Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RwupA9AUTZVgWfOYaf9PXqzHIkU.roa
File: RwupA9AUTZVgWfOYaf9PXqzHIkU.roa (raw, json)
Hash identifier: 2i7ik449d3t4K3mvYhLVte0to6YX7P83o7LENclsvCg=
Subject key identifier: 47:0B:A9:03:D0:14:4D:95:60:59:F3:98:69:FF:4F:5E:AC:C7:22:45
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521CB996AE51AF7C235B247FDC9B472
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RwupA9AUTZVgWfOYaf9PXqzHIkU.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38173
IP address blocks: 2a0e:b107:1520::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:cb:99:6a:e5:1a:f7:c2:35:b2:47:fd:c9:b4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=470ba903d0144d956059f39869ff4f5eacc72245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fe:d5:f4:9a:ad:1a:76:b3:b5:cd:de:55:0c:
11:49:e0:fa:44:75:d2:c6:cd:00:61:96:78:bd:f9:
ae:1e:ab:12:01:6a:5f:61:4e:83:9b:03:37:4c:4d:
27:e3:61:69:62:a4:ad:fa:ee:59:ec:2e:24:58:2e:
d7:a8:0e:42:1d:3b:1d:10:20:59:cb:4e:ee:94:2d:
ce:81:2a:0b:d9:51:ac:13:d8:54:76:87:4a:5a:cf:
80:52:f9:7b:96:2f:71:38:04:08:5f:d5:a8:98:3d:
8c:23:7c:01:cc:2c:33:5b:41:ab:53:47:05:24:83:
e1:a2:5a:dd:8d:a0:f9:de:80:43:27:ed:43:32:61:
1d:b6:4b:3c:2f:ae:ff:78:70:7e:ab:9f:00:84:88:
88:88:9d:0e:86:6f:84:dc:d6:c6:63:63:5a:49:f5:
f3:25:91:6b:8a:e3:f5:e5:d9:73:61:d5:1a:4d:4e:
6c:4c:2e:16:9b:39:fe:a3:aa:0c:64:27:04:b1:67:
02:d6:8a:eb:66:69:68:b6:71:97:e8:e2:a5:f0:21:
2f:d6:24:11:1f:de:59:f4:2f:72:e9:1b:69:83:c5:
d7:3c:b0:72:d6:6b:13:d2:33:ee:59:b7:61:e7:8f:
75:cc:2c:22:43:87:1e:e3:af:9d:9d:d3:7d:ee:e5:
68:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0B:A9:03:D0:14:4D:95:60:59:F3:98:69:FF:4F:5E:AC:C7:22:45
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RwupA9AUTZVgWfOYaf9PXqzHIkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1520::/48
Signature Algorithm: sha256WithRSAEncryption
44:fe:ff:ad:99:89:c0:01:3f:13:6b:13:3f:18:39:6a:e5:5d:
52:e1:74:06:ce:68:4e:c4:ec:30:0d:94:1d:fa:3d:90:de:fd:
b8:24:27:bf:94:e7:cd:47:37:04:f0:e7:cd:05:4e:34:17:f5:
ff:35:32:c5:64:c3:e3:12:48:63:94:62:e4:57:eb:7f:7d:1c:
56:c4:c5:65:62:15:0e:b5:6d:70:85:e8:ac:e1:16:e4:fb:01:
f0:44:02:a0:5b:5a:4b:96:fb:2c:f2:71:c3:32:7f:4a:20:54:
bf:41:1c:60:f6:f4:1a:1e:f9:47:69:5e:6c:17:cd:17:50:4e:
ed:e6:41:ea:6a:a8:3f:5a:4f:8b:7d:79:79:21:ac:73:0c:95:
0c:9f:8f:c2:00:c2:9f:d8:5f:de:ab:51:d1:a7:23:b1:41:07:
5b:9c:73:0c:17:ba:cc:13:69:5a:93:4b:e5:1b:33:2a:7b:ba:
96:ca:e8:99:7f:7d:53:d6:e8:10:11:77:e6:f0:ab:0d:10:8f:
4e:12:58:b4:11:56:81:e5:a1:07:be:e0:9c:8e:f8:e6:c9:7a:
46:d7:b6:e4:ae:c1:73:c2:c8:42:17:28:c0:cd:67:05:c5:1e:
c5:bf:40:bb:a3:ef:80:65:e2:e0:d2:07:27:41:4d:34:64:bc:
56:d3:05:80
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIcuZauUa98I1skf9ybRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzBiYTkwM2QwMTQ0ZDk1NjA1OWYzOTg2OWZmNGY1ZWFjYzcyMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP7V9JqtGnaztc3eVQwRSeD6RHXS
xs0AYZZ4vfmuHqsSAWpfYU6DmwM3TE0n42FpYqSt+u5Z7C4kWC7XqA5CHTsdECBZ
y07ulC3OgSoL2VGsE9hUdodKWs+AUvl7li9xOAQIX9WomD2MI3wBzCwzW0GrU0cF
JIPholrdjaD53oBDJ+1DMmEdtks8L67/eHB+q58AhIiIiJ0Ohm+E3NbGY2NaSfXz
JZFriuP15dlzYdUaTU5sTC4Wmzn+o6oMZCcEsWcC1orrZmlotnGX6OKl8CEv1iQR
H95Z9C9y6Rtpg8XXPLBy1msT0jPuWbdh5491zCwiQ4ce46+dndN97uVoxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEcLqQPQFE2VYFnzmGn/T16sxyJFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUnd1cEE5QVVUWlZnV2ZPWWFmOVBYcXpISWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxUg
MA0GCSqGSIb3DQEBCwUAA4IBAQBE/v+tmYnAAT8TaxM/GDlq5V1S4XQGzmhOxOww
DZQd+j2Q3v24JCe/lOfNRzcE8OfNBU40F/X/NTLFZMPjEkhjlGLkV+t/fRxWxMVl
YhUOtW1wheis4Rbk+wHwRAKgW1pLlvss8nHDMn9KIFS/QRxg9vQaHvlHaV5sF80X
UE7t5kHqaqg/Wk+LfXl5IaxzDJUMn4/CAMKf2F/eq1HRpyOxQQdbnHMMF7rME2la
k0vlGzMqe7qWyuiZf31T1ugQEXfm8KsNEI9OEli0EVaB5aEHvuCcjvjmyXpG17bk
rsFzwshCFyjAzWcFxR7Fv0C7o++AZeLg0gcnQU00ZLxW0wWA
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:57:39 2025 by rpki-client