Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MeVDYU3SMRlrQsg9kk1jh7WIwOs.roa
File: MeVDYU3SMRlrQsg9kk1jh7WIwOs.roa (raw, json)
Hash identifier: mTJ+E3VVmPR12JFA+9064eEP1x3OYWDgOsYqP6gIFNM=
Subject key identifier: 31:E5:43:61:4D:D2:31:19:6B:42:C8:3D:92:4D:63:87:B5:88:C0:EB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522873AECC8B93A7F50EC98BB3D2BC2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MeVDYU3SMRlrQsg9kk1jh7WIwOs.roa
Signing time: Thu 02 Jan 2025 03:50:07 +0000
ROA not before: Thu 02 Jan 2025 03:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215437
IP address blocks: 2a0e:97c0:670::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:87:3a:ec:c8:b9:3a:7f:50:ec:98:bb:3d:2b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31e543614dd231196b42c83d924d6387b588c0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ca:2c:08:64:22:5c:43:f4:30:ea:9b:b5:99:
6a:b4:55:a3:c6:dd:b7:57:76:b9:47:55:11:44:6f:
6a:9d:54:3a:5e:00:29:d6:ba:5f:4b:ac:a5:7d:cf:
c8:99:61:4a:2c:21:c0:8e:92:c5:41:75:cb:64:4d:
02:a0:3f:3f:e3:45:59:13:ba:99:7a:a4:7e:fe:0f:
bf:ad:08:41:e2:07:d6:0b:9a:6a:ea:e6:06:49:73:
7c:27:27:09:93:a8:1a:2e:b6:4b:93:f4:1f:e5:02:
73:ba:ad:fb:58:f6:7c:6e:ca:b9:68:88:c3:d3:76:
d3:3a:ac:ae:09:82:90:2c:28:22:ee:37:39:2e:3e:
d3:a7:d0:f4:21:a9:a2:94:bd:41:ad:74:16:86:14:
ce:37:a6:28:dc:8d:c0:7f:ea:c5:54:e3:31:d7:ff:
e3:42:c7:fb:81:2d:16:ae:b6:4a:e8:0c:9b:dc:ab:
30:b7:2c:f7:99:b6:98:86:7e:e2:66:8b:6e:66:01:
2c:e2:35:f3:b6:5b:ed:70:0a:0d:6c:26:ea:f0:99:
0d:0a:76:f7:c0:4a:41:e8:58:b4:50:de:43:18:ff:
c5:ae:11:2c:b1:6e:56:8c:86:57:0c:95:b8:95:5d:
8c:a3:1d:18:7d:37:ca:e5:71:e9:fb:39:3f:6e:cf:
ad:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E5:43:61:4D:D2:31:19:6B:42:C8:3D:92:4D:63:87:B5:88:C0:EB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MeVDYU3SMRlrQsg9kk1jh7WIwOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:670::/44
Signature Algorithm: sha256WithRSAEncryption
58:cb:76:92:c8:3a:67:78:0c:f6:1e:41:cf:54:83:fd:b3:c9:
3d:12:32:3c:4e:1c:f7:6d:b2:1f:d8:fb:98:f8:74:df:95:5d:
11:aa:d9:d9:88:4c:de:f7:52:c5:e7:e2:39:77:87:7e:fb:d4:
5e:6a:0b:ad:f7:b0:3d:03:f5:07:24:69:b2:48:7f:5d:3c:b9:
76:f9:16:a6:8c:9f:cf:19:c0:96:1d:b7:83:c6:83:60:21:9a:
ea:17:14:8c:25:39:c3:8e:52:24:b1:b1:61:04:93:57:aa:f4:
e6:f2:89:a1:4c:3c:80:f2:7d:c3:8c:53:2d:99:c5:e8:49:2e:
9f:71:d8:39:4e:69:71:95:77:c2:e4:fc:85:14:87:2a:6a:c8:
81:39:79:dc:0b:e8:2f:1b:14:fb:50:c9:33:2a:7e:29:50:bf:
a0:86:7a:7b:e9:11:0b:b4:71:eb:84:e1:93:64:9b:aa:66:be:
43:ba:a9:0d:8d:b1:8c:71:bf:a3:57:4f:ac:44:39:d8:00:d7:
18:9f:4c:69:37:98:e9:63:70:19:4c:5f:9d:12:fd:b4:19:4e:
ba:c2:e5:2f:6d:58:7a:82:93:75:7c:be:46:98:31:45:24:9b:
cb:b3:be:b4:56:12:5e:85:de:e6:96:81:e0:52:c1:14:01:e1:
7a:73:ec:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIoc67Mi5On9Q7Ji7PSvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWU1NDM2MTRkZDIzMTE5NmI0MmM4M2Q5MjRkNjM4N2I1ODhjMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sosCGQiXEP0MOqbtZlqtFWjxt23
V3a5R1URRG9qnVQ6XgAp1rpfS6ylfc/ImWFKLCHAjpLFQXXLZE0CoD8/40VZE7qZ
eqR+/g+/rQhB4gfWC5pq6uYGSXN8JycJk6gaLrZLk/Qf5QJzuq37WPZ8bsq5aIjD
03bTOqyuCYKQLCgi7jc5Lj7Tp9D0IamilL1BrXQWhhTON6Yo3I3Af+rFVOMx1//j
Qsf7gS0WrrZK6Ayb3Kswtyz3mbaYhn7iZotuZgEs4jXztlvtcAoNbCbq8JkNCnb3
wEpB6Fi0UN5DGP/FrhEssW5WjIZXDJW4lV2Mox0YfTfK5XHp+zk/bs+tewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDHlQ2FN0jEZa0LIPZJNY4e1iMDrMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTWVWRFlVM1NNUmxyUXNnOWtrMWpoN1dJd09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAZw
MA0GCSqGSIb3DQEBCwUAA4IBAQBYy3aSyDpneAz2HkHPVIP9s8k9EjI8Thz3bbIf
2PuY+HTflV0RqtnZiEze91LF5+I5d4d++9Reagut97A9A/UHJGmySH9dPLl2+Ram
jJ/PGcCWHbeDxoNgIZrqFxSMJTnDjlIksbFhBJNXqvTm8omhTDyA8n3DjFMtmcXo
SS6fcdg5TmlxlXfC5PyFFIcqasiBOXncC+gvGxT7UMkzKn4pUL+ghnp76RELtHHr
hOGTZJuqZr5DuqkNjbGMcb+jV0+sRDnYANcYn0xpN5jpY3AZTF+dEv20GU66wuUv
bVh6gpN1fL5GmDFFJJvLs760VhJehd7mloHgUsEUAeF6c+yB
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:46:55 2025 by rpki-client