Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WuqxgVwaqeKbnP5jl2hwON3xCAc.roa
File: WuqxgVwaqeKbnP5jl2hwON3xCAc.roa (raw, json)
Hash identifier: bOl1efZjBymMl9qhWqmnrwxH895U6vDQRrEVb35/nKw=
Subject key identifier: 5A:EA:B1:81:5C:1A:A9:E2:9B:9C:FE:63:97:68:70:38:DD:F1:08:07
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522303281FCDECBCACAC8B07E52B249
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WuqxgVwaqeKbnP5jl2hwON3xCAc.roa
Signing time: Thu 02 Jan 2025 03:49:45 +0000
ROA not before: Thu 02 Jan 2025 03:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208699
IP address blocks: 2a0e:97c0:730::/48 maxlen: 48
2a0e:97c0:731::/48 maxlen: 48
2a0e:97c0:738::/45 maxlen: 48
2a0e:b107:9fe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:30:32:81:fc:de:cb:ca:ca:c8:b0:7e:52:b2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5aeab1815c1aa9e29b9cfe6397687038ddf10807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3f:4a:67:e8:af:ef:e0:29:99:9b:95:57:09:
0f:30:5b:e5:45:f2:23:e1:34:d3:87:63:cf:16:a2:
36:d3:61:70:50:f3:32:d8:f6:f3:89:82:70:40:de:
9b:79:b8:b1:c4:ff:3a:c4:a5:58:05:b7:60:df:a9:
64:ab:c5:9b:af:d7:80:1f:bd:50:a3:a0:ed:5c:ff:
26:21:29:ca:d8:4e:9a:27:4e:d3:15:74:7b:ee:c4:
7f:52:b8:6c:cf:08:eb:2e:a5:31:a7:ef:91:fc:1b:
c0:6e:c1:39:c9:43:41:f5:d0:ec:b2:01:c6:d9:8f:
ba:06:20:85:3a:b0:88:74:c9:4b:bf:92:56:19:49:
ec:6f:c7:b0:bf:dc:93:ec:73:e0:36:7a:a3:4a:56:
e0:c1:af:30:40:a2:e2:db:5f:c3:6f:72:2b:e4:f8:
d2:f2:3f:cd:f8:54:3c:f1:9d:2b:f9:fa:c2:17:57:
60:51:a5:01:da:56:a4:b0:92:ac:6a:a9:b8:2b:4c:
da:ce:27:2e:f5:a8:56:7b:15:f3:ad:d6:5a:8a:00:
ce:0d:41:74:4f:70:1d:5b:64:aa:72:82:ef:4f:2b:
5d:aa:01:7e:9e:fb:48:07:3c:ff:b5:93:7a:67:65:
fc:69:b9:b4:ce:68:86:55:a7:43:e7:f8:21:1b:f7:
91:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:EA:B1:81:5C:1A:A9:E2:9B:9C:FE:63:97:68:70:38:DD:F1:08:07
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/WuqxgVwaqeKbnP5jl2hwON3xCAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:730::/47
2a0e:97c0:738::/45
2a0e:b107:9fe::/48
Signature Algorithm: sha256WithRSAEncryption
b8:15:84:24:53:50:36:ef:4e:ae:f6:84:21:5f:ee:73:a8:68:
5d:5e:ca:3b:f2:cd:7e:c3:16:00:41:6a:4e:9b:2b:f8:c1:90:
8b:91:e7:4a:03:51:cd:98:cc:78:f3:51:ba:72:5d:97:25:3f:
ce:d2:8f:4e:c7:3f:68:97:f5:fa:62:b5:98:b0:3c:3a:da:78:
78:1f:03:5b:bf:33:49:96:bb:a6:ca:6d:54:70:39:5c:79:07:
f1:c8:aa:05:36:55:29:93:4c:4f:ee:c4:f8:99:96:e1:7a:03:
ff:f8:bd:7b:ec:db:54:d4:55:6d:4a:9a:17:f2:5a:b8:12:21:
f3:65:60:46:17:71:e5:ac:b5:39:24:6e:fe:9f:6c:f6:2b:19:
07:c1:7b:57:33:3a:5a:b2:3e:9a:eb:c3:25:69:6e:9c:eb:dd:
7e:5b:1c:87:6e:ff:26:61:68:8f:5a:ff:b0:00:7e:ff:bb:ca:
d6:c8:27:86:8f:e1:1a:8e:38:2c:cc:98:d3:c5:90:63:40:73:
ef:91:5f:eb:2d:13:08:1d:58:a5:90:dc:b7:5b:f2:ad:9d:ee:
e4:1e:71:a5:06:f3:92:9c:f7:59:4a:4b:93:64:d9:08:d3:28:
04:aa:3d:c0:a2:c8:62:75:27:b8:ab:01:00:50:7e:ac:1d:fa:
5c:de:e3:98
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIjAygfzey8rKyLB+UrJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWVhYjE4MTVjMWFhOWUyOWI5Y2ZlNjM5NzY4NzAzOGRkZjEwODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0j9KZ+iv7+ApmZuVVwkPMFvlRfIj
4TTTh2PPFqI202FwUPMy2PbziYJwQN6bebixxP86xKVYBbdg36lkq8Wbr9eAH71Q
o6DtXP8mISnK2E6aJ07TFXR77sR/UrhszwjrLqUxp++R/BvAbsE5yUNB9dDssgHG
2Y+6BiCFOrCIdMlLv5JWGUnsb8ewv9yT7HPgNnqjSlbgwa8wQKLi21/Db3Ir5PjS
8j/N+FQ88Z0r+frCF1dgUaUB2laksJKsaqm4K0zazicu9ahWexXzrdZaigDODUF0
T3AdW2SqcoLvTytdqgF+nvtIBzz/tZN6Z2X8abm0zmiGVadD5/ghG/eRrQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFrqsYFcGqnim5z+Y5docDjd8QgHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvV3VxeGdWd2FxZUtiblA1amwyaHdPTjN4Q0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKg6XwAcw
AwcDKg6XwAc4AwcAKg6xBwn+MA0GCSqGSIb3DQEBCwUAA4IBAQC4FYQkU1A2706u
9oQhX+5zqGhdXso78s1+wxYAQWpOmyv4wZCLkedKA1HNmMx481G6cl2XJT/O0o9O
xz9ol/X6YrWYsDw62nh4HwNbvzNJlrumym1UcDlceQfxyKoFNlUpk0xP7sT4mZbh
egP/+L177NtU1FVtSpoX8lq4EiHzZWBGF3HlrLU5JG7+n2z2KxkHwXtXMzpasj6a
68MlaW6c691+WxyHbv8mYWiPWv+wAH7/u8rWyCeGj+EajjgszJjTxZBjQHPvkV/r
LRMIHVilkNy3W/Ktne7kHnGlBvOSnPdZSkuTZNkI0ygEqj3AoshidSe4qwEAUH6s
Hfpc3uOY
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:58:37 2025 by rpki-client