Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YGl-wEFtACYdgEFr6mdS_qHTy-o.roa
File: YGl-wEFtACYdgEFr6mdS_qHTy-o.roa (raw, json)
Hash identifier: AhjJLM8sPigJWsm359Sz4Aj4irCQD1ya5hNJBGr6uyc=
Subject key identifier: 60:69:7E:C0:41:6D:00:26:1D:80:41:6B:EA:67:52:FE:A1:D3:CB:EA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD5AE75D2B4FAE55C010400EAD2DF1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YGl-wEFtACYdgEFr6mdS_qHTy-o.roa
Signing time: Tue 02 Jan 2024 10:34:39 +0000
ROA not before: Tue 02 Jan 2024 10:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216457
IP address blocks: 2a0e:b107:27ad::/48 maxlen: 48
2a10:2f00:198::/48 maxlen: 48
2a0e:b107:27ac::/48 maxlen: 48
2a0e:b107:27a9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 09:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:5a:e7:5d:2b:4f:ae:55:c0:10:40:0e:ad:2d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60697ec0416d00261d80416bea6752fea1d3cbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:65:82:cf:59:c7:56:cb:e8:66:52:ba:06:96:
33:f7:67:2a:41:e5:90:60:1c:ba:3e:f0:5d:6e:92:
8d:9d:f0:92:28:38:25:79:b1:50:79:0f:6e:d9:75:
ef:fe:db:df:16:8a:c2:75:4b:eb:f7:1b:9c:be:8b:
08:b5:00:33:22:a6:53:e0:db:e6:18:78:b4:e7:c9:
8c:40:f1:83:65:8d:e7:97:d8:e5:36:06:82:1a:07:
1a:b4:9c:0d:66:17:d0:00:e6:5a:95:17:c2:5f:c0:
66:b2:83:b2:b1:01:1a:18:36:50:d1:1f:40:b7:8c:
e6:aa:5e:c2:ce:9f:02:d8:65:c6:3e:ab:3e:67:b2:
51:b0:43:3b:e9:b7:75:fc:4c:eb:43:f1:0f:20:4e:
68:f9:4b:1d:5a:5b:3c:9e:92:9f:5f:36:53:a9:85:
67:d9:ed:85:b5:c6:07:6f:c4:47:ba:af:e6:da:07:
c8:48:97:34:1e:43:a2:62:99:7b:5d:b8:dc:0e:99:
d6:7d:30:38:d3:89:1b:60:e1:24:c0:f7:15:c0:73:
4d:c3:93:7f:3a:8c:7f:c2:b2:49:d4:59:22:20:29:
26:de:2c:3c:44:0b:f7:98:a4:10:99:92:7c:82:72:
ec:49:d2:4c:b7:7b:a5:2f:04:bb:2a:a0:82:dd:1c:
62:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:69:7E:C0:41:6D:00:26:1D:80:41:6B:EA:67:52:FE:A1:D3:CB:EA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/YGl-wEFtACYdgEFr6mdS_qHTy-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27a9::/48
2a0e:b107:27ac::/47
2a10:2f00:198::/48
Signature Algorithm: sha256WithRSAEncryption
53:71:2d:c7:e0:4d:51:de:a2:3d:60:4c:f3:a5:56:aa:3c:7e:
e8:b7:17:f2:e5:06:84:56:96:0c:fd:6a:1e:c4:e2:c4:65:5d:
1f:00:1a:da:52:53:69:6a:07:bf:0e:30:8c:a6:1b:9e:03:b1:
04:8c:23:de:db:fe:0e:38:8d:21:33:58:23:2e:b7:36:a1:fe:
5b:31:11:42:4d:ab:3d:a6:1f:f1:91:2b:a7:8a:35:8f:79:6f:
99:81:f6:2e:93:61:86:70:22:fa:cf:3a:73:80:fd:53:e7:ac:
ff:97:0a:67:db:0c:d3:58:82:00:00:5d:21:ee:83:91:40:0f:
12:5d:c6:3f:1a:f1:23:09:6e:d5:4b:c4:91:b3:7f:c2:7b:ff:
01:25:22:e2:29:1c:1c:ac:68:f8:da:ca:a2:e8:2c:8e:65:a0:
22:4f:13:e6:90:fe:97:4a:bf:4b:c0:e5:36:4c:0f:f5:f3:c6:
83:3b:0d:f0:ef:09:5e:df:85:f5:9a:1b:e8:ab:80:46:34:51:
3f:2d:e4:1b:83:f7:c2:69:6a:42:1a:1b:b5:74:52:54:15:41:
b7:0a:23:61:0c:53:20:c0:79:bf:8d:f5:46:93:cf:fb:a1:fb:
60:88:a5:1b:8f:7c:76:d2:e1:ac:1f:11:ef:b3:bd:91:11:34:
4a:92:93:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvVrnXStPrlXAEEAOrS3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY5N2VjMDQxNmQwMDI2MWQ4MDQxNmJlYTY3NTJmZWExZDNjYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWWCz1nHVsvoZlK6BpYz92cqQeWQ
YBy6PvBdbpKNnfCSKDglebFQeQ9u2XXv/tvfForCdUvr9xucvosItQAzIqZT4Nvm
GHi058mMQPGDZY3nl9jlNgaCGgcatJwNZhfQAOZalRfCX8BmsoOysQEaGDZQ0R9A
t4zmql7Czp8C2GXGPqs+Z7JRsEM76bd1/EzrQ/EPIE5o+UsdWls8npKfXzZTqYVn
2e2FtcYHb8RHuq/m2gfISJc0HkOiYpl7XbjcDpnWfTA404kbYOEkwPcVwHNNw5N/
Oox/wrJJ1FkiICkm3iw8RAv3mKQQmZJ8gnLsSdJMt3ulLwS7KqCC3RxiuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGBpfsBBbQAmHYBBa+pnUv6h08vqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWUdsLXdFRnRBQ1lkZ0VGcjZtZFNfcUhUeS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xByep
AwcBKg6xByesAwcAKhAvAAGYMA0GCSqGSIb3DQEBCwUAA4IBAQBTcS3H4E1R3qI9
YEzzpVaqPH7otxfy5QaEVpYM/WoexOLEZV0fABraUlNpage/DjCMphueA7EEjCPe
2/4OOI0hM1gjLrc2of5bMRFCTas9ph/xkSunijWPeW+ZgfYuk2GGcCL6zzpzgP1T
56z/lwpn2wzTWIIAAF0h7oORQA8SXcY/GvEjCW7VS8SRs3/Ce/8BJSLiKRwcrGj4
2sqi6CyOZaAiTxPmkP6XSr9LwOU2TA/188aDOw3w7wle34X1mhvoq4BGNFE/LeQb
g/fCaWpCGhu1dFJUFUG3CiNhDFMgwHm/jfVGk8/7oftgiKUbj3x20uGsHxHvs72R
ETRKkpOV
-----END CERTIFICATE-----
Generated at Fri May 3 12:39:05 2024 by rpki-client on console-fra.rpki-client.org