Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hcQALiP16a0Yb5Dvmq5mUZaovPw.roa
File: hcQALiP16a0Yb5Dvmq5mUZaovPw.roa (raw, json)
Hash identifier: ZYol3idagU4FwkJRnWFyh+CaFEHJWPIzSgzyUfUl0RU=
Subject key identifier: 85:C4:00:2E:23:F5:E9:AD:18:6F:90:EF:9A:AE:66:51:96:A8:BC:FC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCBEDC91878C62869BDB81CA211978
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hcQALiP16a0Yb5Dvmq5mUZaovPw.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 2a0e:97c0:3b0::/48 maxlen: 48
2a0e:b107:27c7::/48 maxlen: 48
2a0e:b107:27ac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:be:dc:91:87:8c:62:86:9b:db:81:ca:21:19:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85c4002e23f5e9ad186f90ef9aae665196a8bcfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e0:e8:5e:19:44:d0:3e:eb:71:31:ff:b0:9a:
d5:40:a7:5d:02:dc:c7:27:c5:1e:c8:1a:01:bf:db:
7b:90:d1:55:99:7f:1d:82:3f:94:e5:1b:11:a3:72:
af:b3:2c:6f:ab:46:08:75:f9:be:a2:95:06:80:4a:
1c:35:a0:91:3a:ff:02:c7:d3:f1:10:f2:52:02:2f:
4c:89:fb:ac:06:e0:7b:29:65:20:f5:0a:22:2a:b5:
32:01:c7:e8:69:98:61:e0:8b:65:be:17:d8:9d:d6:
78:6b:da:48:4c:49:fc:99:dd:a5:9a:57:20:c9:c8:
40:6d:57:9c:ed:ad:f6:db:57:37:6d:14:6a:a0:da:
ef:e4:3d:87:32:1d:81:80:53:84:7b:4f:d9:53:4c:
48:fd:93:a8:55:cc:dd:12:01:ce:49:ae:dd:f6:09:
5e:e6:3a:37:57:92:e8:a1:85:f7:8a:f2:f6:4d:b5:
be:4a:fb:30:fc:80:b3:20:6e:5e:cc:8d:8e:ee:f5:
22:9b:46:6d:69:c2:9b:bc:b3:a4:6b:2e:33:ba:0d:
69:f2:15:64:29:70:46:27:75:89:25:c7:a6:57:61:
3d:4e:9b:2e:1e:2d:59:f4:22:a5:79:9c:b4:6e:81:
bf:b9:27:60:51:fc:e6:41:de:10:09:45:77:d3:68:
c7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C4:00:2E:23:F5:E9:AD:18:6F:90:EF:9A:AE:66:51:96:A8:BC:FC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hcQALiP16a0Yb5Dvmq5mUZaovPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3b0::/48
2a0e:b107:27ac::/48
2a0e:b107:27c7::/48
Signature Algorithm: sha256WithRSAEncryption
9f:54:ff:5d:8c:f2:5c:37:c0:98:bf:5e:96:b9:d4:18:f8:8b:
3a:77:2f:98:94:6a:9f:3a:6a:c4:77:b5:9d:b8:b3:dd:0b:df:
57:d0:aa:3e:6e:eb:ae:69:21:ce:2e:92:77:f2:fe:7c:1e:99:
fa:eb:ce:0d:34:93:e9:77:8b:6f:f2:27:c3:01:a9:29:8d:65:
aa:e6:ac:e1:4b:18:2f:32:3a:73:a9:a6:71:40:2d:2c:34:73:
27:74:4d:f9:49:56:7e:82:14:1b:9e:43:28:86:5e:b4:6b:ce:
f2:9a:ac:49:c5:5b:bf:43:41:e6:7f:87:08:1c:87:b0:34:57:
5d:b7:5a:5a:99:fa:6f:95:18:9e:c4:0b:db:22:73:55:f6:ac:
ce:5a:28:f9:d7:b2:2a:88:9f:15:4b:b5:56:6b:cb:dd:86:b1:
b0:cd:16:2e:b2:f6:83:27:bf:fb:d0:ec:5d:9b:e5:42:7a:47:
d9:1f:bb:b5:a7:f8:08:5c:54:75:17:14:21:b6:70:53:b8:ee:
d4:b9:bf:f0:d1:5b:db:09:a7:9f:f7:2d:15:0e:56:74:ab:cb:
95:e2:85:0c:7b:91:08:5d:27:de:44:2c:c3:aa:b1:30:73:f7:
39:35:29:de:24:81:62:73:c7:74:27:03:36:62:14:52:59:f6:
02:9f:65:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvL7ckYeMYoab24HKIRl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWM0MDAyZTIzZjVlOWFkMTg2ZjkwZWY5YWFlNjY1MTk2YThiY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqODoXhlE0D7rcTH/sJrVQKddAtzH
J8UeyBoBv9t7kNFVmX8dgj+U5RsRo3Kvsyxvq0YIdfm+opUGgEocNaCROv8Cx9Px
EPJSAi9MifusBuB7KWUg9QoiKrUyAcfoaZhh4ItlvhfYndZ4a9pITEn8md2lmlcg
ychAbVec7a3221c3bRRqoNrv5D2HMh2BgFOEe0/ZU0xI/ZOoVczdEgHOSa7d9gle
5jo3V5LooYX3ivL2TbW+Svsw/ICzIG5ezI2O7vUim0ZtacKbvLOkay4zug1p8hVk
KXBGJ3WJJcemV2E9TpsuHi1Z9CKleZy0boG/uSdgUfzmQd4QCUV302jH1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIXEAC4j9emtGG+Q75quZlGWqLz8MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaGNRQUxpUDE2YTBZYjVEdm1xNW1VWmFvdlB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6XwAOw
AwcAKg6xByesAwcAKg6xByfHMA0GCSqGSIb3DQEBCwUAA4IBAQCfVP9djPJcN8CY
v16WudQY+Is6dy+YlGqfOmrEd7WduLPdC99X0Ko+buuuaSHOLpJ38v58Hpn6684N
NJPpd4tv8ifDAakpjWWq5qzhSxgvMjpzqaZxQC0sNHMndE35SVZ+ghQbnkMohl60
a87ymqxJxVu/Q0Hmf4cIHIewNFddt1pamfpvlRiexAvbInNV9qzOWij517IqiJ8V
S7VWa8vdhrGwzRYusvaDJ7/70Oxdm+VCekfZH7u1p/gIXFR1FxQhtnBTuO7Uub/w
0VvbCaef9y0VDlZ0q8uV4oUMe5EIXSfeRCzDqrEwc/c5NSneJIFic8d0JwM2YhRS
WfYCn2We
-----END CERTIFICATE-----
Generated at Fri May 3 06:56:35 2024 by rpki-client on console-fra.rpki-client.org