Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UhftvfemxJTUto9f83S3Hvj_W64.roa
File: UhftvfemxJTUto9f83S3Hvj_W64.roa (raw, json)
Hash identifier: cLTRdDCemzfhNZC/jcASXsnQia6oLm5srgnfe968W30=
Subject key identifier: 52:17:ED:BD:F7:A6:C4:94:D4:B6:8F:5F:F3:74:B7:1E:F8:FF:5B:AE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DAE408D6C0640DB2B0D9E543F283888D0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UhftvfemxJTUto9f83S3Hvj_W64.roa
Signing time: Thu 15 Feb 2024 19:31:22 +0000
ROA not before: Thu 15 Feb 2024 19:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:de00:10::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:40:8d:6c:06:40:db:2b:0d:9e:54:3f:28:38:88:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 15 19:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5217edbdf7a6c494d4b68f5ff374b71ef8ff5bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5a:a0:92:b0:5b:5c:2b:da:fc:16:8e:d9:f1:
4c:2e:0f:cc:2e:fb:18:ee:56:a2:60:f6:a5:61:a1:
a3:a6:57:f1:96:a3:0a:25:a1:c3:47:ab:f3:3f:9e:
c2:4c:0d:b9:fc:7b:f6:30:92:25:95:ac:35:a3:ab:
e7:28:02:e7:35:a4:76:b0:48:f2:7e:9e:f0:fd:4c:
09:d3:e9:ca:e5:0b:4c:91:a8:31:5d:11:37:f8:c5:
5e:52:2e:bf:37:f2:59:d8:1b:80:79:4e:ae:0b:4b:
43:4a:a5:53:d9:b2:17:87:01:d3:e7:44:d5:d6:e2:
25:f8:18:a3:c7:e5:41:f3:b6:8d:7b:90:da:d9:7b:
2e:7e:fd:5a:f2:8f:76:be:7c:f3:62:8c:cf:4b:d2:
0e:71:f0:3c:aa:73:59:5e:ab:24:a8:f4:c9:ed:b8:
bb:7f:73:cd:5a:00:00:44:85:d2:2b:3a:43:2c:ca:
df:be:50:a2:1a:be:48:37:ea:c9:07:93:8a:eb:e4:
d5:9f:89:85:28:3a:2b:fc:99:d5:6c:1c:2e:84:8e:
a8:72:8d:68:21:3a:bb:5a:21:22:1d:5a:3e:16:78:
3e:3b:10:bf:05:b9:e5:6a:24:7f:6f:54:e5:66:d4:
cd:f7:7a:8e:8f:6a:59:60:b2:b3:6d:40:9e:eb:85:
96:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:17:ED:BD:F7:A6:C4:94:D4:B6:8F:5F:F3:74:B7:1E:F8:FF:5B:AE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/UhftvfemxJTUto9f83S3Hvj_W64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:10::/48
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:db:aa:eb:a8:6f:42:4b:05:e4:1d:94:2e:e4:c0:bb:d6:fe:
cb:42:5d:6d:3c:54:47:f5:21:a8:1a:1d:0f:f3:84:70:81:08:
a3:79:96:7b:b1:a0:55:42:36:1b:43:2a:17:43:55:d8:92:e2:
01:37:f0:0c:c1:35:c9:a4:70:80:9b:eb:70:54:97:10:02:a0:
88:38:78:87:fc:73:fb:c0:11:c4:0b:78:54:a1:f1:83:00:84:
d5:d0:f1:02:74:e1:c0:db:8a:15:5c:8c:92:b7:80:d9:a5:de:
4e:f8:8a:48:4b:15:4f:53:bc:04:10:bb:38:2d:b7:7b:51:57:
c0:78:d2:34:5d:39:0f:d6:9d:18:0e:d3:88:35:ed:ca:e7:35:
fb:09:52:cc:85:b3:ac:47:6a:75:00:a1:77:f7:03:76:25:74:
48:53:6b:bd:8e:50:6e:d9:96:0f:64:74:09:5e:81:7f:0a:b8:
9a:29:04:ad:b5:d7:9c:e9:09:f1:ca:79:38:d1:f5:3f:99:22:
cd:0a:41:a7:8a:a3:a0:34:c8:28:25:90:06:d3:57:5d:74:c7:
ab:51:a5:68:ef:08:6f:5f:9d:56:93:72:9f:ac:3f:b9:75:9f:
a1:0c:d3:8f:1e:0c:69:8c:43:0b:ad:50:3c:d7:95:fa:51:31:
9f:a1:34:8f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY2uQI1sBkDbKw2eVD8oOIjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjE1MTkzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE3ZWRiZGY3YTZjNDk0ZDRiNjhmNWZmMzc0YjcxZWY4ZmY1YmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVqgkrBbXCva/BaO2fFMLg/MLvsY
7laiYPalYaGjplfxlqMKJaHDR6vzP57CTA25/Hv2MJIllaw1o6vnKALnNaR2sEjy
fp7w/UwJ0+nK5QtMkagxXRE3+MVeUi6/N/JZ2BuAeU6uC0tDSqVT2bIXhwHT50TV
1uIl+Bijx+VB87aNe5Da2Xsufv1a8o92vnzzYozPS9IOcfA8qnNZXqskqPTJ7bi7
f3PNWgAARIXSKzpDLMrfvlCiGr5IN+rJB5OK6+TVn4mFKDor/JnVbBwuhI6oco1o
ITq7WiEiHVo+Fng+OxC/BbnlaiR/b1TlZtTN93qOj2pZYLKzbUCe64WW6QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFIX7b33psSU1LaPX/N0tx74/1uuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVWhmdHZmZW14SlRVdG85ZjgzUzNIdmpfVzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcAKgbeAAAQ
AwcAKg6XwAQRAwcAKg6XwAjgAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQw
DQYJKoZIhvcNAQELBQADggEBAILbquuob0JLBeQdlC7kwLvW/stCXW08VEf1Iaga
HQ/zhHCBCKN5lnuxoFVCNhtDKhdDVdiS4gE38AzBNcmkcICb63BUlxACoIg4eIf8
c/vAEcQLeFSh8YMAhNXQ8QJ04cDbihVcjJK3gNml3k74ikhLFU9TvAQQuzgtt3tR
V8B40jRdOQ/WnRgO04g17crnNfsJUsyFs6xHanUAoXf3A3YldEhTa72OUG7Zlg9k
dAlegX8KuJopBK2115zpCfHKeTjR9T+ZIs0KQaeKo6A0yCglkAbTV110x6tRpWjv
CG9fnVaTcp+sP7l1n6EM048eDGmMQwutUDzXlfpRMZ+hNI8=
-----END CERTIFICATE-----
Generated at Thu May 2 08:22:44 2024 by rpki-client on console-ams.rpki-client.org