Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hn1SKJmcO2AUvLVmb5QVp1XtPTk.roa
File: hn1SKJmcO2AUvLVmb5QVp1XtPTk.roa (raw, json)
Hash identifier: iMhlL1rrPA3xQY4m5/dkJXBIVJ4fMZjlRf75vmFOwgg=
Subject key identifier: 86:7D:52:28:99:9C:3B:60:14:BC:B5:66:6F:94:15:A7:55:ED:3D:39
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01939D95DB01A78F93F04848CA04444E68FB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hn1SKJmcO2AUvLVmb5QVp1XtPTk.roa
Signing time: Fri 06 Dec 2024 20:07:43 +0000
ROA not before: Fri 06 Dec 2024 20:07:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 2a10:cc40:230::/48 maxlen: 48
2a10:cc40:231::/48 maxlen: 48
2a10:cc40:233::/48 maxlen: 48
2a10:cc40:234::/48 maxlen: 48
2a10:cc40:235::/48 maxlen: 48
2a10:cc40:236::/48 maxlen: 48
2a10:cc40:237::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Dec 2024 13:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9d:95:db:01:a7:8f:93:f0:48:48:ca:04:44:4e:68:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 6 20:07:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=867d5228999c3b6014bcb5666f9415a755ed3d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:59:ed:ab:3f:cd:86:af:f2:5b:2a:01:45:
34:91:b4:da:0f:d6:0f:be:bd:d6:92:37:cb:c1:17:
02:49:6e:7f:71:18:b5:aa:e9:dc:3f:00:b8:71:0f:
43:1e:cb:2f:42:f0:d3:c6:06:a9:5d:b0:73:77:fe:
6c:1a:ea:26:ef:ec:5c:93:86:69:6f:f7:d4:0b:04:
2a:52:95:7b:64:47:4f:d1:91:21:7d:b1:ec:3a:14:
dd:bb:fc:f2:c7:75:01:f2:99:36:1e:7f:65:de:5e:
32:a5:19:68:40:48:23:44:e8:fa:04:7a:9f:a3:c9:
54:81:db:ff:70:6d:dc:25:80:2e:82:3e:d5:4a:68:
48:3c:3c:f8:a0:8c:49:cc:cc:f1:89:04:8c:d8:a9:
dd:d5:33:c8:11:93:7b:3b:0a:44:e8:a6:be:7d:ed:
74:af:49:41:e8:6c:09:e6:22:1f:9d:2a:cf:a6:12:
92:ff:41:45:c9:9e:18:fe:8a:b0:3f:c2:62:6c:b8:
1b:17:92:89:99:cd:b7:76:1d:7d:05:29:a9:16:8c:
e5:db:bf:9b:8d:c7:20:4b:e8:8c:07:16:12:f9:e0:
50:cd:10:cd:69:7d:35:9d:d1:51:ea:82:df:a1:3d:
97:67:61:f6:7c:e4:56:0e:4c:5d:c1:37:57:c4:dd:
13:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7D:52:28:99:9C:3B:60:14:BC:B5:66:6F:94:15:A7:55:ED:3D:39
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hn1SKJmcO2AUvLVmb5QVp1XtPTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:230::/47
2a10:cc40:233::-2a10:cc40:237:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b9:5a:f8:a0:91:2a:29:ce:d6:9f:d9:1e:76:c0:29:1e:30:5c:
2e:8f:6a:e2:28:75:4c:7b:f6:0b:cc:94:14:b5:e2:bd:1c:96:
d6:62:57:65:5a:e4:2f:2c:e2:0f:20:01:4f:ab:a5:66:9b:57:
4d:48:63:ef:0f:13:1f:4d:a9:35:72:d8:6c:3d:bb:6a:0c:84:
3d:39:8f:9c:6c:e2:01:d2:52:bc:0d:bb:62:0f:a8:f1:c4:ac:
2b:b2:42:a1:c5:a7:b7:7f:0c:ac:6a:2c:8f:59:94:97:83:9d:
88:40:de:d7:2a:08:40:03:e9:8a:ec:6c:61:a8:de:7a:a1:d3:
67:19:24:c7:c2:80:5e:56:e9:78:7e:05:a8:3b:c5:f1:16:32:
ea:9e:48:cc:1c:d7:cd:b8:38:58:27:51:b5:27:ee:2b:80:6b:
7c:25:1c:88:11:00:b3:35:9a:98:61:48:86:ba:0a:20:cc:37:
50:0e:59:e1:86:ba:74:16:7f:e5:56:90:7f:e3:52:a9:04:98:
cb:20:f3:a0:84:c6:53:45:bd:0d:cd:ba:56:8c:2b:fe:35:f1:
49:40:95:ba:9e:55:a5:12:88:c9:69:de:ca:74:c4:0b:4e:1e:
56:97:58:6f:d5:c2:71:f7:68:71:c0:a2:c1:12:43:5b:d2:2c:
a3:81:dc:9b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZOdldsBp4+T8EhIygRETmj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMjA2MjAwNzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdkNTIyODk5OWMzYjYwMTRiY2I1NjY2Zjk0MTVhNzU1ZWQzZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmtZ7as/zYav8lsqAUU0kbTaD9YP
vr3WkjfLwRcCSW5/cRi1quncPwC4cQ9DHssvQvDTxgapXbBzd/5sGuom7+xck4Zp
b/fUCwQqUpV7ZEdP0ZEhfbHsOhTdu/zyx3UB8pk2Hn9l3l4ypRloQEgjROj6BHqf
o8lUgdv/cG3cJYAugj7VSmhIPDz4oIxJzMzxiQSM2Knd1TPIEZN7OwpE6Ka+fe10
r0lB6GwJ5iIfnSrPphKS/0FFyZ4Y/oqwP8JibLgbF5KJmc23dh19BSmpFozl27+b
jccgS+iMBxYS+eBQzRDNaX01ndFR6oLfoT2XZ2H2fORWDkxdwTdXxN0THQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIZ9UiiZnDtgFLy1Zm+UFadV7T05MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaG4xU0tKbWNPMkFVdkxWbWI1UVZwMVh0UFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKhDMQAIw
MBIDBwAqEMxAAjMDBwMqEMxAAjAwDQYJKoZIhvcNAQELBQADggEBALla+KCRKinO
1p/ZHnbAKR4wXC6PauIodUx79gvMlBS14r0cltZiV2Va5C8s4g8gAU+rpWabV01I
Y+8PEx9NqTVy2Gw9u2oMhD05j5xs4gHSUrwNu2IPqPHErCuyQqHFp7d/DKxqLI9Z
lJeDnYhA3tcqCEAD6YrsbGGo3nqh02cZJMfCgF5W6Xh+Bag7xfEWMuqeSMwc1824
OFgnUbUn7iuAa3wlHIgRALM1mphhSIa6CiDMN1AOWeGGunQWf+VWkH/jUqkEmMsg
86CExlNFvQ3NulaMK/418UlAlbqeVaUSiMlp3sp0xAtOHlaXWG/VwnH3aHHAosES
Q1vSLKOB3Js=
-----END CERTIFICATE-----
Generated at Thu Dec 26 21:47:09 2024 by rpki-client on console-ams.rpki-client.org