Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XTSH5eSmrAf6gRZ25fGZ2SwKifs.roa
File: XTSH5eSmrAf6gRZ25fGZ2SwKifs.roa (raw, json)
Hash identifier: sFtjOdCmzhQDBPbEPwCr+WiNWtPt7ut3xu43uL7/1Gk=
Subject key identifier: 5D:34:87:E5:E4:A6:AC:07:FA:81:16:76:E5:F1:99:D9:2C:0A:89:FB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCBE432C75F33DBB448091DFDF0510
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XTSH5eSmrAf6gRZ25fGZ2SwKifs.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5687
IP address blocks: 2a0e:b107:2130::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:be:43:2c:75:f3:3d:bb:44:80:91:df:df:05:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d3487e5e4a6ac07fa811676e5f199d92c0a89fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b0:69:15:d3:8f:4f:a8:d6:5e:86:eb:8d:0f:
7a:56:f8:53:c6:76:da:05:22:21:52:9a:a2:56:0b:
e0:68:06:6c:74:c4:ee:09:6b:ab:43:84:6f:19:44:
2f:e2:4d:d6:2f:87:14:47:20:52:d9:2a:19:20:11:
87:b4:dd:05:34:87:2d:c2:f2:af:81:0c:13:f0:d6:
72:3b:7f:28:36:94:82:cf:97:b2:0e:bd:56:7b:09:
8d:84:cb:81:11:be:4d:40:d0:e6:ce:e3:13:cb:81:
8a:d9:6b:f8:cd:d8:73:23:e9:cb:82:6e:43:6e:8a:
bc:37:02:5e:07:12:43:db:9e:a9:e2:24:c4:a2:83:
60:53:72:d7:ce:6e:00:0f:10:71:95:a0:5f:e2:ba:
90:cf:8e:8b:7a:89:96:e1:92:37:a7:16:1c:66:d9:
8f:a8:6f:ed:ca:7b:45:4a:bb:e5:c7:93:ee:4c:2f:
5f:11:03:bd:b9:a5:a9:3c:6c:11:92:72:69:06:11:
58:2d:c4:3e:e0:10:92:c0:54:0b:42:88:b3:25:5d:
76:be:8f:04:3f:3d:93:01:07:65:84:63:76:e2:50:
a4:7f:7a:f9:f4:05:dc:5f:1c:03:5a:2f:20:13:2e:
3b:81:22:30:51:68:58:cc:4b:91:91:d0:eb:15:7a:
bf:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:34:87:E5:E4:A6:AC:07:FA:81:16:76:E5:F1:99:D9:2C:0A:89:FB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/XTSH5eSmrAf6gRZ25fGZ2SwKifs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2130::/44
Signature Algorithm: sha256WithRSAEncryption
21:b4:b6:56:ee:e3:d0:d3:a9:4a:99:6e:a4:06:26:bf:3f:93:
7b:b4:ee:2f:ba:f1:c6:88:81:8f:36:02:5a:a6:df:ff:28:08:
ee:15:f3:00:f3:45:f9:26:21:20:05:ee:97:e9:81:6f:00:02:
86:bc:e2:33:8d:dc:be:4f:14:d7:95:e1:7e:48:c6:ee:c2:a8:
b4:86:58:83:17:dd:95:7d:d9:20:17:19:4f:9c:9b:01:d7:44:
ce:f8:e8:39:99:73:40:4b:15:6c:4c:7e:7e:7f:a1:82:55:ef:
ec:f3:90:cd:59:4a:12:9e:6f:38:1d:65:0d:99:9b:4b:d3:b5:
35:5f:4a:cb:92:4a:88:53:6d:75:e3:51:11:d9:b7:46:22:a1:
5e:48:00:88:b8:a5:ce:24:32:e6:85:34:63:b0:03:7b:ce:f3:
40:2d:30:9e:de:ee:b2:2e:0d:85:67:27:bd:0c:8f:63:00:03:
a5:94:6a:23:e4:5f:e6:dc:f2:91:cd:0e:4f:65:1a:36:42:6a:
aa:c0:26:c0:4f:67:60:e5:5a:14:1a:40:a1:c5:d4:d1:24:a1:
5c:f6:09:1f:54:5b:fe:fe:5e:cf:97:d8:01:d0:8c:16:ec:b7:
1e:ee:01:56:ef:f4:42:89:4b:5e:f5:a4:1b:a5:22:72:ee:f2:
ce:3c:da:99
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvL5DLHXzPbtEgJHf3wUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM0ODdlNWU0YTZhYzA3ZmE4MTE2NzZlNWYxOTlkOTJjMGE4OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrBpFdOPT6jWXobrjQ96VvhTxnba
BSIhUpqiVgvgaAZsdMTuCWurQ4RvGUQv4k3WL4cURyBS2SoZIBGHtN0FNIctwvKv
gQwT8NZyO38oNpSCz5eyDr1WewmNhMuBEb5NQNDmzuMTy4GK2Wv4zdhzI+nLgm5D
boq8NwJeBxJD256p4iTEooNgU3LXzm4ADxBxlaBf4rqQz46LeomW4ZI3pxYcZtmP
qG/tyntFSrvlx5PuTC9fEQO9uaWpPGwRknJpBhFYLcQ+4BCSwFQLQoizJV12vo8E
Pz2TAQdlhGN24lCkf3r59AXcXxwDWi8gEy47gSIwUWhYzEuRkdDrFXq/ywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF00h+XkpqwH+oEWduXxmdksCon7MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWFRTSDVlU21yQWY2Z1JaMjVmR1oyU3dLaWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByEw
MA0GCSqGSIb3DQEBCwUAA4IBAQAhtLZW7uPQ06lKmW6kBia/P5N7tO4vuvHGiIGP
NgJapt//KAjuFfMA80X5JiEgBe6X6YFvAAKGvOIzjdy+TxTXleF+SMbuwqi0hliD
F92VfdkgFxlPnJsB10TO+Og5mXNASxVsTH5+f6GCVe/s85DNWUoSnm84HWUNmZtL
07U1X0rLkkqIU21141ER2bdGIqFeSACIuKXOJDLmhTRjsAN7zvNALTCe3u6yLg2F
Zye9DI9jAAOllGoj5F/m3PKRzQ5PZRo2QmqqwCbAT2dg5VoUGkChxdTRJKFc9gkf
VFv+/l7Pl9gB0IwW7Lce7gFW7/RCiUte9aQbpSJy7vLOPNqZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:31 2024 by rpki-client on console-fra.rpki-client.org