Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N2l6EaAOR6hzdE30TFOG_jTLvQw.roa
File: N2l6EaAOR6hzdE30TFOG_jTLvQw.roa (raw, json)
Hash identifier: Dt3aAL9W2whtEHzXtULbJOGXxd6zPQ3XmPSdj1rb0AE=
Subject key identifier: 37:69:7A:11:A0:0E:47:A8:73:74:4D:F4:4C:53:86:FE:34:CB:BD:0C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCCE5752146F976A9C54D0B04328A7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N2l6EaAOR6hzdE30TFOG_jTLvQw.roa
Signing time: Tue 02 Jan 2024 10:34:03 +0000
ROA not before: Tue 02 Jan 2024 10:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48987
IP address blocks: 2a0e:97c0:700::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ce:57:52:14:6f:97:6a:9c:54:d0:b0:43:28:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37697a11a00e47a873744df44c5386fe34cbbd0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:aa:b9:6a:58:91:45:82:c3:59:99:d9:b3:da:
d0:30:33:fb:d0:f1:93:03:8e:f1:3a:49:b5:47:ba:
c7:ab:57:80:ac:0a:e9:08:ca:65:70:57:0b:58:56:
e1:d9:0e:14:0b:3d:ce:06:fc:0d:8d:42:47:1a:89:
c1:fa:c8:ba:33:0c:38:ed:b4:36:2a:91:c4:e1:b8:
49:e6:2e:c7:30:2b:4e:d0:a8:c6:8b:f1:4b:2a:9c:
71:80:5f:fd:9d:66:95:57:07:92:7f:ad:b8:31:a7:
5c:ac:e6:5c:56:00:7e:b7:98:61:0a:bb:1f:1c:07:
2d:68:58:64:c8:f7:ef:9e:19:74:ab:0b:4d:b6:fa:
1c:08:1b:f9:e6:9b:fe:65:35:1c:94:b1:6f:44:e1:
71:99:ba:2c:0b:52:79:d6:05:f8:35:87:6f:c1:f8:
50:93:8b:93:66:66:41:7d:56:ce:f3:0c:14:7d:98:
85:f7:ac:a9:54:70:ad:5d:0c:8e:ae:c2:4d:6a:30:
27:e3:a0:a0:90:d8:4b:8c:00:72:5d:88:67:59:24:
a2:8d:84:e2:b2:3c:85:35:06:1a:42:72:93:2e:8f:
27:4f:ac:ab:f6:7d:a1:7f:83:1f:f0:6f:19:d6:72:
b6:82:de:52:9e:09:90:42:db:68:78:9a:a7:52:36:
51:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:69:7A:11:A0:0E:47:A8:73:74:4D:F4:4C:53:86:FE:34:CB:BD:0C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/N2l6EaAOR6hzdE30TFOG_jTLvQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:700::/44
Signature Algorithm: sha256WithRSAEncryption
2c:da:aa:ca:23:f8:97:d6:24:d5:61:0d:c3:8e:af:20:05:4d:
7a:6b:67:03:b9:40:96:13:8c:3a:fb:65:55:c1:f8:96:ec:46:
56:c8:47:66:ec:fb:9b:15:d2:c8:31:e8:87:b4:e9:d6:08:fd:
d9:f4:56:48:34:10:dc:c9:54:76:c5:77:20:70:ca:3a:cd:de:
e2:9a:3d:91:a8:9f:74:52:dc:fc:e8:d6:ed:6e:82:89:53:bb:
df:9d:97:b1:1c:b3:cf:ff:42:05:95:aa:20:b7:2c:b6:27:2f:
67:29:f3:45:b3:a3:07:c9:99:23:6d:a0:1a:41:67:6a:ae:7d:
6c:30:69:88:f1:27:02:e9:95:1d:51:7f:47:04:ce:38:cb:4a:
81:6c:36:bd:fa:c2:27:5f:11:c9:26:29:07:41:e7:ce:c9:75:
35:d6:a5:ad:78:ee:b9:7c:19:85:95:9a:03:a9:b3:0e:e2:22:
05:f7:0d:9a:6b:71:6c:d0:e1:6b:89:c1:6f:80:46:76:db:29:
9d:af:d5:b9:bd:ef:d6:01:8b:1c:d7:68:ed:c6:a0:c9:98:b7:
9e:fe:55:29:7d:6a:2a:3f:11:3a:e4:5d:68:44:63:24:51:41:
9b:55:71:ae:03:bf:21:bd:79:a8:3e:fe:bf:53:cc:cc:c7:75:
37:20:2f:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvM5XUhRvl2qcVNCwQyinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzY5N2ExMWEwMGU0N2E4NzM3NDRkZjQ0YzUzODZmZTM0Y2JiZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6q5aliRRYLDWZnZs9rQMDP70PGT
A47xOkm1R7rHq1eArArpCMplcFcLWFbh2Q4UCz3OBvwNjUJHGonB+si6Mww47bQ2
KpHE4bhJ5i7HMCtO0KjGi/FLKpxxgF/9nWaVVweSf624MadcrOZcVgB+t5hhCrsf
HActaFhkyPfvnhl0qwtNtvocCBv55pv+ZTUclLFvROFxmbosC1J51gX4NYdvwfhQ
k4uTZmZBfVbO8wwUfZiF96ypVHCtXQyOrsJNajAn46CgkNhLjAByXYhnWSSijYTi
sjyFNQYaQnKTLo8nT6yr9n2hf4Mf8G8Z1nK2gt5SngmQQttoeJqnUjZRXwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDdpehGgDkeoc3RN9ExThv40y70MMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTjJsNkVhQU9SNmh6ZEUzMFRGT0dfalRMdlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAcA
MA0GCSqGSIb3DQEBCwUAA4IBAQAs2qrKI/iX1iTVYQ3Djq8gBU16a2cDuUCWE4w6
+2VVwfiW7EZWyEdm7PubFdLIMeiHtOnWCP3Z9FZINBDcyVR2xXcgcMo6zd7imj2R
qJ90Utz86NbtboKJU7vfnZexHLPP/0IFlaogtyy2Jy9nKfNFs6MHyZkjbaAaQWdq
rn1sMGmI8ScC6ZUdUX9HBM44y0qBbDa9+sInXxHJJikHQefOyXU11qWteO65fBmF
lZoDqbMO4iIF9w2aa3Fs0OFricFvgEZ22ymdr9W5ve/WAYsc12jtxqDJmLee/lUp
fWoqPxE65F1oRGMkUUGbVXGuA78hvXmoPv6/U8zMx3U3IC/B
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:56 2024 by rpki-client on console-ams.rpki-client.org