40:e2:61:35:b2:e7:32:8c:8b:03:e5:70:71:ee:25:
6a:68:55:6e:a5:d1:cf:77:b9:cf:63:95:ac:2a:f3:
59:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:13:E3:EE:BA:FF:3B:57:65:D3:5D:8D:5E:35:08:B4:8E:D6:60:88
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/IRPj7rr_O1dl012NXjUItI7WYIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:18c0::-2a0e:b107:18c9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a2:59:6a:22:24:57:c2:c2:f7:dc:6e:47:bc:92:d4:a2:d7:9e:
c7:0f:49:52:d2:fa:42:53:7b:cc:43:29:95:c3:65:99:f3:06:
0d:4a:cc:a6:5b:2b:b6:27:5c:c1:20:cb:16:15:a3:d2:de:0f:
68:e5:6f:4a:89:52:6e:aa:38:46:ee:ac:14:a6:d9:76:fb:01:
ad:93:ca:ce:3e:2b:41:9d:c5:52:f6:78:e7:cb:82:c8:ba:4e:
09:71:11:25:75:10:1b:5e:f2:37:a4:2c:c5:4a:18:2d:68:85:
c0:1c:5c:96:b0:bc:a2:d2:df:fb:ca:4b:87:ea:bd:5b:6a:9b:
04:3f:e7:4f:3d:3f:02:d6:58:5c:54:2c:ce:dd:8e:b7:f2:0d:
7d:06:9c:dc:70:dd:9b:45:3f:e3:3d:0a:c7:cb:a8:bc:4e:40:
61:2f:ba:81:77:d7:67:89:fd:aa:ec:83:20:cb:ce:d7:d6:45:
54:27:54:21:30:eb:ed:35:79:85:82:3c:7b:45:1c:e8:27:8b:
77:6c:5b:9c:de:ee:96:13:47:26:26:6a:47:96:3d:87:6e:dd:
8f:f0:6a:54:e5:ab:b5:51:b9:2d:75:f3:d8:9d:06:14:94:24:
48:3b:fa:34:9f:57:97:73:8d:d3:20:3e:95:30:74:ef:f9:d7:
f0:bd:7f:0b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIj0atnaOvImQtUHYqWarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTEzZTNlZWJhZmYzYjU3NjVkMzVkOGQ1ZTM1MDhiNDhlZDY2MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaLv2Q2K8y8Ny0k/xp2198jGgupK
cZAfBUD2b+M2CF1uvSoHD89jM+vxESAdWwm76DBxmndLJk8ud9lHAed4z7Ol44r4
xgwXEu4ng4pEBcIvsEOEaybjHAWuPhclG6me98rn6QYPvpHejoHsu9P6PaUU08NU
BS+leQ6l+AQEyBZ5gUZtE2A045G+w9CRvK2TVa3RbbdN79BvgXLd2DBvlkTALHl5
v1HarqMvS5IVpCqSV+r81qJ6bqnlHb7LCOSYd9ZRQQsdnM0RFBfJWYIuFFnduDDe
5/8+sQxJHIPiuuBA4mE1sucyjIsD5XBx7iVqaFVupdHPd7nPY5WsKvNZCwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCET4+66/ztXZdNdjV41CLSO1mCIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSVJQajdycl9PMWRsMDEyTlhqVUl0STdXWUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwYqDrEH
GMADBwEqDrEHGMgwDQYJKoZIhvcNAQELBQADggEBAKJZaiIkV8LC99xuR7yS1KLX
nscPSVLS+kJTe8xDKZXDZZnzBg1KzKZbK7YnXMEgyxYVo9LeD2jlb0qJUm6qOEbu
rBSm2Xb7Aa2Tys4+K0GdxVL2eOfLgsi6TglxESV1EBte8jekLMVKGC1ohcAcXJaw
vKLS3/vKS4fqvVtqmwQ/5089PwLWWFxULM7djrfyDX0GnNxw3ZtFP+M9CsfLqLxO
QGEvuoF312eJ/arsgyDLztfWRVQnVCEw6+01eYWCPHtFHOgni3dsW5ze7pYTRyYm
akeWPYdu3Y/walTlq7VRuS1189idBhSUJEg7+jSfV5dzjdMgPpUwdO/51/C9fws=
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:02:10 2025 by rpki-client