Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lTLD-rUQhFg1JFp4MblB_u16otQ.roa
File: lTLD-rUQhFg1JFp4MblB_u16otQ.roa (raw, json)
Hash identifier: wV9Xq9Oi1bH4hvy6tUyJdG0YPJb2gOzGoFuirsrfuAA=
Subject key identifier: 95:32:C3:FA:B5:10:84:58:35:24:5A:78:31:B9:41:FE:ED:7A:A2:D4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0C71C65863638855BF70CB70C57C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lTLD-rUQhFg1JFp4MblB_u16otQ.roa
Signing time: Tue 02 Jan 2024 10:34:19 +0000
ROA not before: Tue 02 Jan 2024 10:34:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205092
IP address blocks: 2a0e:97c0:b00::/48 maxlen: 48
2a0e:97c0:b01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Jun 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:0c:71:c6:58:63:63:88:55:bf:70:cb:70:c5:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9532c3fab510845835245a7831b941feed7aa2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:ee:d7:ec:88:96:b0:ce:ea:5c:3f:b5:a5:
e0:cf:9d:3e:49:ec:b5:f8:0f:c7:a7:d2:4e:7d:62:
cc:a6:fe:dc:84:43:29:68:80:76:32:d1:69:89:ca:
f1:17:76:8f:77:c2:c2:f9:6f:4d:ea:ad:56:94:3b:
3f:33:58:07:43:75:7b:7e:47:28:5b:36:78:a6:3e:
ab:ac:ef:10:3c:dd:7f:d1:1c:0d:55:fe:ba:83:8b:
f7:ee:b9:94:05:28:80:85:38:6b:74:42:48:43:b0:
55:49:10:96:59:c1:6a:f9:62:b4:0e:f4:ed:79:80:
18:a4:05:5f:e7:ee:66:58:8c:a0:7b:5b:b2:2f:97:
69:b7:eb:3c:bf:1b:89:55:f3:eb:ce:1e:da:e4:49:
07:03:2f:19:4e:77:9a:3c:0c:21:7f:26:77:bd:a5:
c7:f7:f2:d0:4f:bc:07:a4:42:1a:f0:05:eb:54:4e:
e2:ab:9e:13:7b:05:03:e0:43:6c:cc:5d:07:b5:dc:
cf:86:53:2d:91:a6:46:01:79:88:94:10:f6:9a:bd:
3e:0b:8f:0e:73:8b:77:02:e2:b6:d6:23:07:7c:df:
44:09:92:5a:9f:5c:ce:f1:68:ce:8b:f8:a2:d2:fa:
04:1c:9d:a8:1b:ea:58:27:06:72:3e:fd:f3:0a:b9:
bc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:32:C3:FA:B5:10:84:58:35:24:5A:78:31:B9:41:FE:ED:7A:A2:D4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/lTLD-rUQhFg1JFp4MblB_u16otQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:b00::/47
Signature Algorithm: sha256WithRSAEncryption
8e:49:82:9c:4a:98:25:52:4e:29:0a:95:f5:95:3a:42:85:10:
65:3e:ce:3a:fe:67:3b:79:c5:41:a3:89:15:40:3c:36:67:b0:
2e:73:28:ba:b6:25:7b:66:5b:84:76:de:32:8d:55:75:a8:1f:
54:4c:10:2d:1e:a8:5b:15:9e:b9:a9:e6:4f:14:fb:80:78:8f:
b2:d3:c1:b5:fe:95:47:36:8e:fe:7c:e2:d2:c7:d8:9f:f3:9e:
64:d1:0e:47:be:5a:62:3c:58:cc:cd:ce:55:5e:83:8e:eb:4f:
8f:62:fd:10:0c:83:ca:6f:bb:8c:05:36:8e:ea:d2:e5:16:bd:
98:20:f9:ef:17:3f:0b:37:37:2c:90:ae:a2:00:44:b6:c6:34:
b2:f8:94:05:e5:58:31:44:11:3f:26:e1:a5:29:e1:1f:36:99:
80:17:e3:9e:f3:bf:2b:2c:7a:8d:c9:25:d9:2e:e5:75:2e:b4:
0c:b3:89:92:97:db:65:12:b9:25:68:74:b6:72:24:ec:02:26:
e1:9d:a3:f3:c2:f1:e0:cc:90:72:02:35:90:a7:10:ce:ef:f9:
be:c8:7d:d8:62:6c:86:b3:25:27:41:5e:2e:a4:e6:c7:50:7f:
f1:ed:d4:a9:49:0c:fe:c8:fd:20:a4:61:26:53:f0:d9:ec:20:
8c:51:72:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvQxxxlhjY4hVv3DLcMV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTMyYzNmYWI1MTA4NDU4MzUyNDVhNzgzMWI5NDFmZWVkN2FhMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw3u1+yIlrDO6lw/taXgz50+Sey1
+A/Hp9JOfWLMpv7chEMpaIB2MtFpicrxF3aPd8LC+W9N6q1WlDs/M1gHQ3V7fkco
WzZ4pj6rrO8QPN1/0RwNVf66g4v37rmUBSiAhThrdEJIQ7BVSRCWWcFq+WK0DvTt
eYAYpAVf5+5mWIyge1uyL5dpt+s8vxuJVfPrzh7a5EkHAy8ZTneaPAwhfyZ3vaXH
9/LQT7wHpEIa8AXrVE7iq54TewUD4ENszF0HtdzPhlMtkaZGAXmIlBD2mr0+C48O
c4t3AuK21iMHfN9ECZJan1zO8WjOi/ii0voEHJ2oG+pYJwZyPv3zCrm8dQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJUyw/q1EIRYNSRaeDG5Qf7teqLUMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbFRMRC1yVVFoRmcxSkZwNE1ibEJfdTE2b3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKg6XwAsA
MA0GCSqGSIb3DQEBCwUAA4IBAQCOSYKcSpglUk4pCpX1lTpChRBlPs46/mc7ecVB
o4kVQDw2Z7Aucyi6tiV7ZluEdt4yjVV1qB9UTBAtHqhbFZ65qeZPFPuAeI+y08G1
/pVHNo7+fOLSx9if855k0Q5HvlpiPFjMzc5VXoOO60+PYv0QDIPKb7uMBTaO6tLl
Fr2YIPnvFz8LNzcskK6iAES2xjSy+JQF5VgxRBE/JuGlKeEfNpmAF+Oe878rLHqN
ySXZLuV1LrQMs4mSl9tlErklaHS2ciTsAibhnaPzwvHgzJByAjWQpxDO7/m+yH3Y
YmyGsyUnQV4upObHUH/x7dSpSQz+yP0gpGEmU/DZ7CCMUXJT
-----END CERTIFICATE-----
Generated at Wed Jun 12 23:10:18 2024 by rpki-client on console-ams.rpki-client.org