Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/geyG7e4NL__k_JrroOt-4Od9NvQ.roa
File: geyG7e4NL__k_JrroOt-4Od9NvQ.roa (raw, json)
Hash identifier: pRjZwlXZDN12M3P1xSsQ5qgNHCKVJhsx3N4x+XJmkHo=
Subject key identifier: 81:EC:86:ED:EE:0D:2F:FF:E4:FC:9A:EB:A0:EB:7E:E0:E7:7D:36:F4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0806005445B75EAB690F0A351C34
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/geyG7e4NL__k_JrroOt-4Od9NvQ.roa
Signing time: Tue 02 Jan 2024 10:34:17 +0000
ROA not before: Tue 02 Jan 2024 10:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204374
IP address blocks: 2a0e:b107:ba0::/48 maxlen: 48
2a0e:b107:ba5::/48 maxlen: 48
2a0e:b107:baa::/48 maxlen: 48
2a0e:b107:baf::/48 maxlen: 48
2a0e:b107:ba4::/48 maxlen: 48
2a0e:b107:ba9::/48 maxlen: 48
2a0e:b107:bae::/48 maxlen: 48
2a0e:b107:ba3::/48 maxlen: 48
2a0e:b107:ba8::/48 maxlen: 48
2a0e:b107:bad::/48 maxlen: 48
2a0e:b107:ba0::/44 maxlen: 48
2a0e:b107:ba2::/48 maxlen: 48
2a0e:b107:ba7::/48 maxlen: 48
2a0e:b107:bac::/48 maxlen: 48
2a0e:b107:ba1::/48 maxlen: 48
2a0e:b107:ba6::/48 maxlen: 48
2a0e:b107:bab::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:08:06:00:54:45:b7:5e:ab:69:0f:0a:35:1c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ec86edee0d2fffe4fc9aeba0eb7ee0e77d36f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0d:17:c0:68:e5:e6:c0:0f:f0:fc:46:87:c5:
44:94:17:a2:b4:53:cf:96:ad:7a:37:65:e3:d5:8e:
6c:2a:82:03:5d:19:d2:8f:78:e4:09:9c:05:9e:5b:
58:c6:56:3d:12:8c:7f:34:34:05:7f:4e:8c:63:5f:
f4:37:f7:15:7a:f9:3d:84:9a:ce:5c:2b:66:0b:e6:
50:06:41:eb:3a:35:35:cf:6a:5b:71:63:8b:07:42:
e0:50:10:99:ab:af:e9:a5:97:45:ff:19:3e:87:64:
07:00:60:4b:9b:96:25:5b:65:b4:d3:57:d7:e4:22:
fe:e1:8b:9f:90:dc:a0:42:48:df:e9:a4:ec:c6:fc:
0e:3f:fc:5d:99:ba:38:42:a7:cd:f5:c9:e7:19:ff:
5d:7f:22:fc:63:2e:28:9b:b1:19:d9:49:bc:56:cc:
86:31:51:bb:c6:f8:fb:b0:17:f7:20:8b:3e:7e:f3:
57:6e:27:e8:e0:90:85:18:ff:4d:33:22:32:74:69:
8d:7a:d3:77:fa:48:fa:72:dd:74:ae:55:63:f3:18:
ab:b8:31:41:6e:05:f4:e4:c2:02:e6:82:1f:db:c7:
5d:41:52:6a:42:7e:9a:3c:e8:33:a0:36:58:6d:b0:
b8:5a:e6:bf:05:0f:a6:f7:bc:62:e3:55:1f:fc:db:
2c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EC:86:ED:EE:0D:2F:FF:E4:FC:9A:EB:A0:EB:7E:E0:E7:7D:36:F4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/geyG7e4NL__k_JrroOt-4Od9NvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:ba0::/44
Signature Algorithm: sha256WithRSAEncryption
90:07:4e:72:a0:98:dd:87:c4:f3:da:6c:92:43:00:cf:b7:04:
41:47:49:99:c0:69:99:67:c3:7e:7a:18:33:2c:4d:38:f6:74:
4c:ce:56:67:64:b6:06:1c:a1:5c:9c:94:a9:8d:ad:1e:fc:68:
9c:3d:ba:bc:89:da:de:44:c2:4b:0f:a9:a6:2d:8c:d4:ca:cd:
62:01:97:18:2f:f1:ac:13:1d:22:e9:c6:33:f4:82:ae:d5:07:
e4:b0:a6:29:bc:c4:de:cd:12:3f:30:2a:70:2b:be:3e:cb:ec:
a8:96:e8:21:96:aa:3f:ed:5d:e0:64:4f:cd:2f:4d:4b:4b:f3:
44:47:49:27:17:7c:ac:99:c9:22:0e:09:6b:9c:f2:0a:08:c0:
44:e6:71:2a:0c:4e:0c:fc:59:44:0e:53:56:8b:46:b6:8d:d1:
83:7c:75:8f:3a:a5:9a:f1:dd:0d:a1:b6:27:ca:03:2f:17:02:
43:47:bf:06:ff:42:25:45:3b:37:54:3a:ac:e8:03:5d:0b:9c:
99:9a:ab:28:05:a4:7e:eb:21:39:3d:03:13:b8:56:45:43:21:
41:31:dd:d0:f8:77:09:71:76:4b:6f:77:a0:83:77:40:8b:e0:
f0:fd:f0:71:a4:3c:b3:0e:b1:86:fe:26:6b:55:23:78:e9:bf:
b8:5c:03:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvQgGAFRFt16raQ8KNRw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVjODZlZGVlMGQyZmZmZTRmYzlhZWJhMGViN2VlMGU3N2QzNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAww0XwGjl5sAP8PxGh8VElBeitFPP
lq16N2Xj1Y5sKoIDXRnSj3jkCZwFnltYxlY9Eox/NDQFf06MY1/0N/cVevk9hJrO
XCtmC+ZQBkHrOjU1z2pbcWOLB0LgUBCZq6/ppZdF/xk+h2QHAGBLm5YlW2W001fX
5CL+4YufkNygQkjf6aTsxvwOP/xdmbo4QqfN9cnnGf9dfyL8Yy4om7EZ2Um8VsyG
MVG7xvj7sBf3IIs+fvNXbifo4JCFGP9NMyIydGmNetN3+kj6ct10rlVj8xiruDFB
bgX05MIC5oIf28ddQVJqQn6aPOgzoDZYbbC4Wua/BQ+m97xi41Uf/NsstQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIHshu3uDS//5Pya66DrfuDnfTb0MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZ2V5RzdlNE5MX19rX0pycm9PdC00T2Q5TnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwug
MA0GCSqGSIb3DQEBCwUAA4IBAQCQB05yoJjdh8Tz2mySQwDPtwRBR0mZwGmZZ8N+
ehgzLE049nRMzlZnZLYGHKFcnJSpja0e/GicPbq8idreRMJLD6mmLYzUys1iAZcY
L/GsEx0i6cYz9IKu1QfksKYpvMTezRI/MCpwK74+y+yolughlqo/7V3gZE/NL01L
S/NER0knF3ysmckiDglrnPIKCMBE5nEqDE4M/FlEDlNWi0a2jdGDfHWPOqWa8d0N
obYnygMvFwJDR78G/0IlRTs3VDqs6ANdC5yZmqsoBaR+6yE5PQMTuFZFQyFBMd3Q
+HcJcXZLb3egg3dAi+Dw/fBxpDyzDrGG/iZrVSN46b+4XAMI
-----END CERTIFICATE-----
Generated at Fri May 3 03:33:17 2024 by rpki-client on console-ams.rpki-client.org