Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rnq33amJry1zz_VIa51bd5ZWysM.roa
File: Rnq33amJry1zz_VIa51bd5ZWysM.roa (raw, json)
Hash identifier: cpEGAlwvTWiwNGug7V/qBwcLcC2+z74la/MBZvDAG0s=
Subject key identifier: 46:7A:B7:DD:A9:89:AF:2D:73:CF:F5:48:6B:9D:5B:77:96:56:CA:C3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCFD41F9C345BDBBD5A09A46F45954
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rnq33amJry1zz_VIa51bd5ZWysM.roa
Signing time: Tue 02 Jan 2024 10:34:15 +0000
ROA not before: Tue 02 Jan 2024 10:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202224
IP address blocks: 2a10:2f00:18b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:fd:41:f9:c3:45:bd:bb:d5:a0:9a:46:f4:59:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=467ab7dda989af2d73cff5486b9d5b779656cac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:09:24:4b:a6:b5:81:d5:94:a5:f9:32:1f:ae:
f1:f2:f4:88:c8:89:59:f4:7b:e7:5d:bb:c1:cb:f6:
26:ce:86:6c:d6:01:b5:17:75:e6:fe:9f:ff:80:6d:
61:2d:bb:03:9b:64:66:e6:43:9f:00:b1:da:80:43:
4b:cd:93:52:a8:83:26:fd:30:e3:ff:51:67:a6:ab:
17:93:09:85:af:f8:5c:1c:7f:ea:af:fe:74:c6:e0:
8c:bc:97:4b:4a:f3:c2:d5:b9:e5:e3:df:bc:2d:89:
07:02:9c:95:6a:bb:dc:88:f2:6e:aa:8f:a7:f0:d3:
dd:33:2e:87:35:c7:2a:09:31:cc:8c:47:f3:dc:3d:
ad:fa:ac:05:d2:5d:29:64:ea:95:7a:26:10:85:bf:
1e:30:77:82:f0:ef:2e:e9:17:93:cf:a5:fd:79:ae:
4e:f4:8c:25:a7:70:be:60:e9:e8:7a:06:8c:a5:7e:
f9:05:3c:e8:0c:0d:60:ef:87:42:d1:18:50:4f:f2:
77:c4:e9:e7:94:14:39:6d:49:04:0a:de:8e:9c:35:
45:21:68:c8:94:34:6b:32:52:54:4c:20:72:27:80:
c6:c5:34:35:ac:44:5e:0e:2d:a6:61:45:8c:15:fe:
18:3d:e1:9c:13:97:03:44:f1:51:ca:d8:ed:39:86:
04:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7A:B7:DD:A9:89:AF:2D:73:CF:F5:48:6B:9D:5B:77:96:56:CA:C3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Rnq33amJry1zz_VIa51bd5ZWysM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:18b::/48
Signature Algorithm: sha256WithRSAEncryption
7f:36:a0:67:82:4e:12:e8:14:3e:d4:f3:dd:8c:3e:d3:23:d7:
0b:4b:45:af:6e:a6:d7:4c:90:f6:74:0d:74:3b:fa:7b:78:2b:
2c:61:be:7c:34:69:e8:37:fb:e3:7c:91:90:51:98:ac:db:f8:
9f:63:6f:33:73:74:9a:ab:d1:30:4c:2d:41:a5:7d:cd:20:72:
b5:c5:8d:eb:3b:ba:88:86:ac:25:5f:6b:48:cd:a9:57:e1:91:
d9:0b:a4:58:fe:3c:80:6d:30:6a:5e:c2:7d:6c:eb:e4:68:35:
34:12:43:4b:b6:ab:e6:69:c8:9a:cd:b2:26:94:ca:4c:96:6d:
2a:26:30:ff:ca:c7:80:b1:ec:6e:96:ed:5c:ff:d3:09:9d:53:
bd:d0:0c:f6:cd:e3:84:34:e8:c6:e1:0c:30:5a:a5:21:d8:71:
b8:89:7c:5d:3a:6c:7b:78:f9:20:40:4d:e7:cd:54:6f:0e:c4:
33:48:70:71:3e:77:05:b9:0c:f5:32:88:be:95:cc:54:3c:bc:
11:a2:96:60:16:08:1f:69:52:a4:5f:22:26:1c:5d:66:dd:76:
71:59:e2:28:3d:cb:dc:a9:d4:7c:da:80:0d:ab:0a:bd:03:78:
03:3c:43:b4:7f:8a:08:db:26:a3:02:03:79:cc:12:5f:6c:33:
ab:32:b8:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvP1B+cNFvbvVoJpG9FlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjdhYjdkZGE5ODlhZjJkNzNjZmY1NDg2YjlkNWI3Nzk2NTZjYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwkkS6a1gdWUpfkyH67x8vSIyIlZ
9HvnXbvBy/YmzoZs1gG1F3Xm/p//gG1hLbsDm2Rm5kOfALHagENLzZNSqIMm/TDj
/1FnpqsXkwmFr/hcHH/qr/50xuCMvJdLSvPC1bnl49+8LYkHApyVarvciPJuqo+n
8NPdMy6HNccqCTHMjEfz3D2t+qwF0l0pZOqVeiYQhb8eMHeC8O8u6ReTz6X9ea5O
9Iwlp3C+YOnoegaMpX75BTzoDA1g74dC0RhQT/J3xOnnlBQ5bUkECt6OnDVFIWjI
lDRrMlJUTCByJ4DGxTQ1rEReDi2mYUWMFf4YPeGcE5cDRPFRytjtOYYEFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEZ6t92pia8tc8/1SGudW3eWVsrDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUm5xMzNhbUpyeTF6el9WSWE1MWJkNVpXeXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAGL
MA0GCSqGSIb3DQEBCwUAA4IBAQB/NqBngk4S6BQ+1PPdjD7TI9cLS0WvbqbXTJD2
dA10O/p7eCssYb58NGnoN/vjfJGQUZis2/ifY28zc3Saq9EwTC1BpX3NIHK1xY3r
O7qIhqwlX2tIzalX4ZHZC6RY/jyAbTBqXsJ9bOvkaDU0EkNLtqvmaciazbImlMpM
lm0qJjD/yseAsexulu1c/9MJnVO90Az2zeOENOjG4QwwWqUh2HG4iXxdOmx7ePkg
QE3nzVRvDsQzSHBxPncFuQz1Moi+lcxUPLwRopZgFggfaVKkXyImHF1m3XZxWeIo
PcvcqdR82oANqwq9A3gDPEO0f4oI2yajAgN5zBJfbDOrMrjd
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:30 2024 by rpki-client on console-fra.rpki-client.org