Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j1Alzj0YVPdKPnEcUZBmHi56I1U.roa
File: j1Alzj0YVPdKPnEcUZBmHi56I1U.roa (raw, json)
Hash identifier: 0nLYf19FAco5PtBZEixEti08sjGL9vvvZqHm0xzL15Y=
Subject key identifier: 8F:50:25:CE:3D:18:54:F7:4A:3E:71:1C:51:90:66:1E:2E:7A:23:55
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD3CCF920D9D87EDC7D9FDDF63CAF7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j1Alzj0YVPdKPnEcUZBmHi56I1U.roa
Signing time: Tue 02 Jan 2024 10:34:31 +0000
ROA not before: Tue 02 Jan 2024 10:34:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211840
IP address blocks: 2a0e:97c0:1ba::/47 maxlen: 48
2a0e:97c0:1bd::/48 maxlen: 48
2a0e:97c0:1b0::/48 maxlen: 48
2a0e:b107:862::/48 maxlen: 48
2a0e:b107:86c::/48 maxlen: 48
2a0e:b107:861::/48 maxlen: 48
2a0e:97c0:1bc::/48 maxlen: 48
2a0e:97c0:1b2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:3c:cf:92:0d:9d:87:ed:c7:d9:fd:df:63:ca:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f5025ce3d1854f74a3e711c5190661e2e7a2355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:cb:f9:ab:07:d3:ee:63:5f:f0:60:7c:6d:b7:
80:9c:b0:d8:4b:7e:f7:36:b4:3e:8c:e8:ad:0b:56:
e3:6f:ed:fc:e3:f1:3b:3f:b5:b9:49:be:99:8b:0a:
35:e7:df:4f:6b:9d:35:90:54:2e:c7:ed:e2:fd:11:
69:37:6f:7d:b9:34:d8:ee:d1:09:63:66:51:75:77:
3f:87:27:5b:1e:df:66:8e:6b:e0:9c:74:36:cd:8a:
97:6d:e8:67:86:bf:e4:17:dc:09:b2:84:ae:5b:bb:
4d:38:36:72:85:9a:49:97:eb:e9:8d:dd:9d:dd:86:
27:eb:78:42:80:67:db:a4:c2:ec:4d:f3:7f:51:9a:
83:29:84:7c:c5:28:4a:06:17:19:28:e1:fd:80:db:
c1:0f:30:ac:66:3f:b2:f3:d5:19:f4:3c:b3:79:ed:
e6:a8:c1:6a:7e:94:ac:96:4a:9c:a7:eb:84:10:80:
9d:58:35:0b:05:19:ad:5a:1f:dc:69:51:be:77:af:
54:04:34:b7:1d:8f:e0:7c:6f:63:91:fa:a7:ce:a7:
25:73:da:a0:84:02:6a:d4:11:97:ac:4e:10:69:7b:
1b:ec:0d:23:fa:10:ed:4e:42:83:71:38:c5:e3:72:
9e:b3:ce:4b:a0:5c:d1:5c:97:e4:cc:77:67:bc:a9:
f5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:50:25:CE:3D:18:54:F7:4A:3E:71:1C:51:90:66:1E:2E:7A:23:55
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j1Alzj0YVPdKPnEcUZBmHi56I1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:1b0::/48
2a0e:97c0:1b2::/48
2a0e:97c0:1ba::-2a0e:97c0:1bd:ffff:ffff:ffff:ffff:ffff
2a0e:b107:861::-2a0e:b107:862:ffff:ffff:ffff:ffff:ffff
2a0e:b107:86c::/48
Signature Algorithm: sha256WithRSAEncryption
2c:76:94:9a:dc:55:3d:05:44:84:fe:88:f8:a9:ae:2c:c8:1e:
f7:b3:40:97:97:ac:35:7a:1c:21:b9:0b:8f:4e:55:8d:e9:94:
68:e1:b7:1a:0d:52:b3:30:2a:dc:7b:f5:a7:26:b1:47:fa:04:
75:79:30:52:63:19:a7:27:5b:52:00:17:93:f2:3f:4a:a8:01:
69:2f:c6:e7:df:28:16:0b:41:a5:e0:f4:9f:09:b5:14:ca:25:
eb:04:06:1e:a6:87:f4:97:a9:f7:36:eb:9f:fe:cf:14:02:a1:
ce:4f:24:a5:70:3f:5f:d7:23:c7:c0:36:0a:c4:04:1b:ba:32:
ee:0e:62:73:61:ff:cc:ed:70:6a:bd:4d:42:95:02:01:d7:5d:
33:fd:3f:6a:f8:b8:e8:5c:4b:22:1b:1d:ff:e2:21:36:d4:6f:
0f:1e:48:60:2f:df:15:2e:0c:9d:5c:88:f4:88:fc:c8:be:c2:
e3:65:3e:57:df:ab:e2:cb:5a:48:db:73:5d:58:a3:b7:a1:08:
a2:c8:6f:55:11:47:8f:d8:96:f1:1c:b8:02:33:e4:e6:7f:38:
70:9a:9b:f5:53:da:43:a3:16:4c:84:4b:05:ab:68:07:ee:69:
ba:5d:a6:6c:4a:23:00:ab:09:06:e9:fe:44:eb:8d:3c:63:07:
f9:08:1c:6b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYzJvTzPkg2dh+3H2f3fY8r3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjUwMjVjZTNkMTg1NGY3NGEzZTcxMWM1MTkwNjYxZTJlN2EyMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sv5qwfT7mNf8GB8bbeAnLDYS373
NrQ+jOitC1bjb+384/E7P7W5Sb6Ziwo1599Pa501kFQux+3i/RFpN299uTTY7tEJ
Y2ZRdXc/hydbHt9mjmvgnHQ2zYqXbehnhr/kF9wJsoSuW7tNODZyhZpJl+vpjd2d
3YYn63hCgGfbpMLsTfN/UZqDKYR8xShKBhcZKOH9gNvBDzCsZj+y89UZ9Dyzee3m
qMFqfpSslkqcp+uEEICdWDULBRmtWh/caVG+d69UBDS3HY/gfG9jkfqnzqclc9qg
hAJq1BGXrE4QaXsb7A0j+hDtTkKDcTjF43Kes85LoFzRXJfkzHdnvKn1XQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFI9QJc49GFT3Sj5xHFGQZh4ueiNVMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvajFBbHpqMFlWUGRLUG5FY1VaQm1IaTU2STFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzBJBAIAAjBDAwcAKg6XwAGw
AwcAKg6XwAGyMBIDBwEqDpfAAboDBwEqDpfAAbwwEgMHACoOsQcIYQMHACoOsQcI
YgMHACoOsQcIbDANBgkqhkiG9w0BAQsFAAOCAQEALHaUmtxVPQVEhP6I+KmuLMge
97NAl5esNXocIbkLj05VjemUaOG3Gg1SszAq3Hv1pyaxR/oEdXkwUmMZpydbUgAX
k/I/SqgBaS/G598oFgtBpeD0nwm1FMol6wQGHqaH9Jep9zbrn/7PFAKhzk8kpXA/
X9cjx8A2CsQEG7oy7g5ic2H/zO1war1NQpUCAdddM/0/avi46FxLIhsd/+IhNtRv
Dx5IYC/fFS4MnVyI9Ij8yL7C42U+V9+r4staSNtzXVijt6EIoshvVRFHj9iW8Ry4
AjPk5n84cJqb9VPaQ6MWTIRLBatoB+5pul2mbEojAKsJBun+ROuNPGMH+Qgcaw==
-----END CERTIFICATE-----
Generated at Fri May 3 06:56:35 2024 by rpki-client on console-fra.rpki-client.org