Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T0Aj0IZB6Mv3i3RTTBV_qIcX7GQ.roa
File: T0Aj0IZB6Mv3i3RTTBV_qIcX7GQ.roa (raw, json)
Hash identifier: b9TqY+2skEX6k9+MX7HryLSp1WYRrPT/RJnRpd/+3qY=
Subject key identifier: 4F:40:23:D0:86:41:E8:CB:F7:8B:74:53:4C:15:7F:A8:87:17:EC:64
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018E30D22D0D4743226C368C54E4940E61C1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T0Aj0IZB6Mv3i3RTTBV_qIcX7GQ.roa
Signing time: Tue 12 Mar 2024 04:01:04 +0000
ROA not before: Tue 12 Mar 2024 04:01:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200160
IP address blocks: 2a0e:b107:5d0::/44 maxlen: 48
2a0e:b107:5e0::/44 maxlen: 48
2a0e:b107:5f0::/44 maxlen: 48
2a0e:b107:600::/44 maxlen: 48
2a0e:b107:660::/44 maxlen: 48
2a0e:b107:690::/44 maxlen: 48
2a0e:b107:6c0::/44 maxlen: 48
2a0e:b107:ad0::/44 maxlen: 48
2a0e:b107:bb0::/44 maxlen: 48
2a0e:b107:1d60::/44 maxlen: 48
2a0e:b107:1dc0::/44 maxlen: 48
2a0e:b107:1e00::/44 maxlen: 48
2a0e:b107:2140::/44 maxlen: 48
2a0e:b107:2150::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 08:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:30:d2:2d:0d:47:43:22:6c:36:8c:54:e4:94:0e:61:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 12 04:01:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f4023d08641e8cbf78b74534c157fa88717ec64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f1:22:2a:14:f8:d6:2d:46:23:37:63:f8:45:
43:f1:24:81:b9:e7:3d:72:5d:f2:62:c8:65:a9:12:
6c:55:ff:cc:e4:2a:f3:f3:c9:39:99:d0:f1:7f:db:
7a:49:cf:c4:f6:d0:40:d2:7a:94:4e:12:2b:24:92:
9b:1b:e6:60:da:eb:58:c3:92:a6:ad:2e:a1:f1:a7:
28:92:7e:c7:0f:92:2d:d8:20:ac:7d:59:96:4d:55:
ad:13:48:cb:f8:15:4a:8d:c0:b8:ca:95:95:ad:91:
43:33:b2:c7:f7:69:ac:3d:49:8d:f5:9a:2c:10:4e:
81:5a:52:20:57:a2:1b:a5:d2:92:b4:b8:d7:73:36:
32:4a:74:bc:19:f3:ed:7e:ed:6b:d3:c7:9f:57:aa:
e4:1e:fc:b4:d8:81:f2:a3:d0:b3:11:a1:6f:12:97:
f1:49:c3:15:26:5d:6c:96:76:7e:72:47:36:6f:a2:
52:7d:59:e8:39:42:cc:a5:88:a9:96:9b:ea:70:a1:
f1:4c:8c:9f:dd:a9:83:e7:48:5d:10:5d:49:43:bf:
ba:29:6a:ed:5c:a0:de:98:35:b8:ce:95:0c:bd:62:
a7:98:f8:92:5a:33:9f:ea:8d:5a:b1:fd:2f:b6:b8:
17:6c:4d:46:d9:af:83:f8:92:42:37:06:60:04:53:
b9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:40:23:D0:86:41:E8:CB:F7:8B:74:53:4C:15:7F:A8:87:17:EC:64
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/T0Aj0IZB6Mv3i3RTTBV_qIcX7GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:5d0::-2a0e:b107:60f:ffff:ffff:ffff:ffff:ffff
2a0e:b107:660::/44
2a0e:b107:690::/44
2a0e:b107:6c0::/44
2a0e:b107:ad0::/44
2a0e:b107:bb0::/44
2a0e:b107:1d60::/44
2a0e:b107:1dc0::/44
2a0e:b107:1e00::/44
2a0e:b107:2140::/43
Signature Algorithm: sha256WithRSAEncryption
21:fd:b9:98:65:57:5e:8e:60:1e:5c:25:f8:24:ea:18:8e:90:
1e:63:6e:68:96:e3:9e:63:c1:ef:83:4d:8e:2c:b4:cb:68:a9:
9f:74:69:82:66:cc:2d:31:80:ad:0b:2d:2c:e3:54:eb:a2:2a:
29:35:f3:4e:79:04:88:b5:56:29:e4:32:03:8f:b2:85:cc:00:
1b:8d:77:e4:f9:da:90:3a:08:83:26:e9:eb:96:5f:5c:d6:6c:
90:af:8c:3b:4b:48:cd:70:0c:d1:38:f6:85:7a:20:a5:c2:78:
35:21:95:95:19:91:67:de:99:6f:0b:5c:07:34:c5:84:86:80:
5b:ce:17:f0:a6:2f:55:e0:80:2f:c5:de:b0:e4:ab:09:3b:a0:
b2:4d:f9:e5:39:78:5e:aa:c4:32:c4:c5:37:9c:70:55:56:d8:
f3:d3:52:77:be:f7:90:e9:c5:db:34:c4:73:16:e4:f8:43:89:
ac:1b:10:5a:23:19:51:65:04:fd:9a:4b:5a:a4:1e:44:0c:f9:
84:69:3b:43:94:ee:c4:31:4a:bb:74:14:a5:db:d2:82:47:ae:
42:20:38:9f:35:6b:c1:4d:63:5f:87:df:c0:fc:58:fc:fa:aa:
f9:07:0f:b3:e3:46:33:eb:f2:75:03:93:e4:06:a3:c4:af:18:
a4:26:52:76
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY4w0i0NR0MibDaMVOSUDmHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMzEyMDQwMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQwMjNkMDg2NDFlOGNiZjc4Yjc0NTM0YzE1N2ZhODg3MTdlYzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/EiKhT41i1GIzdj+EVD8SSBuec9
cl3yYshlqRJsVf/M5Crz88k5mdDxf9t6Sc/E9tBA0nqUThIrJJKbG+Zg2utYw5Km
rS6h8acokn7HD5It2CCsfVmWTVWtE0jL+BVKjcC4ypWVrZFDM7LH92msPUmN9Zos
EE6BWlIgV6IbpdKStLjXczYySnS8GfPtfu1r08efV6rkHvy02IHyo9CzEaFvEpfx
ScMVJl1slnZ+ckc2b6JSfVnoOULMpYiplpvqcKHxTIyf3amD50hdEF1JQ7+6KWrt
XKDemDW4zpUMvWKnmPiSWjOf6o1asf0vtrgXbE1G2a+D+JJCNwZgBFO5swIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFE9AI9CGQejL94t0U0wVf6iHF+xkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVDBBajBJWkI2TXYzaTNSVFRCVl9xSWNYN0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBrBAIAAjBlMBIDBwQqDrEH
BdADBwQqDrEHBgADBwQqDrEHBmADBwQqDrEHBpADBwQqDrEHBsADBwQqDrEHCtAD
BwQqDrEHC7ADBwQqDrEHHWADBwQqDrEHHcADBwQqDrEHHgADBwUqDrEHIUAwDQYJ
KoZIhvcNAQELBQADggEBACH9uZhlV16OYB5cJfgk6hiOkB5jbmiW455jwe+DTY4s
tMtoqZ90aYJmzC0xgK0LLSzjVOuiKik18055BIi1VinkMgOPsoXMABuNd+T52pA6
CIMm6euWX1zWbJCvjDtLSM1wDNE49oV6IKXCeDUhlZUZkWfemW8LXAc0xYSGgFvO
F/CmL1XggC/F3rDkqwk7oLJN+eU5eF6qxDLExTeccFVW2PPTUne+95Dpxds0xHMW
5PhDiawbEFojGVFlBP2aS1qkHkQM+YRpO0OU7sQxSrt0FKXb0oJHrkIgOJ81a8FN
Y1+H38D8WPz6qvkHD7PjRjPr8nUDk+QGo8SvGKQmUnY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:50:11 2024 by rpki-client on console-ams.rpki-client.org