Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/blhoTUAVLSZX7BsmjJ4BtexG3wA.roa
File: blhoTUAVLSZX7BsmjJ4BtexG3wA.roa (raw, json)
Hash identifier: KbbYNhWwBlJ59Ts9yD5l915HGEvodTA5NXVSZdP7ggk=
Subject key identifier: 6E:58:68:4D:40:15:2D:26:57:EC:1B:26:8C:9E:01:B5:EC:46:DF:00
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD4771B45E0268CB90608BC4497536
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/blhoTUAVLSZX7BsmjJ4BtexG3wA.roa
Signing time: Tue 02 Jan 2024 10:34:34 +0000
ROA not before: Tue 02 Jan 2024 10:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212580
IP address blocks: 2a0e:b107:e00::/44 maxlen: 48
2a0e:b107:de0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:47:71:b4:5e:02:68:cb:90:60:8b:c4:49:75:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e58684d40152d2657ec1b268c9e01b5ec46df00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ea:6d:d0:06:98:a8:c2:a4:c5:90:78:aa:90:
f9:c7:1d:ea:fb:ec:1f:bd:cc:2d:b7:fb:a6:f5:d3:
58:43:f6:a5:7c:a1:48:8f:11:35:39:2a:c3:af:13:
5a:30:2b:59:1e:31:a2:41:41:45:9f:a5:ba:c5:fb:
be:af:92:e6:4b:13:6d:03:50:8d:75:3c:e3:44:3e:
2d:a5:07:32:44:c5:d6:8d:17:f1:9d:99:ea:db:fc:
4d:29:9b:2d:ff:33:37:a0:3e:c8:a8:b8:6f:a2:4b:
a4:be:0d:b4:dc:9a:8a:be:c5:73:4f:ab:ad:b7:47:
94:57:2f:e5:b9:3e:82:a5:99:1a:41:95:4b:fb:20:
99:0b:c8:8a:f9:4e:7e:b6:70:d6:23:7c:3e:12:20:
5d:f3:66:cb:90:79:ae:91:94:67:30:82:6f:fb:58:
d0:4b:59:a1:a5:f7:6d:0f:df:60:c9:aa:8f:94:ec:
0e:29:f8:a9:87:df:2e:81:48:f4:d4:0b:be:82:5d:
84:81:72:7b:34:a0:cc:25:a4:86:a1:b3:ef:98:04:
d1:48:04:59:1b:68:e5:20:37:c0:0c:f3:8f:28:54:
89:b5:5c:15:6c:03:99:e9:ad:ba:d4:11:c7:cb:9a:
4e:de:23:2d:76:3a:fe:14:47:c8:ea:03:24:25:92:
9b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:58:68:4D:40:15:2D:26:57:EC:1B:26:8C:9E:01:B5:EC:46:DF:00
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/blhoTUAVLSZX7BsmjJ4BtexG3wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:de0::/44
2a0e:b107:e00::/44
Signature Algorithm: sha256WithRSAEncryption
c8:30:d1:b1:50:28:52:95:4f:aa:1f:d8:28:76:67:c8:81:15:
b6:79:b3:fc:f4:29:1f:95:ca:8b:40:e5:b3:7b:6b:b0:ea:a8:
6f:54:1c:cc:b8:f3:66:54:84:eb:25:0b:02:3b:92:2c:f3:24:
bb:57:ec:16:55:3a:18:58:cb:3d:ef:64:24:33:fa:1f:1e:2d:
b1:64:39:1a:26:b2:37:5c:54:1a:29:10:97:09:03:51:95:da:
cf:16:ee:db:9d:7c:21:c0:be:af:05:1f:89:75:df:fa:0e:3f:
d8:99:f1:54:e4:d6:48:52:c1:5f:7d:14:fb:5e:22:59:50:bd:
7d:04:b9:e1:2a:22:26:ee:4f:56:f1:61:b3:82:de:1c:1d:ee:
b7:ff:25:99:ec:75:c9:8e:e8:54:f0:81:07:d2:44:03:27:c5:
c1:03:c0:08:93:ae:87:f3:03:1a:83:85:fe:9c:bf:12:54:f6:
fe:24:84:b4:b6:d2:4e:7a:da:69:e6:2f:fc:a1:88:70:3c:08:
32:a8:6f:34:15:09:80:49:87:ae:a3:85:88:72:0f:6f:55:42:
2a:98:d9:fd:06:ae:97:66:d9:d1:41:c4:b9:8d:46:1b:ba:74:
ca:ee:99:4a:83:cb:5f:cd:02:64:ca:97:dd:1a:79:6d:4c:e5:
1a:c6:64:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvUdxtF4CaMuQYIvESXU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU4Njg0ZDQwMTUyZDI2NTdlYzFiMjY4YzllMDFiNWVjNDZkZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnept0AaYqMKkxZB4qpD5xx3q++wf
vcwtt/um9dNYQ/alfKFIjxE1OSrDrxNaMCtZHjGiQUFFn6W6xfu+r5LmSxNtA1CN
dTzjRD4tpQcyRMXWjRfxnZnq2/xNKZst/zM3oD7IqLhvokukvg203JqKvsVzT6ut
t0eUVy/luT6CpZkaQZVL+yCZC8iK+U5+tnDWI3w+EiBd82bLkHmukZRnMIJv+1jQ
S1mhpfdtD99gyaqPlOwOKfiph98ugUj01Au+gl2EgXJ7NKDMJaSGobPvmATRSARZ
G2jlIDfADPOPKFSJtVwVbAOZ6a261BHHy5pO3iMtdjr+FEfI6gMkJZKbzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG5YaE1AFS0mV+wbJoyeAbXsRt8AMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYmxob1RVQVZMU1pYN0JzbWpKNEJ0ZXhHM3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBw3g
AwcEKg6xBw4AMA0GCSqGSIb3DQEBCwUAA4IBAQDIMNGxUChSlU+qH9godmfIgRW2
ebP89CkflcqLQOWze2uw6qhvVBzMuPNmVITrJQsCO5Is8yS7V+wWVToYWMs972Qk
M/ofHi2xZDkaJrI3XFQaKRCXCQNRldrPFu7bnXwhwL6vBR+Jdd/6Dj/YmfFU5NZI
UsFffRT7XiJZUL19BLnhKiIm7k9W8WGzgt4cHe63/yWZ7HXJjuhU8IEH0kQDJ8XB
A8AIk66H8wMag4X+nL8SVPb+JIS0ttJOetpp5i/8oYhwPAgyqG80FQmASYeuo4WI
cg9vVUIqmNn9Bq6XZtnRQcS5jUYbunTK7plKg8tfzQJkypfdGnltTOUaxmQl
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:57 2024 by rpki-client on console-ams.rpki-client.org