Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mJXcaYAL2tdraYnhR6h2dyxyJtE.roa
File: mJXcaYAL2tdraYnhR6h2dyxyJtE.roa (raw, json)
Hash identifier: 8DzBngKNBdy9fhjepBtIOU35cUSw2d74H3XYEGQhlfM=
Subject key identifier: 98:95:DC:69:80:0B:DA:D7:6B:69:89:E1:47:A8:76:77:2C:72:26:D1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD54ECA58C94A2D7D9B704E96E4983
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mJXcaYAL2tdraYnhR6h2dyxyJtE.roa
Signing time: Tue 02 Jan 2024 10:34:37 +0000
ROA not before: Tue 02 Jan 2024 10:34:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215980
IP address blocks: 2a10:ccc0:3001::/48 maxlen: 48
2a0e:97c0:e30::/48 maxlen: 48
2a10:ccc0:3002::/48 maxlen: 48
2a10:ccc0:3000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:54:ec:a5:8c:94:a2:d7:d9:b7:04:e9:6e:49:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9895dc69800bdad76b6989e147a876772c7226d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:d2:d9:76:0e:e9:2c:4d:30:ac:98:d9:28:
24:7c:72:cc:d5:8e:0f:5f:fc:9c:35:a6:a8:f5:31:
d3:c4:b2:44:f9:e4:a4:85:0b:1c:13:1a:2f:45:14:
5d:72:0c:b7:d1:a0:7c:3f:5f:4b:a5:a5:d3:38:22:
b7:c3:77:4f:8f:de:83:21:f7:af:4c:1c:01:6e:76:
9b:ae:32:3f:24:7f:b5:11:b7:b0:37:e7:c7:59:48:
b1:79:d8:19:94:d9:d3:2f:3c:26:64:3f:84:a6:80:
16:31:42:77:88:c2:bf:21:2c:ce:37:7f:5d:25:48:
e8:12:33:9b:3e:37:31:a9:b8:60:a1:0e:cb:e3:93:
bf:5a:37:ed:cc:a7:78:42:cb:b8:59:4d:70:a3:81:
10:a2:32:82:93:5f:35:36:82:72:75:2d:ea:f0:00:
9e:9a:64:60:cc:f2:03:33:1e:f3:82:0d:1a:74:64:
59:3d:72:25:40:d2:55:57:af:74:1b:1f:80:56:86:
4f:89:e0:b7:f4:35:10:43:a8:ff:23:9d:bf:1b:57:
c4:7e:b0:74:4d:b4:24:f9:9d:98:9c:98:76:f2:37:
46:04:45:f0:1f:ab:43:df:6e:69:e7:8c:f5:e5:78:
45:96:62:23:f0:22:86:09:48:83:d2:53:f7:e0:48:
68:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:95:DC:69:80:0B:DA:D7:6B:69:89:E1:47:A8:76:77:2C:72:26:D1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mJXcaYAL2tdraYnhR6h2dyxyJtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:e30::/48
2a10:ccc0:3000::-2a10:ccc0:3002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:01:b4:41:2f:95:84:77:63:8a:aa:56:47:45:61:b3:8b:f6:
17:85:3e:69:ba:20:ca:70:ad:1c:68:cd:8f:73:79:69:13:ec:
b8:b1:c3:4e:80:53:5c:15:5a:47:30:0d:7d:9d:b9:d5:eb:10:
4d:1b:7a:46:7e:37:f5:c6:bf:bd:b0:47:ce:cb:2a:e4:86:45:
13:f1:cc:bb:f4:78:e0:78:5f:b0:60:67:4e:25:dd:d6:e1:e6:
9c:1a:1f:44:7e:4b:6b:30:47:c3:d9:e4:f7:27:f6:2c:95:20:
53:41:c0:15:41:f4:58:db:27:e2:e5:00:19:6a:53:54:da:b4:
a2:13:0c:78:cc:d2:29:bd:b9:3e:c7:55:04:d8:87:52:0c:b8:
cc:77:8d:68:44:0d:de:c9:ac:69:66:d3:c8:a0:fa:84:38:a7:
46:00:66:9b:96:11:c4:2c:14:7e:04:ed:5b:be:79:67:e1:fc:
13:00:39:43:df:ca:57:9d:b5:72:30:11:9f:4f:c6:19:f2:5a:
22:79:69:34:81:f8:19:6a:02:44:c2:5f:85:ff:c7:5e:5c:e0:
60:55:93:8a:b8:f5:58:0c:47:31:6a:f9:28:b0:16:23:90:01:
f3:09:98:c3:c1:46:67:14:76:77:ed:ab:ee:18:cb:c0:74:d9:
3b:82:71:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzJvVTspYyUotfZtwTpbkmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk1ZGM2OTgwMGJkYWQ3NmI2OTg5ZTE0N2E4NzY3NzJjNzIyNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf7S2XYO6SxNMKyY2SgkfHLM1Y4P
X/ycNaao9THTxLJE+eSkhQscExovRRRdcgy30aB8P19LpaXTOCK3w3dPj96DIfev
TBwBbnabrjI/JH+1EbewN+fHWUixedgZlNnTLzwmZD+EpoAWMUJ3iMK/ISzON39d
JUjoEjObPjcxqbhgoQ7L45O/WjftzKd4Qsu4WU1wo4EQojKCk181NoJydS3q8ACe
mmRgzPIDMx7zgg0adGRZPXIlQNJVV690Gx+AVoZPieC39DUQQ6j/I52/G1fEfrB0
TbQk+Z2YnJh28jdGBEXwH6tD325p54z15XhFlmIj8CKGCUiD0lP34EhoaQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJiV3GmAC9rXa2mJ4UeodncscibRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbUpYY2FZQUwydGRyYVluaFI2aDJkeXh5SnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwcAKg6XwA4w
MBEDBgQqEMzAMAMHACoQzMAwAjANBgkqhkiG9w0BAQsFAAOCAQEAdQG0QS+VhHdj
iqpWR0Vhs4v2F4U+abogynCtHGjNj3N5aRPsuLHDToBTXBVaRzANfZ251esQTRt6
Rn439ca/vbBHzssq5IZFE/HMu/R44HhfsGBnTiXd1uHmnBofRH5LazBHw9nk9yf2
LJUgU0HAFUH0WNsn4uUAGWpTVNq0ohMMeMzSKb25PsdVBNiHUgy4zHeNaEQN3sms
aWbTyKD6hDinRgBmm5YRxCwUfgTtW755Z+H8EwA5Q9/KV521cjARn0/GGfJaInlp
NIH4GWoCRMJfhf/HXlzgYFWTirj1WAxHMWr5KLAWI5AB8wmYw8FGZxR2d+2r7hjL
wHTZO4JxUw==
-----END CERTIFICATE-----
Generated at Fri May 3 11:06:43 2024 by rpki-client on console-ams.rpki-client.org