Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VJCRC9OY2n2f7ONVdxTbuJyd5l4.roa
File: VJCRC9OY2n2f7ONVdxTbuJyd5l4.roa (raw, json)
Hash identifier: f9pEqoTkwJ/QNKsLe7mT9boSlArsnZzFa/9StsAPymM=
Subject key identifier: 54:90:91:0B:D3:98:DA:7D:9F:EC:E3:55:77:14:DB:B8:9C:9D:E6:5E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD40CDD4754C831E1DD81CFAF232DC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VJCRC9OY2n2f7ONVdxTbuJyd5l4.roa
Signing time: Tue 02 Jan 2024 10:34:32 +0000
ROA not before: Tue 02 Jan 2024 10:34:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212164
IP address blocks: 2a0e:b107:1d20::/48 maxlen: 48
2a0e:b107:1d25::/48 maxlen: 48
2a0e:b107:1d22::/48 maxlen: 48
2a0e:b107:1d2a::/48 maxlen: 48
2a0e:b107:1d24::/48 maxlen: 48
2a0e:b107:1d21::/48 maxlen: 48
2a0e:b107:1d23::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:40:cd:d4:75:4c:83:1e:1d:d8:1c:fa:f2:32:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5490910bd398da7d9fece3557714dbb89c9de65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:87:8c:0b:2e:80:7c:2f:6f:d5:94:f6:a7:bf:
2b:3d:6e:5e:c7:49:8c:6f:b0:55:cc:31:ce:ad:be:
59:fa:3d:35:b9:90:30:ad:0a:e9:36:fb:e6:a6:40:
ea:1b:3b:2d:25:dc:14:c0:3d:96:4e:84:34:c3:76:
02:d1:54:4c:cb:40:e3:47:48:b1:04:ce:a4:1d:b3:
b8:cf:e9:33:21:4d:04:65:0f:0a:24:38:c6:c0:f9:
08:de:f3:79:64:42:ca:87:e2:64:1f:a2:c3:ca:65:
8d:2c:6f:9d:c9:d3:89:f8:da:3e:b5:66:c4:12:61:
b4:57:99:ff:ec:59:d1:97:cf:9b:4e:ea:07:07:28:
43:72:c1:1d:4c:4e:2c:cb:81:16:cb:43:5e:5b:87:
af:21:14:01:49:5f:6c:c1:c2:ed:98:c7:31:f3:07:
33:46:c9:c5:36:ef:80:62:7b:e3:80:09:bf:06:4b:
74:b0:04:e1:c9:28:9a:5b:15:f4:1e:92:17:ff:17:
6c:90:3a:56:2e:90:1f:3f:1c:05:43:f4:0c:58:8a:
27:ee:7b:31:f6:f2:b4:21:d0:b7:d3:c9:40:0f:e1:
10:34:ce:a0:5b:2f:18:e3:68:6d:c9:ad:de:02:c3:
54:06:5c:47:31:d7:5c:7a:63:50:1f:e4:40:77:1c:
cd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:90:91:0B:D3:98:DA:7D:9F:EC:E3:55:77:14:DB:B8:9C:9D:E6:5E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/VJCRC9OY2n2f7ONVdxTbuJyd5l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d20::-2a0e:b107:1d25:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1d2a::/48
Signature Algorithm: sha256WithRSAEncryption
04:bd:6d:56:49:b6:7f:67:e1:48:df:1d:1f:fb:99:b1:31:66:
b2:3c:c9:db:6d:cd:27:d4:a4:78:77:ac:ef:af:90:e7:ca:f5:
dc:bf:9c:52:0f:45:96:69:54:60:01:89:73:f3:bd:96:36:15:
7d:73:86:f7:18:32:46:77:56:18:96:2d:41:63:f9:f5:76:c1:
cf:47:c8:32:cd:55:de:33:67:7f:00:53:74:e0:e2:9b:46:1c:
0e:51:5e:9d:8e:e1:35:b3:e3:a7:f4:5a:df:a4:8e:b2:a7:8d:
de:c4:4d:26:88:0c:0a:3d:0b:01:59:0b:91:ab:b0:7a:77:9d:
6c:2d:2b:a7:98:4b:45:b6:0e:e6:10:f2:6a:6b:d8:ab:48:f7:
d6:34:6e:37:55:37:8a:b7:d2:5c:86:9e:44:15:91:a0:f8:98:
f3:4b:c3:28:92:09:c1:3b:a9:4e:7b:22:d0:43:62:f8:7e:23:
f3:bd:4e:e7:2c:2f:e8:d3:ea:76:87:a9:2d:ea:4f:9e:0b:c3:
83:a3:2a:93:6d:2d:94:ac:33:f1:66:fa:e9:27:32:86:a4:fd:
9c:09:62:09:49:60:c1:2b:fe:45:e6:c6:f6:d7:95:f2:9a:7c:
69:6c:4f:9b:1e:c3:8b:43:a0:89:35:97:07:9c:55:d0:a3:4d:
c0:69:f6:56
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJvUDN1HVMgx4d2Bz68jLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDkwOTEwYmQzOThkYTdkOWZlY2UzNTU3NzE0ZGJiODljOWRlNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoeMCy6AfC9v1ZT2p78rPW5ex0mM
b7BVzDHOrb5Z+j01uZAwrQrpNvvmpkDqGzstJdwUwD2WToQ0w3YC0VRMy0DjR0ix
BM6kHbO4z+kzIU0EZQ8KJDjGwPkI3vN5ZELKh+JkH6LDymWNLG+dydOJ+No+tWbE
EmG0V5n/7FnRl8+bTuoHByhDcsEdTE4sy4EWy0NeW4evIRQBSV9swcLtmMcx8wcz
RsnFNu+AYnvjgAm/Bkt0sAThySiaWxX0HpIX/xdskDpWLpAfPxwFQ/QMWIon7nsx
9vK0IdC308lAD+EQNM6gWy8Y42htya3eAsNUBlxHMddcemNQH+RAdxzNAwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFSQkQvTmNp9n+zjVXcU27icneZeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVkpDUkM5T1kybjJmN09OVmR4VGJ1SnlkNWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwUqDrEH
HSADBwEqDrEHHSQDBwAqDrEHHSowDQYJKoZIhvcNAQELBQADggEBAAS9bVZJtn9n
4UjfHR/7mbExZrI8ydttzSfUpHh3rO+vkOfK9dy/nFIPRZZpVGABiXPzvZY2FX1z
hvcYMkZ3VhiWLUFj+fV2wc9HyDLNVd4zZ38AU3Tg4ptGHA5RXp2O4TWz46f0Wt+k
jrKnjd7ETSaIDAo9CwFZC5GrsHp3nWwtK6eYS0W2DuYQ8mpr2KtI99Y0bjdVN4q3
0lyGnkQVkaD4mPNLwyiSCcE7qU57ItBDYvh+I/O9TucsL+jT6naHqS3qT54Lw4Oj
KpNtLZSsM/Fm+uknMoak/ZwJYglJYMEr/kXmxvbXlfKafGlsT5sew4tDoIk1lwec
VdCjTcBp9lY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:57 2024 by rpki-client on console-ams.rpki-client.org