Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OIPKDZEb7gyhQKvMKeFFiTcFr5w.roa
File: OIPKDZEb7gyhQKvMKeFFiTcFr5w.roa (raw, json)
Hash identifier: Eq2/RUfqrvSMuwO+IducnEotZW21CihU62J5ZIkZTs0=
Subject key identifier: 38:83:CA:0D:91:1B:EE:0C:A1:40:AB:CC:29:E1:45:89:37:05:AF:9C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD46D4653DBB3FA58DC99D88779BF9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OIPKDZEb7gyhQKvMKeFFiTcFr5w.roa
Signing time: Tue 02 Jan 2024 10:34:33 +0000
ROA not before: Tue 02 Jan 2024 10:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212539
IP address blocks: 2a0e:97c0:3f5::/48 maxlen: 48
2a0e:97c0:3f8::/48 maxlen: 48
2a0e:97c0:3f0::/48 maxlen: 48
2a0e:97c0:3f3::/48 maxlen: 48
2a0e:97c0:3f6::/48 maxlen: 48
2a0e:97c0:3f1::/48 maxlen: 48
2a0e:97c0:3f4::/48 maxlen: 48
2a0e:97c0:3f7::/48 maxlen: 48
2a0e:97c0:3f2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:46:d4:65:3d:bb:3f:a5:8d:c9:9d:88:77:9b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3883ca0d911bee0ca140abcc29e145893705af9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ff:3e:37:f6:db:3c:ae:30:16:8d:00:fc:27:
4d:4a:3c:6d:aa:71:cc:85:8b:d6:a8:17:dc:81:d0:
d0:ff:08:ec:f6:cf:5e:7f:c6:16:dd:44:12:4b:b3:
79:3b:3c:3c:da:21:96:90:fb:8a:61:cc:3f:d1:c2:
27:0e:62:17:29:28:6c:01:5b:11:84:54:02:1b:94:
34:ef:e9:34:c7:1e:76:ea:56:50:f1:e8:e0:06:10:
84:05:ea:93:5a:7c:92:77:7c:cd:a7:50:b8:bc:3b:
bd:3e:97:bd:cd:9d:af:57:9a:c3:55:e3:23:b7:96:
d3:e8:08:4d:22:50:0c:97:cb:64:c2:d7:ca:b0:5f:
0a:ba:d7:44:2c:c5:bb:bb:e9:e3:a1:e3:4f:64:c2:
ea:6b:34:c9:da:ed:01:56:09:e2:ba:27:17:2f:24:
5f:e9:33:7a:7c:59:35:c1:04:86:9e:ac:35:1c:74:
55:2d:2f:e7:71:bf:cd:02:7b:8a:00:85:89:0d:4a:
be:0a:78:b3:a1:9b:31:a5:13:f4:9b:cf:17:b6:57:
ce:27:78:b9:a5:5c:ff:f9:f6:ce:78:fd:66:21:27:
2e:db:a8:78:4b:21:aa:6c:11:06:d3:42:ba:04:63:
62:e9:fd:a5:c0:1c:74:fa:e3:de:da:52:da:41:88:
9b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:83:CA:0D:91:1B:EE:0C:A1:40:AB:CC:29:E1:45:89:37:05:AF:9C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/OIPKDZEb7gyhQKvMKeFFiTcFr5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3f0::-2a0e:97c0:3f8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:bf:08:1e:c8:1d:55:97:56:9a:72:55:3f:99:90:f2:05:8d:
4e:0d:d2:08:8e:e2:c9:2b:4c:f3:83:5f:02:ea:4e:25:c1:f6:
1a:86:09:04:94:38:2a:ae:6d:e5:32:1b:3d:0c:53:f4:44:7c:
07:11:4a:6f:a4:65:6b:59:94:33:89:ad:e8:2e:1c:af:b6:65:
82:17:80:05:40:55:4d:24:77:51:de:37:ed:f7:b0:8d:1b:8c:
3a:b6:c2:e0:45:76:ef:9c:75:5f:38:4e:cd:62:ce:58:6e:76:
b6:24:05:87:9d:27:9c:46:d0:98:e8:0c:a5:60:9e:a1:19:bc:
33:dc:f2:29:a4:40:ed:0e:b4:be:0a:bb:89:23:c2:b9:e3:1d:
db:69:49:e1:8b:c9:41:0a:8e:02:ed:a6:c9:39:80:7b:1c:b3:
78:dd:ce:8a:21:27:2f:14:a9:c0:92:b5:a1:0a:2c:65:dc:2a:
20:d8:a0:22:65:d4:69:0a:02:8f:f9:ad:20:0b:f4:74:e1:1f:
4a:a0:c3:71:b5:f6:aa:d2:d9:9e:61:24:4c:7b:05:2d:4d:8a:
45:f8:49:e3:c1:d7:53:80:26:a8:ae:11:74:88:d4:96:a3:b0:
2d:4c:8e:5c:18:b7:e9:6f:9e:34:43:72:61:de:74:21:c8:47:
9e:28:57:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJvUbUZT27P6WNyZ2Id5v5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODgzY2EwZDkxMWJlZTBjYTE0MGFiY2MyOWUxNDU4OTM3MDVhZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2f8+N/bbPK4wFo0A/CdNSjxtqnHM
hYvWqBfcgdDQ/wjs9s9ef8YW3UQSS7N5Ozw82iGWkPuKYcw/0cInDmIXKShsAVsR
hFQCG5Q07+k0xx526lZQ8ejgBhCEBeqTWnySd3zNp1C4vDu9Ppe9zZ2vV5rDVeMj
t5bT6AhNIlAMl8tkwtfKsF8KutdELMW7u+njoeNPZMLqazTJ2u0BVgniuicXLyRf
6TN6fFk1wQSGnqw1HHRVLS/ncb/NAnuKAIWJDUq+CnizoZsxpRP0m88XtlfOJ3i5
pVz/+fbOeP1mIScu26h4SyGqbBEG00K6BGNi6f2lwBx0+uPe2lLaQYibWwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDiDyg2RG+4MoUCrzCnhRYk3Ba+cMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvT0lQS0RaRWI3Z3loUUt2TUtlRkZpVGNGcjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDpfA
A/ADBwAqDpfAA/gwDQYJKoZIhvcNAQELBQADggEBAIW/CB7IHVWXVppyVT+ZkPIF
jU4N0giO4skrTPODXwLqTiXB9hqGCQSUOCqubeUyGz0MU/REfAcRSm+kZWtZlDOJ
reguHK+2ZYIXgAVAVU0kd1HeN+33sI0bjDq2wuBFdu+cdV84Ts1izlhudrYkBYed
J5xG0JjoDKVgnqEZvDPc8imkQO0OtL4Ku4kjwrnjHdtpSeGLyUEKjgLtpsk5gHsc
s3jdzoohJy8UqcCStaEKLGXcKiDYoCJl1GkKAo/5rSAL9HThH0qgw3G19qrS2Z5h
JEx7BS1NikX4SePB11OAJqiuEXSI1JajsC1MjlwYt+lvnjRDcmHedCHIR54oVzQ=
-----END CERTIFICATE-----
Generated at Fri May 3 05:22:02 2024 by rpki-client on console-fra.rpki-client.org