Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sh8IGhBAtUzXmVIGzz7-fcp-hmE.roa
File: Sh8IGhBAtUzXmVIGzz7-fcp-hmE.roa (raw, json)
Hash identifier: cc+fDq3RPDw1xQay1UUs6RUwLhW3tErFSN9z+lL08Ko=
Subject key identifier: 4A:1F:08:1A:10:40:B5:4C:D7:99:52:06:CF:3E:FE:7D:CA:7E:86:61
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521D8157BDE3BEAD92BDF3362A607DD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sh8IGhBAtUzXmVIGzz7-fcp-hmE.roa
Signing time: Thu 02 Jan 2025 03:49:22 +0000
ROA not before: Thu 02 Jan 2025 03:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51939
IP address blocks: 2a0e:97c0:5c0::/44 maxlen: 48
2a0e:97c0:5c0::/48 maxlen: 48
2a0e:97c0:5c1::/48 maxlen: 48
2a0e:97c0:5c2::/48 maxlen: 48
2a0e:97c0:5c3::/48 maxlen: 48
2a0e:97c0:5c4::/48 maxlen: 48
2a0e:97c0:5c5::/48 maxlen: 48
2a0e:97c0:5c6::/48 maxlen: 48
2a0e:97c0:5c7::/48 maxlen: 48
2a0e:97c0:5c8::/48 maxlen: 48
2a0e:97c0:5c9::/48 maxlen: 48
2a0e:97c0:5ca::/48 maxlen: 48
2a0e:97c0:5cb::/48 maxlen: 48
2a0e:97c0:5cc::/48 maxlen: 48
2a0e:97c0:5cd::/48 maxlen: 48
2a0e:97c0:5ce::/48 maxlen: 48
2a0e:97c0:5cf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d8:15:7b:de:3b:ea:d9:2b:df:33:62:a6:07:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a1f081a1040b54cd7995206cf3efe7dca7e8661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a8:87:c5:c1:48:26:ec:9f:f9:63:d5:6b:3b:
fa:92:0c:54:fc:44:5f:a0:2d:fd:fa:36:cb:bf:b4:
7d:14:7d:44:6e:cf:31:6b:81:e3:2a:38:18:5b:e0:
f7:24:6a:10:46:6f:60:df:67:ad:24:cf:5a:db:ca:
24:4b:5e:04:72:7e:e1:92:a7:38:83:7b:ac:fe:8d:
cb:43:26:21:13:c3:b0:ac:19:ca:d4:f0:73:88:d7:
ab:a1:a0:38:0c:7f:f6:d1:4a:5b:e4:86:5e:82:a9:
6d:23:c3:26:74:88:ee:2a:c4:39:bf:67:16:c8:10:
ea:0e:88:2e:2b:43:93:61:36:7d:e8:be:6b:df:90:
6b:fa:29:84:f0:79:71:fe:f2:b2:d0:b8:93:85:ee:
b3:3d:ea:56:bf:27:9e:91:99:fe:99:b2:8c:79:e2:
27:13:43:62:42:d4:ba:87:8c:6e:2b:66:f7:2d:e5:
f4:71:f5:8b:78:19:22:c4:42:f1:93:95:36:f2:e3:
13:05:54:99:8b:bf:ad:b4:d2:06:ee:3f:4d:1d:cc:
cf:ca:52:03:ea:cc:9b:9c:97:06:c9:2f:e2:a8:8a:
ab:fc:6f:23:84:4d:03:e7:73:33:ba:57:b3:07:1d:
31:62:c0:08:36:cb:70:12:8c:ec:d4:75:8a:ad:6b:
06:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1F:08:1A:10:40:B5:4C:D7:99:52:06:CF:3E:FE:7D:CA:7E:86:61
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Sh8IGhBAtUzXmVIGzz7-fcp-hmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5c0::/44
Signature Algorithm: sha256WithRSAEncryption
08:c3:ab:08:45:0b:c3:96:06:19:87:33:85:f2:51:cd:75:db:
af:29:5b:9c:8f:ad:84:ff:b6:ac:e9:cb:1e:a1:ec:b6:6b:28:
cd:55:5c:16:cc:06:72:19:30:e1:21:c5:55:85:25:ee:ee:ca:
47:bb:e8:12:43:95:09:2a:41:d7:46:4d:5f:d4:63:d6:65:32:
aa:fd:e4:e1:56:f2:22:5a:82:70:1b:40:62:9f:70:fb:1c:4b:
7b:37:f3:30:77:94:23:0c:92:af:a8:75:f2:a0:1a:38:3f:21:
2a:c2:4b:6c:15:61:94:b6:31:e7:7a:df:0a:be:35:78:3f:31:
8d:69:48:07:8d:80:a0:b6:90:cf:ee:5b:29:6b:ac:34:b9:12:
2d:bc:45:bc:fb:6d:ae:e9:11:55:7f:a1:a6:ec:da:99:39:0b:
86:67:13:2c:04:fd:a9:b5:c1:05:81:5e:d4:81:a0:a1:63:62:
74:31:df:4c:29:ed:7a:4e:b4:9e:52:15:5a:4c:17:52:e9:fc:
97:90:b4:d6:65:41:26:62:2a:c4:b5:66:fb:7d:8f:f4:34:1a:
a6:16:c5:f2:fd:82:d1:29:18:ad:35:43:e7:d8:b8:81:7e:84:
a3:6b:a6:0d:e6:7b:d1:22:2e:80:10:01:d4:d8:c9:3f:da:3c:
6e:de:ae:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIdgVe9476tkr3zNipgfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFmMDgxYTEwNDBiNTRjZDc5OTUyMDZjZjNlZmU3ZGNhN2U4NjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6iHxcFIJuyf+WPVazv6kgxU/ERf
oC39+jbLv7R9FH1Ebs8xa4HjKjgYW+D3JGoQRm9g32etJM9a28okS14Ecn7hkqc4
g3us/o3LQyYhE8OwrBnK1PBziNeroaA4DH/20Upb5IZegqltI8MmdIjuKsQ5v2cW
yBDqDoguK0OTYTZ96L5r35Br+imE8Hlx/vKy0LiThe6zPepWvyeekZn+mbKMeeIn
E0NiQtS6h4xuK2b3LeX0cfWLeBkixELxk5U28uMTBVSZi7+ttNIG7j9NHczPylID
6sybnJcGyS/iqIqr/G8jhE0D53MzulezBx0xYsAINstwEozs1HWKrWsGIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEofCBoQQLVM15lSBs8+/n3KfoZhMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU2g4SUdoQkF0VXpYbVZJR3p6Ny1mY3AtaG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXA
MA0GCSqGSIb3DQEBCwUAA4IBAQAIw6sIRQvDlgYZhzOF8lHNdduvKVucj62E/7as
6cseoey2ayjNVVwWzAZyGTDhIcVVhSXu7spHu+gSQ5UJKkHXRk1f1GPWZTKq/eTh
VvIiWoJwG0Bin3D7HEt7N/Mwd5QjDJKvqHXyoBo4PyEqwktsFWGUtjHnet8KvjV4
PzGNaUgHjYCgtpDP7lspa6w0uRItvEW8+22u6RFVf6Gm7NqZOQuGZxMsBP2ptcEF
gV7UgaChY2J0Md9MKe16TrSeUhVaTBdS6fyXkLTWZUEmYirEtWb7fY/0NBqmFsXy
/YLRKRitNUPn2LiBfoSja6YN5nvRIi6AEAHU2Mk/2jxu3q7n
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:44:56 2025 by rpki-client