Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RHRxcbIUbyXoJKt59774dA7cf8A.roa
File: RHRxcbIUbyXoJKt59774dA7cf8A.roa (raw, json)
Hash identifier: B1KEg3LbrdwETIH9XITy1yYvBvnAILlipwpE2gmH8VQ=
Subject key identifier: 44:74:71:71:B2:14:6F:25:E8:24:AB:79:F7:BE:F8:74:0E:DC:7F:C0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD23303D3903B2A1951F3A34A5135D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RHRxcbIUbyXoJKt59774dA7cf8A.roa
Signing time: Tue 02 Jan 2024 10:34:24 +0000
ROA not before: Tue 02 Jan 2024 10:34:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210354
IP address blocks: 2a0e:97c0:690::/44 maxlen: 48
2a0e:97c0:690::/48 maxlen: 48
2a0e:97c0:693::/48 maxlen: 48
2a0e:97c0:691::/48 maxlen: 48
2a0e:97c0:692::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:23:30:3d:39:03:b2:a1:95:1f:3a:34:a5:13:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44747171b2146f25e824ab79f7bef8740edc7fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8b:83:99:ca:8e:40:32:db:d2:49:69:42:e4:
d3:8b:5d:d1:15:f6:42:12:71:3c:27:14:4f:af:bb:
88:b0:c2:02:d5:56:97:c6:4d:39:1c:d1:d2:d4:cb:
51:ce:06:36:d6:57:91:b4:6e:8a:35:07:3e:3e:aa:
bd:7b:81:73:52:1b:03:71:0c:8b:e3:ee:05:2e:1d:
bd:45:64:eb:ee:30:f2:5e:fd:bb:30:a3:68:f4:90:
57:ae:8c:6b:f9:c7:68:32:8a:35:62:8a:b9:af:4c:
c9:af:ed:15:32:0d:ce:4f:2c:b5:5b:f6:e7:85:0a:
b3:b5:a1:27:16:99:da:6c:e0:df:2e:cc:c9:21:3a:
c0:44:ec:34:0b:6e:c7:bf:66:80:69:05:be:f1:b7:
03:f4:12:95:ef:a4:28:3b:ae:fd:35:0c:66:d5:cd:
c7:ec:e4:e2:7a:46:8a:7a:41:3a:0e:51:ed:57:95:
e8:a8:ff:bb:94:3b:a6:b6:6c:a2:51:24:ab:c5:ae:
b5:54:1e:e6:48:6c:71:b0:91:fa:2b:15:55:ec:3b:
f7:41:94:45:12:48:89:44:2e:60:cd:29:58:72:e3:
78:1b:27:f1:64:cd:83:a5:1b:bf:97:7a:00:ea:aa:
dd:d8:59:d1:e3:23:1a:cc:8d:a2:80:8e:25:54:27:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:74:71:71:B2:14:6F:25:E8:24:AB:79:F7:BE:F8:74:0E:DC:7F:C0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RHRxcbIUbyXoJKt59774dA7cf8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:690::/44
Signature Algorithm: sha256WithRSAEncryption
8f:3c:1a:52:33:8a:0d:16:df:04:af:86:ed:69:bb:6c:54:aa:
a1:ab:b0:d8:90:d0:3b:2e:53:e4:56:85:c6:9d:3a:4e:26:53:
83:31:d8:4f:ee:ce:b5:d9:51:48:25:2b:74:2f:ca:10:b9:ab:
f0:c8:be:5f:4e:f9:40:7d:bf:c0:78:9f:5b:7b:2b:35:c7:cb:
0a:c3:93:e5:36:d4:eb:bd:f6:2e:d8:56:ee:8c:b6:a3:8d:63:
0d:e3:24:18:c6:68:aa:75:61:18:dd:bb:37:ce:af:5d:2b:00:
9c:07:e7:e6:0d:52:b3:a1:91:b0:3d:a9:9e:ca:ca:2d:3d:c6:
06:5e:e2:9b:11:68:f8:4f:29:b6:96:f3:2a:d2:c7:f3:8e:79:
7e:4e:b1:4c:47:bc:bf:f2:93:12:78:29:d6:56:05:d6:7f:93:
47:95:2d:b9:5c:94:45:4c:e2:5a:d6:9a:a0:15:16:f5:ca:71:
62:70:0d:95:e5:1c:de:0f:e1:78:2b:0e:45:00:8e:fd:1e:a5:
06:e4:45:81:a2:50:04:d6:01:81:35:88:71:31:c0:65:ef:11:
fa:94:b2:00:1f:57:b9:f1:1f:6e:f1:fb:94:b3:b2:d8:05:90:
52:fd:c0:8b:57:9a:55:c2:82:41:b0:21:11:1d:99:fb:20:85:
12:b1:31:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvSMwPTkDsqGVHzo0pRNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc0NzE3MWIyMTQ2ZjI1ZTgyNGFiNzlmN2JlZjg3NDBlZGM3ZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhouDmcqOQDLb0klpQuTTi13RFfZC
EnE8JxRPr7uIsMIC1VaXxk05HNHS1MtRzgY21leRtG6KNQc+Pqq9e4FzUhsDcQyL
4+4FLh29RWTr7jDyXv27MKNo9JBXroxr+cdoMoo1Yoq5r0zJr+0VMg3OTyy1W/bn
hQqztaEnFpnabODfLszJITrAROw0C27Hv2aAaQW+8bcD9BKV76QoO679NQxm1c3H
7OTiekaKekE6DlHtV5XoqP+7lDumtmyiUSSrxa61VB7mSGxxsJH6KxVV7Dv3QZRF
EkiJRC5gzSlYcuN4GyfxZM2DpRu/l3oA6qrd2FnR4yMazI2igI4lVCfWAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFER0cXGyFG8l6CSrefe++HQO3H/AMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUkhSeGNiSVVieVhvSkt0NTk3NzRkQTdjZjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAaQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCPPBpSM4oNFt8Er4btabtsVKqhq7DYkNA7LlPk
VoXGnTpOJlODMdhP7s612VFIJSt0L8oQuavwyL5fTvlAfb/AeJ9beys1x8sKw5Pl
NtTrvfYu2FbujLajjWMN4yQYxmiqdWEY3bs3zq9dKwCcB+fmDVKzoZGwPameysot
PcYGXuKbEWj4Tym2lvMq0sfzjnl+TrFMR7y/8pMSeCnWVgXWf5NHlS25XJRFTOJa
1pqgFRb1ynFicA2V5RzeD+F4Kw5FAI79HqUG5EWBolAE1gGBNYhxMcBl7xH6lLIA
H1e58R9u8fuUs7LYBZBS/cCLV5pVwoJBsCERHZn7IIUSsTGF
-----END CERTIFICATE-----
Generated at Fri May 3 06:56:34 2024 by rpki-client on console-fra.rpki-client.org