Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fthFvnCieCKFZMwzHMEAx30M2Gw.roa
File: fthFvnCieCKFZMwzHMEAx30M2Gw.roa (raw, json)
Hash identifier: 4gjZY1+ABJOqhzJhV7sAd8wH6bWPGzHRVkqcEzddwk4=
Subject key identifier: 7E:D8:45:BE:70:A2:78:22:85:64:CC:33:1C:C1:00:C7:7D:0C:D8:6C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019314FAD0B7392E89B192DAAFB98A577CE1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fthFvnCieCKFZMwzHMEAx30M2Gw.roa
Signing time: Sun 10 Nov 2024 07:30:01 +0000
ROA not before: Sun 10 Nov 2024 07:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:14:fa:d0:b7:39:2e:89:b1:92:da:af:b9:8a:57:7c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 10 07:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ed845be70a278228564cc331cc100c77d0cd86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3b:5b:e2:37:24:28:7e:37:aa:b8:28:7c:aa:
fb:6c:3e:e0:e3:f5:4a:64:ec:30:eb:00:e7:6c:aa:
05:15:88:21:62:44:25:7d:09:4f:a1:33:67:83:19:
60:73:ab:6f:72:20:5f:17:3a:f7:5a:26:19:55:a2:
cb:27:99:9e:2f:89:e7:87:06:7a:b3:75:6f:04:7b:
d5:f5:5a:dc:2a:78:2f:81:93:5b:93:6d:4d:18:2e:
64:37:09:55:00:c1:d4:2c:90:b7:92:ee:d2:58:08:
dd:49:87:1a:71:2d:8c:51:ae:44:6a:55:f0:ad:92:
17:e5:d2:e8:2b:15:de:c5:fe:a4:d3:5c:6d:13:22:
b3:7e:52:ec:f7:9c:35:9d:0a:fe:28:4c:b7:9c:77:
e1:68:a3:e6:ea:43:9d:71:df:59:1f:03:97:a7:b4:
36:d0:9c:fe:26:25:07:eb:ea:d1:56:c9:9b:0e:bf:
f7:90:a3:61:85:a1:71:c6:76:32:7c:9f:57:df:86:
30:3e:8c:6b:a0:6d:21:15:36:d8:70:4f:02:36:a2:
34:54:f3:4b:24:88:68:08:59:f5:ee:dc:ce:f1:7a:
bf:bd:ec:1c:a1:f8:d0:9a:78:f6:69:63:e8:90:d2:
c6:d0:ca:98:2c:af:12:1a:02:75:57:d6:1e:ca:fb:
23:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:D8:45:BE:70:A2:78:22:85:64:CC:33:1C:C1:00:C7:7D:0C:D8:6C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fthFvnCieCKFZMwzHMEAx30M2Gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
Signature Algorithm: sha256WithRSAEncryption
21:8b:99:2b:d8:5d:5e:89:fc:92:2d:0a:81:20:e9:31:da:90:
af:c0:d6:8b:3b:ce:6a:b5:18:4f:95:ab:44:cf:1d:e4:a9:6b:
6a:8a:c2:49:48:03:a0:ad:6f:9b:40:47:21:08:7a:0c:03:b7:
82:89:a1:5b:20:04:7b:62:3e:b8:b5:ce:3c:ad:3a:19:a0:52:
b3:95:bf:50:a2:17:de:52:0a:6d:52:20:7b:a0:1f:b7:d0:53:
7c:62:21:ae:07:61:dd:34:48:fb:7f:a3:93:2a:19:37:ed:bf:
44:19:97:9b:4b:34:0c:57:60:e2:09:b2:71:3c:00:bd:7e:37:
24:b1:47:77:04:5b:90:37:79:12:c0:44:67:68:e4:6b:f6:6a:
66:cc:e9:bb:92:04:36:c0:dd:10:65:25:bd:a9:7f:6c:87:f6:
58:11:5d:d6:63:06:91:59:a4:2f:f0:05:1c:36:66:cc:b3:2c:
77:39:3c:d4:a5:7b:cb:5b:31:ac:fd:7f:b6:05:25:e6:0b:5e:
4f:30:dc:19:3d:3f:fe:5c:99:2f:75:82:6a:f2:c1:11:ff:03:
7b:bb:59:89:52:33:c6:4d:ac:53:92:f5:3d:d1:56:dc:8e:14:
cd:41:37:06:f0:0b:13:56:41:9f:a2:fe:77:d8:c2:d0:63:ef:
c2:a3:17:90
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZMU+tC3OS6JsZLar7mKV3zhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTEwMDczMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWQ4NDViZTcwYTI3ODIyODU2NGNjMzMxY2MxMDBjNzdkMGNkODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ztb4jckKH43qrgofKr7bD7g4/VK
ZOww6wDnbKoFFYghYkQlfQlPoTNngxlgc6tvciBfFzr3WiYZVaLLJ5meL4nnhwZ6
s3VvBHvV9VrcKngvgZNbk21NGC5kNwlVAMHULJC3ku7SWAjdSYcacS2MUa5EalXw
rZIX5dLoKxXexf6k01xtEyKzflLs95w1nQr+KEy3nHfhaKPm6kOdcd9ZHwOXp7Q2
0Jz+JiUH6+rRVsmbDr/3kKNhhaFxxnYyfJ9X34YwPoxroG0hFTbYcE8CNqI0VPNL
JIhoCFn17tzO8Xq/vewcofjQmnj2aWPokNLG0MqYLK8SGgJ1V9Yeyvsj/wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFH7YRb5wongihWTMMxzBAMd9DNhsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZnRoRnZuQ2llQ0tGWk13ekhNRUF4MzBNMkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcAKg6XwAQR
AwcAKg6XwAjgAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQDBwIqDrEHKIAw
DQYJKoZIhvcNAQELBQADggEBACGLmSvYXV6J/JItCoEg6THakK/A1os7zmq1GE+V
q0TPHeSpa2qKwklIA6Ctb5tARyEIegwDt4KJoVsgBHtiPri1zjytOhmgUrOVv1Ci
F95SCm1SIHugH7fQU3xiIa4HYd00SPt/o5MqGTftv0QZl5tLNAxXYOIJsnE8AL1+
NySxR3cEW5A3eRLARGdo5Gv2ambM6buSBDbA3RBlJb2pf2yH9lgRXdZjBpFZpC/w
BRw2ZsyzLHc5PNSle8tbMaz9f7YFJeYLXk8w3Bk9P/5cmS91gmrywRH/A3u7WYlS
M8ZNrFOS9T3RVtyOFM1BNwbwCxNWQZ+i/nfYwtBj78KjF5A=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:58 2024 by rpki-client on console-ams.rpki-client.org