Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_G7PhKcAk-YN4fewkPvKkC6uV94.roa
File: _G7PhKcAk-YN4fewkPvKkC6uV94.roa (raw, json)
Hash identifier: nYqWKUykpZomiGo4mouFGwD6iK9pSF3ca9SXpmBYXKM=
Subject key identifier: FC:6E:CF:84:A7:00:93:E6:0D:E1:F7:B0:90:FB:CA:90:2E:AE:57:DE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D0DD7C6676FE9E62F54805194AEE4B60F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_G7PhKcAk-YN4fewkPvKkC6uV94.roa
Signing time: Mon 15 Jan 2024 15:57:41 +0000
ROA not before: Mon 15 Jan 2024 15:57:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215715
IP address blocks: 2a10:ccc1:1000::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:d7:c6:67:6f:e9:e6:2f:54:80:51:94:ae:e4:b6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 15 15:57:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc6ecf84a70093e60de1f7b090fbca902eae57de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:31:84:e4:3e:2b:dc:b3:8c:e6:3a:74:00:b1:
6c:83:20:20:80:04:73:5e:9f:42:b3:8b:ae:60:07:
9b:29:d2:04:57:64:2b:3e:6b:cc:47:4b:16:66:69:
40:c5:6b:2e:df:36:fe:51:99:77:f3:96:7e:e0:ca:
e7:01:6b:7c:7c:76:ea:8a:b2:8e:2f:11:b5:a8:ae:
4a:b5:ee:c2:2a:a4:b7:95:dc:e2:8b:06:e6:83:52:
e1:f0:57:41:cb:90:0a:f7:72:7c:59:d8:aa:46:3a:
a9:b2:21:31:9e:c4:1f:28:4d:8a:e4:5c:e6:30:65:
37:d3:c2:15:26:68:9e:aa:fa:16:b5:39:a5:59:63:
b6:12:e3:fb:d3:16:2e:e7:2e:26:1b:0a:b5:66:48:
9b:6a:fc:fe:d3:cb:83:d8:28:4f:05:c6:ce:09:6f:
60:f6:94:20:f0:e0:b2:af:5a:17:48:6b:44:b4:74:
1b:7b:33:a5:50:0a:58:9d:50:91:eb:bc:da:15:6d:
0d:b4:34:e6:cd:3b:19:1e:f1:f7:ab:bb:7f:b5:61:
d9:df:eb:66:40:92:ea:6c:ed:ba:e2:47:27:9b:46:
0e:57:58:d8:8c:12:aa:d7:82:e8:96:e1:bf:bd:30:
51:be:d8:95:85:21:19:4e:82:41:c2:03:2c:58:c4:
c1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6E:CF:84:A7:00:93:E6:0D:E1:F7:B0:90:FB:CA:90:2E:AE:57:DE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_G7PhKcAk-YN4fewkPvKkC6uV94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc1:1000::/44
Signature Algorithm: sha256WithRSAEncryption
5f:f9:fc:51:b6:c6:29:c7:fe:d7:25:3f:f1:bf:e4:59:a1:82:
ca:3e:b5:cb:73:52:65:c6:20:c5:54:b7:0e:ba:4a:a8:45:45:
63:3e:ba:51:4a:b3:38:ff:b0:46:bf:42:3d:fd:26:62:b6:27:
59:99:92:a6:33:5b:46:20:db:5a:4d:c8:31:a8:a4:42:a8:68:
a8:dd:4a:68:21:1c:b5:96:7c:e5:94:d1:fd:89:1b:ce:ce:79:
64:8c:1d:67:c1:ed:16:1f:3d:b8:c4:a9:10:5a:03:ba:7a:c5:
ba:b9:a1:87:36:a9:3f:d0:af:fb:91:04:b5:3c:6c:41:8d:aa:
c6:e7:22:a9:40:34:37:64:dc:ff:a2:a8:ef:95:fa:d0:2c:75:
c3:56:cd:cc:07:11:96:fb:c2:bb:62:fa:d3:11:b5:10:29:56:
c1:64:a0:97:2d:e2:59:bd:27:05:52:9f:b1:72:7a:84:01:c7:
35:01:c4:b8:7f:71:ae:25:f6:08:e5:5e:5a:82:ca:d8:73:d9:
68:a1:b7:38:ec:30:e0:a8:bf:9b:6a:7a:2d:6a:37:15:84:ef:
09:15:98:c8:5e:59:91:74:2b:01:97:58:6b:38:dc:75:9c:ec:
95:ec:ae:2a:91:de:fe:3c:56:b5:e1:5f:1b:98:5e:62:42:0d:
1d:06:d9:22
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0N18Znb+nmL1SAUZSu5LYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE1MTU1NzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzZlY2Y4NGE3MDA5M2U2MGRlMWY3YjA5MGZiY2E5MDJlYWU1N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjGE5D4r3LOM5jp0ALFsgyAggARz
Xp9Cs4uuYAebKdIEV2QrPmvMR0sWZmlAxWsu3zb+UZl385Z+4MrnAWt8fHbqirKO
LxG1qK5Kte7CKqS3ldziiwbmg1Lh8FdBy5AK93J8WdiqRjqpsiExnsQfKE2K5Fzm
MGU308IVJmieqvoWtTmlWWO2EuP70xYu5y4mGwq1Zkibavz+08uD2ChPBcbOCW9g
9pQg8OCyr1oXSGtEtHQbezOlUApYnVCR67zaFW0NtDTmzTsZHvH3q7t/tWHZ3+tm
QJLqbO264kcnm0YOV1jYjBKq14LoluG/vTBRvtiVhSEZToJBwgMsWMTBAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPxuz4SnAJPmDeH3sJD7ypAurlfeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX0c3UGhLY0FrLVlONGZld2tQdktrQzZ1Vjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMwRAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBf+fxRtsYpx/7XJT/xv+RZoYLKPrXLc1JlxiDF
VLcOukqoRUVjPrpRSrM4/7BGv0I9/SZitidZmZKmM1tGINtaTcgxqKRCqGio3Upo
IRy1lnzllNH9iRvOznlkjB1nwe0WHz24xKkQWgO6esW6uaGHNqk/0K/7kQS1PGxB
jarG5yKpQDQ3ZNz/oqjvlfrQLHXDVs3MBxGW+8K7YvrTEbUQKVbBZKCXLeJZvScF
Up+xcnqEAcc1AcS4f3GuJfYI5V5agsrYc9loobc47DDgqL+banotajcVhO8JFZjI
XlmRdCsBl1hrONx1nOyV7K4qkd7+PFa14V8bmF5iQg0dBtki
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:57 2024 by rpki-client on console-ams.rpki-client.org