Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JCUB3KCQCj4r3_GAnPyGCgLQ7Ao.roa
File: JCUB3KCQCj4r3_GAnPyGCgLQ7Ao.roa (raw, json)
Hash identifier: 5aYYKq8U2lvHK/QrT6cRb66JJyABrJvwtDrIWdfBFVI=
Subject key identifier: 24:25:01:DC:A0:90:0A:3E:2B:DF:F1:80:9C:FC:86:0A:02:D0:EC:0A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521FCC82E0173A71DCE35EEC59EB7E8
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JCUB3KCQCj4r3_GAnPyGCgLQ7Ao.roa
Signing time: Thu 02 Jan 2025 03:49:31 +0000
ROA not before: Thu 02 Jan 2025 03:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:5d0::/44 maxlen: 48
2a0e:b107:5e0::/44 maxlen: 48
2a0e:b107:5f0::/44 maxlen: 48
2a0e:b107:600::/44 maxlen: 48
2a0e:b107:660::/44 maxlen: 48
2a0e:b107:690::/44 maxlen: 48
2a0e:b107:6c0::/44 maxlen: 48
2a0e:b107:ad0::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
2a0e:b107:1d60::/44 maxlen: 48
2a0e:b107:1dc0::/44 maxlen: 48
2a0e:b107:1e00::/44 maxlen: 48
2a0e:b107:2140::/44 maxlen: 48
2a0e:b107:2150::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:fc:c8:2e:01:73:a7:1d:ce:35:ee:c5:9e:b7:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=242501dca0900a3e2bdff1809cfc860a02d0ec0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b8:8f:2a:8e:42:a0:c2:b3:92:1b:14:e0:10:
33:6b:a5:64:fd:d8:99:bf:ee:26:8d:24:0b:69:9b:
09:44:69:3f:dd:ab:ec:7a:0e:35:a6:87:fb:80:bf:
78:a7:81:77:23:10:fb:af:dd:ff:86:a0:37:58:b2:
67:32:d2:3b:a6:cb:d7:89:fe:50:99:c2:03:5a:de:
70:76:e3:7b:8a:da:96:2a:89:72:a1:b7:f1:87:f0:
e4:11:3f:43:20:fe:19:f3:c6:f8:a6:e0:40:6c:19:
81:e9:c2:e1:84:be:a1:04:20:1c:97:f6:ae:61:3f:
26:98:e5:3b:5d:b1:e7:1f:e5:e1:ba:07:59:4e:ae:
55:5f:04:23:62:ea:6e:7b:5f:3c:54:fd:4f:44:86:
09:50:4c:6c:e7:0f:45:3d:ca:04:e0:70:74:75:c5:
60:e5:8a:af:d3:47:2b:8f:8d:83:cb:eb:67:0b:67:
50:7c:0e:d5:fe:e0:86:81:e5:ad:3e:c3:9d:d0:df:
df:66:b6:62:dc:87:19:99:e1:77:73:d3:8e:d7:05:
bd:92:59:6e:4c:18:26:b8:f0:b6:1d:a4:f6:f7:40:
60:3f:8a:4d:d9:2b:ea:17:ac:e6:c4:83:50:9a:fc:
af:b0:c4:c9:59:e1:08:92:21:09:61:f9:ef:ae:d3:
02:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:25:01:DC:A0:90:0A:3E:2B:DF:F1:80:9C:FC:86:0A:02:D0:EC:0A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/JCUB3KCQCj4r3_GAnPyGCgLQ7Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5d0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:660::/44
2a0e:b107:690::/44
2a0e:b107:6c0::/44
2a0e:b107:ad0::/44
2a0e:b107:bb0::/44
2a0e:b107:1d60::/44
2a0e:b107:1dc0::/44
2a0e:b107:1e00::/44
2a0e:b107:2140::/43
Signature Algorithm: sha256WithRSAEncryption
71:66:97:0b:04:18:d7:8f:2a:21:6d:a5:b2:5a:6e:1e:12:17:
b3:5a:be:6c:ce:24:69:20:6c:a3:97:ce:b8:60:41:30:89:0a:
e5:07:29:c6:e1:53:ba:f5:1d:9d:99:b8:d5:30:72:1f:52:7a:
ac:be:11:6f:a0:44:3a:7d:28:33:47:b1:2f:d2:25:61:78:a9:
ae:da:b2:61:04:94:a7:a2:56:92:7a:58:19:23:b9:08:97:cc:
1a:f1:b3:ec:79:1f:6f:1e:3c:1f:1a:28:f2:d2:22:af:f6:56:
e3:d4:ae:50:d2:59:f3:6f:cf:5f:b5:53:57:93:b7:2b:1b:6a:
a3:32:a9:89:dd:bc:55:ba:2f:c7:a1:a4:27:d5:e5:64:e5:af:
fc:73:ff:5d:df:cd:0e:02:48:5d:34:e0:8d:9c:5f:da:9b:38:
21:84:57:5e:0a:3f:8e:f3:5c:e3:fa:27:d6:2b:65:24:47:9b:
a5:6a:00:61:0a:67:4c:87:03:05:a5:e5:72:7a:69:ea:aa:d7:
91:c4:1b:bd:f9:b9:9f:6c:2b:f0:c4:87:ca:29:49:9f:32:e4:
95:24:35:7d:18:85:d4:49:95:a8:25:4e:46:7f:d9:4d:99:d7:
1a:1d:fd:66:0e:c4:48:d3:db:9d:de:2b:98:45:da:4b:e1:c3:
cf:23:cd:8f
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZQlIfzILgFzpx3ONe7FnrfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDI1MDFkY2EwOTAwYTNlMmJkZmYxODA5Y2ZjODYwYTAyZDBlYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubiPKo5CoMKzkhsU4BAza6Vk/diZ
v+4mjSQLaZsJRGk/3avseg41pof7gL94p4F3IxD7r93/hqA3WLJnMtI7psvXif5Q
mcIDWt5wduN7itqWKolyobfxh/DkET9DIP4Z88b4puBAbBmB6cLhhL6hBCAcl/au
YT8mmOU7XbHnH+XhugdZTq5VXwQjYupue188VP1PRIYJUExs5w9FPcoE4HB0dcVg
5Yqv00crj42Dy+tnC2dQfA7V/uCGgeWtPsOd0N/fZrZi3IcZmeF3c9OO1wW9kllu
TBgmuPC2HaT290BgP4pN2SvqF6zmxINQmvyvsMTJWeEIkiEJYfnvrtMCywIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFCQlAdygkAo+K9/xgJz8hgoC0OwKMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSkNVQjNLQ1FDajRyM19HQW5QeUdDZ0xRN0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBrBAIAAjBlMBIDBwQqDrEH
BdADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHBpADBwQqDrEHBsADBwQqDrEHCtAD
BwQqDrEHC7ADBwQqDrEHHWADBwQqDrEHHcADBwQqDrEHHgADBwUqDrEHIUAwDQYJ
KoZIhvcNAQELBQADggEBAHFmlwsEGNePKiFtpbJabh4SF7NavmzOJGkgbKOXzrhg
QTCJCuUHKcbhU7r1HZ2ZuNUwch9Seqy+EW+gRDp9KDNHsS/SJWF4qa7asmEElKei
VpJ6WBkjuQiXzBrxs+x5H28ePB8aKPLSIq/2VuPUrlDSWfNvz1+1U1eTtysbaqMy
qYndvFW6L8ehpCfV5WTlr/xz/13fzQ4CSF004I2cX9qbOCGEV14KP47zXOP6J9Yr
ZSRHm6VqAGEKZ0yHAwWl5XJ6aeqq15HEG735uZ9sK/DEh8opSZ8y5JUkNX0YhdRJ
laglTkZ/2U2Z1xod/WYOxEjT253eK5hF2kvhw88jzY8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:57:12 2025 by rpki-client