Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mVempATE_-r_48sXJDrzYZ_qAJc.roa
File: mVempATE_-r_48sXJDrzYZ_qAJc.roa (raw, json)
Hash identifier: m9NzVKOWrHZ0aU5V+q6ABXlScqhb5LXf4lk23F/1alw=
Subject key identifier: 99:57:A6:A4:04:C4:FF:EA:FF:E3:CB:17:24:3A:F3:61:9F:EA:00:97
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D08E1EF49162297D5EA4FA5F1FF0A6097
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mVempATE_-r_48sXJDrzYZ_qAJc.roa
Signing time: Sun 14 Jan 2024 16:50:41 +0000
ROA not before: Sun 14 Jan 2024 16:50:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213105
IP address blocks: 2a10:2f00:138::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:08:e1:ef:49:16:22:97:d5:ea:4f:a5:f1:ff:0a:60:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 14 16:50:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9957a6a404c4ffeaffe3cb17243af3619fea0097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:28:f9:1e:d5:2f:fe:21:19:af:6e:90:4c:3f:
9b:f9:09:04:57:44:e6:18:a2:7f:f2:02:e9:54:54:
11:7c:2d:53:42:3b:37:c1:94:c7:ce:35:33:1d:24:
dd:07:33:13:00:b1:95:d5:47:c7:26:7d:a4:bf:f1:
ba:e8:b6:88:69:2d:6a:6b:32:1e:eb:cb:29:b7:f1:
4a:81:a6:8e:79:8a:41:01:12:cc:dc:62:49:84:79:
e5:2e:20:2c:62:0f:34:a2:7e:f7:db:d5:bd:8e:65:
91:94:12:e9:ca:1f:a7:90:49:1c:97:38:7a:d8:0b:
4d:9e:57:1e:40:07:3d:12:63:e3:44:51:b9:93:6f:
c0:80:06:22:9e:e9:34:37:24:dc:2c:17:a5:21:e0:
84:5b:d8:09:44:c5:83:42:ab:5f:fb:d0:04:98:dc:
e3:d8:50:3f:25:f7:00:3b:c8:b9:ca:00:50:4a:94:
9f:2c:c9:9d:6c:95:e7:71:7d:08:54:bf:d4:06:3f:
0d:62:e6:f2:42:9a:97:ff:b9:19:37:73:0b:e5:55:
21:cf:24:ad:42:34:b9:4f:9d:10:35:ee:51:7c:8a:
28:c7:d6:3a:05:f0:6f:cc:d8:cf:4e:22:ee:2b:f5:
3b:a1:90:e2:0f:21:d5:88:13:41:ca:04:50:fa:7c:
26:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:57:A6:A4:04:C4:FF:EA:FF:E3:CB:17:24:3A:F3:61:9F:EA:00:97
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mVempATE_-r_48sXJDrzYZ_qAJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:138::/48
Signature Algorithm: sha256WithRSAEncryption
42:13:14:17:cb:76:af:8b:60:96:da:21:85:bd:86:9e:74:6b:
90:95:3f:4b:ec:d5:94:0a:2a:62:15:a4:a7:6c:c8:b1:11:14:
58:c8:83:1a:b2:59:d4:06:03:50:41:c6:61:c0:b4:e0:c2:eb:
95:bc:9e:6d:ce:dc:01:33:3e:e9:7f:56:8d:9c:0c:9a:b7:ac:
09:bd:4a:5e:9d:cf:6f:21:32:cb:9f:1c:29:30:11:e8:fe:12:
e4:78:48:33:c0:cf:c6:18:42:a9:01:d9:06:65:47:0e:03:6c:
19:4a:c4:13:e3:c9:97:86:45:e8:c7:02:44:c7:27:85:81:73:
62:e2:38:1d:2c:83:86:32:45:4f:7b:c1:62:9d:98:10:44:55:
b7:ac:cc:a8:5f:86:2a:cf:dc:6a:ac:65:96:19:4d:3e:a0:5e:
65:fc:7b:9b:43:52:15:1b:b7:5b:63:5b:10:57:ff:f6:c9:03:
90:dc:8c:aa:f7:4b:5d:f0:b1:73:c9:a5:22:79:a9:e2:1d:4b:
04:22:e8:bf:d8:72:e8:b8:e1:2e:8b:f1:38:24:95:3b:34:da:
4a:74:ed:3a:90:a9:a3:b6:c4:8e:ad:77:b8:cc:c9:96:3a:6d:
51:c1:b3:28:87:d2:b4:98:aa:ad:55:68:09:2b:aa:57:0b:cd:
fd:2b:06:66
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0I4e9JFiKX1epPpfH/CmCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE0MTY1MDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTU3YTZhNDA0YzRmZmVhZmZlM2NiMTcyNDNhZjM2MTlmZWEwMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSj5HtUv/iEZr26QTD+b+QkEV0Tm
GKJ/8gLpVFQRfC1TQjs3wZTHzjUzHSTdBzMTALGV1UfHJn2kv/G66LaIaS1qazIe
68spt/FKgaaOeYpBARLM3GJJhHnlLiAsYg80on7329W9jmWRlBLpyh+nkEkclzh6
2AtNnlceQAc9EmPjRFG5k2/AgAYinuk0NyTcLBelIeCEW9gJRMWDQqtf+9AEmNzj
2FA/JfcAO8i5ygBQSpSfLMmdbJXncX0IVL/UBj8NYubyQpqX/7kZN3ML5VUhzySt
QjS5T50QNe5RfIoox9Y6BfBvzNjPTiLuK/U7oZDiDyHViBNBygRQ+nwm0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJlXpqQExP/q/+PLFyQ682Gf6gCXMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbVZlbXBBVEVfLXJfNDhzWEpEcnpZWl9xQUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhAvAAE4
MA0GCSqGSIb3DQEBCwUAA4IBAQBCExQXy3avi2CW2iGFvYaedGuQlT9L7NWUCipi
FaSnbMixERRYyIMaslnUBgNQQcZhwLTgwuuVvJ5tztwBMz7pf1aNnAyat6wJvUpe
nc9vITLLnxwpMBHo/hLkeEgzwM/GGEKpAdkGZUcOA2wZSsQT48mXhkXoxwJExyeF
gXNi4jgdLIOGMkVPe8FinZgQRFW3rMyoX4Yqz9xqrGWWGU0+oF5l/HubQ1IVG7db
Y1sQV//2yQOQ3Iyq90td8LFzyaUieaniHUsEIui/2HLouOEui/E4JJU7NNpKdO06
kKmjtsSOrXe4zMmWOm1RwbMoh9K0mKqtVWgJK6pXC839KwZm
-----END CERTIFICATE-----
Generated at Fri May 3 11:06:43 2024 by rpki-client on console-ams.rpki-client.org