Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SQZlh4xhbKxhiyVIK3_Gc96-JL0.roa
File: SQZlh4xhbKxhiyVIK3_Gc96-JL0.roa (raw, json)
Hash identifier: ncEnXS/QNenmyty4YycCgqZCrORU7pVv5qcoSImoKKM=
Subject key identifier: 49:06:65:87:8C:61:6C:AC:61:8B:25:48:2B:7F:C6:73:DE:BE:24:BD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521D9DAB08F43E0C3837E71967D80B3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SQZlh4xhbKxhiyVIK3_Gc96-JL0.roa
Signing time: Thu 02 Jan 2025 03:49:22 +0000
ROA not before: Thu 02 Jan 2025 03:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56758
IP address blocks: 2a0e:97c0:660::/44 maxlen: 48
2a0e:b107:17a0::/44 maxlen: 48
2a10:cc40:b000::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d9:da:b0:8f:43:e0:c3:83:7e:71:96:7d:80:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=490665878c616cac618b25482b7fc673debe24bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4f:f2:84:ca:ec:70:af:1e:79:79:25:3c:12:
65:64:09:a4:a8:68:01:66:34:1c:1b:0c:36:39:14:
80:b2:56:99:c5:d0:2c:4d:25:1f:28:8f:74:24:7a:
60:6a:70:2b:e5:e0:24:e4:d9:fe:2f:d1:c0:aa:e6:
8d:f5:00:91:36:40:e2:55:dc:3b:61:50:6e:d5:c5:
07:fd:e3:a8:2b:3f:4b:6f:a1:6d:a5:dd:06:dc:78:
89:37:0d:f6:cd:13:d6:55:40:e6:4c:77:a3:79:dc:
7d:f8:1c:03:3b:ad:a9:b2:44:c2:27:fa:b9:cf:6c:
63:ab:42:ea:bb:e0:d9:58:9e:07:68:ff:cf:ea:67:
e8:94:cd:1b:63:f8:c6:cd:f5:86:fd:53:93:ca:97:
b4:a4:84:b4:7f:cb:4b:8f:df:4a:d4:19:57:ae:d5:
4b:b2:ed:36:d4:ff:24:3c:75:34:05:10:80:c6:69:
74:5f:4b:f8:4d:86:c0:13:62:f2:68:ca:d9:3b:85:
6a:43:7f:ef:6f:30:60:2f:91:56:16:75:9b:3e:89:
29:d9:68:a5:8b:ec:9a:f1:68:80:6b:aa:53:7f:fb:
ad:23:a6:a7:53:c9:c1:fc:53:70:f1:19:02:97:5d:
c0:3a:22:e5:71:ab:ef:9d:1e:8a:06:ba:cd:df:5e:
97:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:06:65:87:8C:61:6C:AC:61:8B:25:48:2B:7F:C6:73:DE:BE:24:BD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SQZlh4xhbKxhiyVIK3_Gc96-JL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:660::/44
2a0e:b107:17a0::/44
2a10:cc40:b000::/44
Signature Algorithm: sha256WithRSAEncryption
9b:92:85:65:6a:b7:4a:0d:3a:cd:f4:96:e1:05:a0:f8:ff:da:
87:14:2a:02:a8:fc:9f:47:05:14:36:d5:b5:0e:79:e9:ac:5c:
40:f6:29:32:2f:e6:8c:50:6d:b8:d3:a7:f6:41:39:2f:22:e4:
63:05:96:09:d5:56:02:a6:87:c9:5f:84:55:af:71:a4:3e:b2:
86:7c:9b:eb:73:51:de:bb:a7:f4:f3:6e:af:fb:67:1a:42:cd:
10:6f:bd:3f:98:5b:7a:ea:50:0b:e2:7c:e5:97:1f:6e:f1:bb:
af:54:09:29:61:40:ed:7c:25:1b:d4:47:ed:83:47:a8:fb:58:
4c:49:01:4f:fb:e6:4e:ba:7c:5b:d0:59:83:0d:93:ff:77:5a:
0b:a8:b5:ce:04:73:8e:7f:31:e9:28:ad:1d:ad:51:5c:4d:15:
1a:e3:cf:21:66:2e:fa:94:69:37:7c:37:39:6f:0c:03:c7:0a:
64:53:71:6c:c3:39:63:43:b6:2e:eb:d8:57:d3:3e:37:b1:75:
f2:c7:68:aa:78:d0:e0:45:98:2e:43:b4:46:c0:3b:2c:b6:46:
bf:c3:f9:e9:db:ec:9e:12:f9:80:2e:77:94:4f:c0:1f:1d:75:
b3:b4:42:e1:e7:dd:05:3f:51:e5:4c:b4:46:c1:fa:56:20:14:
60:55:7e:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIdnasI9D4MODfnGWfYCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTA2NjU4NzhjNjE2Y2FjNjE4YjI1NDgyYjdmYzY3M2RlYmUyNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0/yhMrscK8eeXklPBJlZAmkqGgB
ZjQcGww2ORSAslaZxdAsTSUfKI90JHpganAr5eAk5Nn+L9HAquaN9QCRNkDiVdw7
YVBu1cUH/eOoKz9Lb6Ftpd0G3HiJNw32zRPWVUDmTHejedx9+BwDO62pskTCJ/q5
z2xjq0Lqu+DZWJ4HaP/P6mfolM0bY/jGzfWG/VOType0pIS0f8tLj99K1BlXrtVL
su021P8kPHU0BRCAxml0X0v4TYbAE2LyaMrZO4VqQ3/vbzBgL5FWFnWbPokp2Wil
i+ya8WiAa6pTf/utI6anU8nB/FNw8RkCl13AOiLlcavvnR6KBrrN316XFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEkGZYeMYWysYYslSCt/xnPeviS9MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU1FabGg0eGhiS3hoaXlWSUszX0djOTYtSkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6XwAZg
AwcEKg6xBxegAwcEKhDMQLAAMA0GCSqGSIb3DQEBCwUAA4IBAQCbkoVlardKDTrN
9JbhBaD4/9qHFCoCqPyfRwUUNtW1DnnprFxA9ikyL+aMUG2406f2QTkvIuRjBZYJ
1VYCpofJX4RVr3GkPrKGfJvrc1Heu6f0826v+2caQs0Qb70/mFt66lAL4nzllx9u
8buvVAkpYUDtfCUb1Eftg0eo+1hMSQFP++ZOunxb0FmDDZP/d1oLqLXOBHOOfzHp
KK0drVFcTRUa488hZi76lGk3fDc5bwwDxwpkU3FswzljQ7Yu69hX0z43sXXyx2iq
eNDgRZguQ7RGwDsstka/w/np2+yeEvmALneUT8AfHXWztELh590FP1HlTLRGwfpW
IBRgVX4K
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:45:28 2025 by rpki-client