Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g4kMhUceHdGzdhnobDm6ShNmBxk.roa
File: g4kMhUceHdGzdhnobDm6ShNmBxk.roa (raw, json)
Hash identifier: dyRGknkh4b2jRlXPfzEfHcl/z/MimBm+Ji2Ye20pYk4=
Subject key identifier: 83:89:0C:85:47:1E:1D:D1:B3:76:19:E8:6C:39:BA:4A:13:66:07:19
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD4622BC31C5AE7B86039FE3A960B3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g4kMhUceHdGzdhnobDm6ShNmBxk.roa
Signing time: Tue 02 Jan 2024 10:34:33 +0000
ROA not before: Tue 02 Jan 2024 10:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212514
IP address blocks: 2a0e:b107:f0::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:46:22:bc:31:c5:ae:7b:86:03:9f:e3:a9:60:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83890c85471e1dd1b37619e86c39ba4a13660719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c7:4e:44:dd:38:cf:9f:40:93:67:b6:5b:6e:
58:71:3d:b4:a0:da:dd:0e:97:ae:e0:ee:5b:0b:26:
13:74:e5:84:2f:55:9e:14:b4:fb:d8:03:db:fd:b0:
47:e5:d0:ee:d1:36:60:30:29:a4:60:fb:41:f0:d6:
8e:cc:ab:86:8a:22:73:8a:20:77:cd:a3:9e:a5:d6:
3f:f8:62:d8:f5:c7:67:aa:b7:e2:56:7a:32:dc:ea:
28:45:e4:57:a9:63:1b:43:24:9a:4f:c4:50:d7:e4:
35:fc:ec:23:61:42:53:80:3c:e0:76:bd:2c:5b:5a:
ba:24:91:4c:39:24:a6:52:29:0a:3a:4e:68:c7:48:
a7:a2:c1:95:76:62:66:14:b2:28:da:a9:6e:12:fe:
bd:bd:44:49:14:3c:d6:c9:70:26:e5:47:61:6a:21:
be:9a:39:2e:9b:fc:20:6a:e5:1d:20:d0:3b:7a:92:
f6:9c:a4:56:e3:77:5d:bf:a0:3e:d3:0e:ae:7c:b7:
dc:db:63:f2:e8:e0:53:19:13:06:cf:80:14:95:79:
e2:4c:44:ed:56:63:88:2f:c5:49:d0:2f:b1:a0:41:
fe:6c:25:8c:a6:cd:6c:b0:72:d8:79:9c:1a:53:40:
d8:eb:a1:0d:5b:9f:85:ab:c2:c0:6a:24:3b:a7:ab:
6a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:89:0C:85:47:1E:1D:D1:B3:76:19:E8:6C:39:BA:4A:13:66:07:19
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g4kMhUceHdGzdhnobDm6ShNmBxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f0::/47
Signature Algorithm: sha256WithRSAEncryption
c6:f6:79:ba:bf:95:78:36:02:f4:5b:ab:01:2d:79:42:94:e4:
81:28:ec:03:26:fc:b8:54:cf:84:8c:bc:16:b7:92:99:14:2e:
a4:6f:e3:ce:17:0b:c5:fb:13:96:04:3c:0d:86:dd:38:d3:72:
27:e3:a9:ea:dc:f2:d5:93:0c:32:92:8d:52:ff:41:a8:5d:bf:
e8:f8:68:68:40:00:1e:64:e3:92:bf:fe:f7:1a:36:79:65:b0:
db:ba:c6:b2:1f:67:3d:fd:b5:ee:7d:aa:a5:28:9f:52:99:36:
11:45:0b:0e:04:3c:ef:74:1f:5e:a4:9b:2a:38:76:46:e6:64:
d9:11:31:98:f5:a3:4a:8c:04:44:39:20:e6:73:64:84:f5:bd:
40:90:70:62:4a:26:ee:5d:2f:b8:6d:7b:5e:14:3c:7c:ca:6a:
06:dc:67:d0:aa:59:14:ce:1c:c1:66:26:3d:b0:99:77:f6:e5:
94:43:33:28:cb:57:a0:3f:ab:f0:24:9a:e5:b6:95:ef:09:77:
a5:c1:95:3d:e4:2b:2b:4d:60:83:f3:db:28:a8:06:38:75:54:
43:95:b7:92:51:6b:88:df:6d:71:2b:45:3e:8d:71:01:de:46:
8a:cf:76:88:ee:22:19:7b:04:09:7a:d1:4f:40:a7:a7:15:71:
74:30:33:fc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvUYivDHFrnuGA5/jqWCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzg5MGM4NTQ3MWUxZGQxYjM3NjE5ZTg2YzM5YmE0YTEzNjYwNzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsdORN04z59Ak2e2W25YcT20oNrd
Dpeu4O5bCyYTdOWEL1WeFLT72APb/bBH5dDu0TZgMCmkYPtB8NaOzKuGiiJziiB3
zaOepdY/+GLY9cdnqrfiVnoy3OooReRXqWMbQySaT8RQ1+Q1/OwjYUJTgDzgdr0s
W1q6JJFMOSSmUikKOk5ox0inosGVdmJmFLIo2qluEv69vURJFDzWyXAm5UdhaiG+
mjkum/wgauUdINA7epL2nKRW43ddv6A+0w6ufLfc22Py6OBTGRMGz4AUlXniTETt
VmOIL8VJ0C+xoEH+bCWMps1ssHLYeZwaU0DY66ENW5+Fq8LAaiQ7p6tq3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIOJDIVHHh3Rs3YZ6Gw5ukoTZgcZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZzRrTWhVY2VIZEd6ZGhub2JEbTZTaE5tQnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6xBwDw
MA0GCSqGSIb3DQEBCwUAA4IBAQDG9nm6v5V4NgL0W6sBLXlClOSBKOwDJvy4VM+E
jLwWt5KZFC6kb+POFwvF+xOWBDwNht0403In46nq3PLVkwwyko1S/0GoXb/o+Gho
QAAeZOOSv/73GjZ5ZbDbusayH2c9/bXufaqlKJ9SmTYRRQsOBDzvdB9epJsqOHZG
5mTZETGY9aNKjAREOSDmc2SE9b1AkHBiSibuXS+4bXteFDx8ymoG3GfQqlkUzhzB
ZiY9sJl39uWUQzMoy1egP6vwJJrltpXvCXelwZU95CsrTWCD89soqAY4dVRDlbeS
UWuI321xK0U+jXEB3kaKz3aI7iIZewQJetFPQKenFXF0MDP8
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:58 2024 by rpki-client on console-ams.rpki-client.org