Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MIjA7TESPQQ9UDXvrRES3RyU17o.roa
File: MIjA7TESPQQ9UDXvrRES3RyU17o.roa (raw, json)
Hash identifier: qihgpXgR4RQbWVuOsdr72mlYeCuVSxv8RcS9Fpl/79o=
Subject key identifier: 30:88:C0:ED:31:12:3D:04:3D:50:35:EF:AD:11:12:DD:1C:94:D7:BA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521F6E69E3D637B8C47AF97F13C8798
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MIjA7TESPQQ9UDXvrRES3RyU17o.roa
Signing time: Thu 02 Jan 2025 03:49:30 +0000
ROA not before: Thu 02 Jan 2025 03:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198535
IP address blocks: 2a0e:b107:1b00::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f6:e6:9e:3d:63:7b:8c:47:af:97:f1:3c:87:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3088c0ed31123d043d5035efad1112dd1c94d7ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:24:ff:b4:d5:cc:71:00:e3:2b:65:78:6e:
fd:2f:67:60:f2:f8:0d:fc:1a:77:be:6c:98:5b:fa:
a0:53:ce:28:9e:cb:3e:58:91:86:9b:51:ec:ad:ba:
18:e0:59:66:81:46:d3:7c:84:cd:ca:9c:d9:bd:78:
2c:f6:92:ad:02:b3:34:74:30:26:6c:19:6a:6b:e1:
4f:26:69:4c:3d:67:8e:82:6e:27:35:16:54:f1:f2:
42:7b:9d:1d:07:f1:6d:cd:99:14:b6:aa:13:af:5b:
5a:28:31:9e:e4:53:30:5f:56:b9:a2:77:06:99:af:
bc:4e:dd:16:cf:60:bb:cc:3c:41:b5:03:00:00:fb:
0a:16:9c:e1:6f:c0:8b:06:d5:3c:25:83:9b:75:29:
ac:db:85:09:2d:bb:6c:c0:d4:80:52:1e:a6:1a:95:
d1:7b:cb:d1:3b:b8:b6:68:1c:f9:f7:38:23:06:1c:
cd:c4:3c:75:1a:eb:5f:d4:49:1d:71:bf:e8:2f:77:
53:e7:32:4e:64:01:6d:3d:62:7d:f7:fe:29:d0:84:
18:89:15:e7:3d:69:ee:29:94:58:8d:16:9b:05:a1:
e1:7b:f0:00:ff:81:35:c0:2b:ca:2f:48:f8:8a:46:
8e:c4:9e:7c:e9:1d:31:1b:89:b4:1f:87:bb:24:52:
fc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:88:C0:ED:31:12:3D:04:3D:50:35:EF:AD:11:12:DD:1C:94:D7:BA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MIjA7TESPQQ9UDXvrRES3RyU17o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1b00::/44
Signature Algorithm: sha256WithRSAEncryption
19:c7:d0:9a:ba:53:68:dc:8c:0c:7d:ce:f5:32:e1:e4:9e:60:
d4:6e:9c:85:e1:a0:cd:94:f1:ad:5a:03:fb:89:65:1f:08:ba:
eb:04:02:1f:3e:e4:7f:29:9a:22:5e:b5:35:c6:a3:28:c1:26:
ca:e5:7a:02:a0:62:a8:9b:0b:f6:31:c6:5c:82:6d:5f:5b:11:
89:a6:bb:ad:d3:1f:32:3a:0a:fb:50:11:74:e0:c8:84:68:15:
df:aa:02:52:be:60:f3:07:d0:e0:fd:29:c0:bd:13:93:28:e2:
97:74:26:e0:a8:25:1a:96:98:73:59:ed:75:af:1d:a8:4e:e0:
71:63:7f:4d:c4:9f:35:58:2f:1f:3e:29:43:bf:0e:b6:3e:1f:
5b:15:7b:94:55:31:68:de:6d:cd:49:5d:4c:02:49:39:b3:4a:
c0:e5:57:9f:f9:b6:25:99:4d:b7:e3:45:3f:61:52:bb:be:f0:
85:2a:4b:03:05:13:ee:5f:3b:31:df:f8:33:26:0a:47:57:53:
19:eb:d1:ad:a7:67:00:5d:aa:8e:bb:75:3d:9b:1f:98:c3:63:
16:c3:b7:54:e4:46:21:c4:9e:1c:e0:bb:1d:78:0f:3c:60:ec:
08:4d:d6:5b:2c:36:f8:ef:b4:21:ab:38:28:ad:10:88:82:2a:
5d:e6:1e:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIfbmnj1je4xHr5fxPIeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDg4YzBlZDMxMTIzZDA0M2Q1MDM1ZWZhZDExMTJkZDFjOTRkN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTQk/7TVzHEA4ytleG79L2dg8vgN
/Bp3vmyYW/qgU84onss+WJGGm1HsrboY4FlmgUbTfITNypzZvXgs9pKtArM0dDAm
bBlqa+FPJmlMPWeOgm4nNRZU8fJCe50dB/FtzZkUtqoTr1taKDGe5FMwX1a5oncG
ma+8Tt0Wz2C7zDxBtQMAAPsKFpzhb8CLBtU8JYObdSms24UJLbtswNSAUh6mGpXR
e8vRO7i2aBz59zgjBhzNxDx1Gutf1Ekdcb/oL3dT5zJOZAFtPWJ99/4p0IQYiRXn
PWnuKZRYjRabBaHhe/AA/4E1wCvKL0j4ikaOxJ586R0xG4m0H4e7JFL8aQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDCIwO0xEj0EPVA1760REt0clNe6MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTUlqQTdURVNQUVE5VURYdnJSRVMzUnlVMTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxsA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZx9CaulNo3IwMfc71MuHknmDUbpyF4aDNlPGt
WgP7iWUfCLrrBAIfPuR/KZoiXrU1xqMowSbK5XoCoGKomwv2McZcgm1fWxGJprut
0x8yOgr7UBF04MiEaBXfqgJSvmDzB9Dg/SnAvROTKOKXdCbgqCUalphzWe11rx2o
TuBxY39NxJ81WC8fPilDvw62Ph9bFXuUVTFo3m3NSV1MAkk5s0rA5Vef+bYlmU23
40U/YVK7vvCFKksDBRPuXzsx3/gzJgpHV1MZ69Gtp2cAXaqOu3U9mx+Yw2MWw7dU
5EYhxJ4c4LsdeA88YOwITdZbLDb477QhqzgorRCIgipd5h4N
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:42:41 2025 by rpki-client