Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Mkj45y47MRVrwqWeKcH2t3nn7Vc.roa
File: Mkj45y47MRVrwqWeKcH2t3nn7Vc.roa (raw, json)
Hash identifier: 5J1sxmmtEJfb1zkRAKbw4ZsYfRO0MVFq6AB52iQWLqA=
Subject key identifier: 32:48:F8:E7:2E:3B:31:15:6B:C2:A5:9E:29:C1:F6:B7:79:E7:ED:57
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD197EA785FA508A60A5FB653207DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Mkj45y47MRVrwqWeKcH2t3nn7Vc.roa
Signing time: Tue 02 Jan 2024 10:34:22 +0000
ROA not before: Tue 02 Jan 2024 10:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208755
IP address blocks: 2a0e:b107:3a7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:19:7e:a7:85:fa:50:8a:60:a5:fb:65:32:07:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3248f8e72e3b31156bc2a59e29c1f6b779e7ed57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d8:64:22:ff:e6:31:51:42:5a:8d:0c:4f:05:
fe:0e:c6:ac:da:26:05:6d:e6:9f:5d:09:ff:f6:cf:
ed:96:30:97:c1:81:c4:e8:d0:b4:a7:01:b0:af:5e:
af:93:44:32:83:07:d2:28:c2:b2:81:c5:d3:14:e0:
ff:b1:cb:ac:e6:24:cb:a8:3f:1e:20:48:07:3b:ab:
94:92:38:c0:8f:c2:ae:ab:b5:ed:aa:34:d1:4d:8b:
0e:5b:4d:95:31:be:01:5a:29:3d:db:2e:71:9a:1a:
61:bd:6c:b6:b0:f2:65:69:f3:bb:31:9f:2c:42:e6:
71:24:07:ac:42:cf:f1:ba:26:4e:3b:1f:cc:5e:fa:
4a:b7:2c:89:08:cf:17:a2:1a:ef:25:b5:90:a5:a2:
2b:94:49:2d:72:b1:7e:65:eb:31:1c:f9:ac:17:25:
59:3e:39:7b:a7:ba:b6:55:83:33:b3:92:0b:f1:fe:
68:7d:10:d4:a9:44:78:e6:a2:21:13:18:81:23:54:
b3:a7:3e:a1:37:a0:82:06:f8:56:23:58:96:1a:01:
6d:ec:77:2e:b6:84:78:40:ec:34:e8:e2:12:62:03:
aa:4a:f4:65:67:88:c5:98:12:f1:19:48:d5:c6:85:
bf:f7:96:c1:7a:ba:b9:ea:82:65:b2:a5:82:54:d2:
8d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:48:F8:E7:2E:3B:31:15:6B:C2:A5:9E:29:C1:F6:B7:79:E7:ED:57
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Mkj45y47MRVrwqWeKcH2t3nn7Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:3a7::/48
Signature Algorithm: sha256WithRSAEncryption
a2:47:09:29:4d:91:83:87:21:1b:2f:f0:0f:67:9d:10:38:30:
c0:7b:4c:fd:62:49:03:aa:9c:10:14:85:1a:f9:9f:25:af:30:
61:e6:7f:7b:6d:d5:e8:8a:f6:22:7e:71:be:e9:2e:47:fd:ca:
19:7a:d2:ef:70:05:c8:ce:0f:ba:aa:60:c7:97:c1:92:26:64:
ef:82:e0:99:68:b5:6c:32:7a:60:2e:cc:22:e4:64:39:16:6b:
d0:68:69:98:ca:c7:a1:64:9e:8e:65:55:1c:84:9a:b5:23:5a:
72:1a:a3:a5:a6:0f:71:49:6f:fa:b1:b8:10:9c:3e:2e:8d:45:
69:1f:05:65:5b:71:12:60:9e:d4:eb:ad:77:6e:0f:4b:34:a6:
b4:9e:36:96:dc:08:05:01:90:93:ff:92:0c:f0:44:8a:6b:25:
ba:42:ad:b2:8e:08:91:22:8a:28:7c:36:49:3c:3f:cb:75:20:
5a:b4:2b:6c:fa:73:dc:43:e3:b4:2d:b3:c3:69:ac:44:69:dd:
3e:7e:db:14:0d:19:17:7c:8f:ac:3e:ee:ee:a5:9b:34:d3:1f:
d4:05:7b:85:a2:f6:af:d5:ec:e9:40:ba:cf:b4:ba:f4:07:a7:
69:3a:6b:5d:fd:e3:a5:22:61:1c:1e:4e:d4:db:f1:ea:70:3d:
c7:7a:70:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvRl+p4X6UIpgpftlMgfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ4ZjhlNzJlM2IzMTE1NmJjMmE1OWUyOWMxZjZiNzc5ZTdlZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9hkIv/mMVFCWo0MTwX+Dsas2iYF
beafXQn/9s/tljCXwYHE6NC0pwGwr16vk0QygwfSKMKygcXTFOD/scus5iTLqD8e
IEgHO6uUkjjAj8Kuq7XtqjTRTYsOW02VMb4BWik92y5xmhphvWy2sPJlafO7MZ8s
QuZxJAesQs/xuiZOOx/MXvpKtyyJCM8XohrvJbWQpaIrlEktcrF+ZesxHPmsFyVZ
Pjl7p7q2VYMzs5IL8f5ofRDUqUR45qIhExiBI1Szpz6hN6CCBvhWI1iWGgFt7Hcu
toR4QOw06OISYgOqSvRlZ4jFmBLxGUjVxoW/95bBerq56oJlsqWCVNKNgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDJI+OcuOzEVa8KlninB9rd55+1XMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTWtqNDV5NDdNUlZyd3FXZUtjSDJ0M25uN1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwOn
MA0GCSqGSIb3DQEBCwUAA4IBAQCiRwkpTZGDhyEbL/APZ50QODDAe0z9YkkDqpwQ
FIUa+Z8lrzBh5n97bdXoivYifnG+6S5H/coZetLvcAXIzg+6qmDHl8GSJmTvguCZ
aLVsMnpgLswi5GQ5FmvQaGmYysehZJ6OZVUchJq1I1pyGqOlpg9xSW/6sbgQnD4u
jUVpHwVlW3ESYJ7U6613bg9LNKa0njaW3AgFAZCT/5IM8ESKayW6Qq2yjgiRIooo
fDZJPD/LdSBatCts+nPcQ+O0LbPDaaxEad0+ftsUDRkXfI+sPu7upZs00x/UBXuF
ovav1ezpQLrPtLr0B6dpOmtd/eOlImEcHk7U2/HqcD3HenDY
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:56 2024 by rpki-client on console-ams.rpki-client.org