Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/n3gpJWvgrsbEOjpwGUG_kguwxE0.roa
File: n3gpJWvgrsbEOjpwGUG_kguwxE0.roa (raw, json)
Hash identifier: +RDtLFMYiNNl8ufmTvdTg2p3grllVQ9x0K1myDCZVNo=
Subject key identifier: 9F:78:29:25:6B:E0:AE:C6:C4:3A:3A:70:19:41:BF:92:0B:B0:C4:4D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01935F217DDFFDFEDB3F7A696C21039A3216
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/n3gpJWvgrsbEOjpwGUG_kguwxE0.roa
Signing time: Sun 24 Nov 2024 17:04:10 +0000
ROA not before: Sun 24 Nov 2024 17:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215296
IP address blocks: 2a10:ccc0:140::/44 maxlen: 48
2a10:ccc0:140::/48 maxlen: 48
2a10:ccc0:141::/48 maxlen: 48
2a10:ccc0:142::/48 maxlen: 48
2a10:ccc0:14a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 17:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:5f:21:7d:df:fd:fe:db:3f:7a:69:6c:21:03:9a:32:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 24 17:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f7829256be0aec6c43a3a701941bf920bb0c44d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:be:a9:43:9d:b8:12:f5:df:e8:18:ef:c7:c7:
49:98:6f:70:55:7e:0d:5b:6b:af:59:12:dd:8e:18:
d8:1d:cf:b4:1b:f1:c1:82:7c:61:97:6d:c5:38:6a:
c8:5c:6e:c0:44:46:3f:ff:9e:10:ca:df:b0:85:f0:
77:40:6b:1b:e2:01:23:c1:e2:a0:9e:47:e5:12:7c:
1e:b6:63:6f:80:58:5a:79:7e:3d:9a:a6:a2:7c:b1:
c5:1a:3f:94:e6:17:b9:dc:68:37:15:0f:ef:b3:50:
99:1b:90:b2:cc:36:57:fd:b7:b2:2b:3f:58:92:44:
54:1b:c4:be:a7:6a:4a:64:9f:23:2e:50:23:08:1b:
0a:f3:fa:48:af:aa:ab:27:36:e3:c9:0d:e6:fd:42:
ed:0c:6f:24:69:68:04:80:17:82:65:1f:04:2b:59:
0c:e5:f2:3f:b7:30:d6:7a:53:21:e7:8a:e2:5c:51:
86:74:ad:80:c5:3f:98:83:d4:89:ad:92:21:87:0e:
d1:94:08:99:60:4f:d8:ae:75:a9:57:16:75:0f:16:
c7:0c:b6:94:86:7f:5f:bf:4c:d9:e7:96:e0:90:7e:
c5:8f:e5:ad:58:46:9a:ee:1b:f6:5b:c9:76:b3:3a:
c8:95:13:25:09:de:78:04:a3:4a:8a:13:24:4c:9f:
1f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:78:29:25:6B:E0:AE:C6:C4:3A:3A:70:19:41:BF:92:0B:B0:C4:4D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/n3gpJWvgrsbEOjpwGUG_kguwxE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc0:140::/44
Signature Algorithm: sha256WithRSAEncryption
a6:e3:ab:71:68:e6:f1:6b:bd:2d:a4:b3:48:b4:a6:81:e0:ec:
c2:1c:02:2c:e7:16:a8:35:ad:10:da:3a:9a:18:78:24:fa:f7:
29:70:9c:44:1d:66:7e:37:23:34:40:7b:c0:7f:a4:b7:6c:7c:
0e:5a:65:4e:b0:f0:af:ea:cd:ed:66:ba:d2:25:94:47:45:86:
05:93:9e:52:fd:38:04:06:20:35:c9:60:d8:55:ca:7f:2b:9f:
b2:53:a3:21:2c:1c:b8:f1:b9:60:0e:e2:43:03:14:d6:54:b2:
0a:22:0d:c8:81:33:31:ed:15:2d:30:97:0f:5b:e0:a8:fb:78:
2d:0f:bd:cd:c6:27:eb:69:25:83:c2:8d:8b:d4:b5:d7:39:80:
28:ea:12:62:2c:66:67:fb:11:07:70:04:d9:2a:63:2b:19:42:
ec:f4:08:80:01:6a:e5:9a:f3:9c:67:f8:bb:37:84:34:db:60:
d7:d2:11:d4:0d:ec:35:8b:93:bd:85:22:52:0c:d2:f4:43:bf:
fe:24:67:ff:a0:73:1b:aa:8a:76:4e:cb:66:ec:4c:e6:61:03:
f8:35:2e:7f:a9:6a:9e:33:21:94:b9:51:9e:c7:9a:e4:2a:ee:
c8:bc:60:ee:c1:54:84:6a:f7:de:7b:7b:33:e4:a6:f3:56:7b:
ca:c2:4c:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZNfIX3f/f7bP3ppbCEDmjIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTI0MTcwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjc4MjkyNTZiZTBhZWM2YzQzYTNhNzAxOTQxYmY5MjBiYjBjNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzL6pQ524EvXf6Bjvx8dJmG9wVX4N
W2uvWRLdjhjYHc+0G/HBgnxhl23FOGrIXG7AREY//54Qyt+whfB3QGsb4gEjweKg
nkflEnwetmNvgFhaeX49mqaifLHFGj+U5he53Gg3FQ/vs1CZG5CyzDZX/beyKz9Y
kkRUG8S+p2pKZJ8jLlAjCBsK8/pIr6qrJzbjyQ3m/ULtDG8kaWgEgBeCZR8EK1kM
5fI/tzDWelMh54riXFGGdK2AxT+Yg9SJrZIhhw7RlAiZYE/YrnWpVxZ1DxbHDLaU
hn9fv0zZ55bgkH7Fj+WtWEaa7hv2W8l2szrIlRMlCd54BKNKihMkTJ8fjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ94KSVr4K7GxDo6cBlBv5ILsMRNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbjNncEpXdmdyc2JFT2pwd0dVR19rZ3V3eEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMwAFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCm46txaObxa70tpLNItKaB4OzCHAIs5xaoNa0Q
2jqaGHgk+vcpcJxEHWZ+NyM0QHvAf6S3bHwOWmVOsPCv6s3tZrrSJZRHRYYFk55S
/TgEBiA1yWDYVcp/K5+yU6MhLBy48blgDuJDAxTWVLIKIg3IgTMx7RUtMJcPW+Co
+3gtD73NxifraSWDwo2L1LXXOYAo6hJiLGZn+xEHcATZKmMrGULs9AiAAWrlmvOc
Z/i7N4Q022DX0hHUDew1i5O9hSJSDNL0Q7/+JGf/oHMbqop2Tstm7EzmYQP4NS5/
qWqeMyGUuVGex5rkKu7IvGDuwVSEavfee3sz5KbzVnvKwkyF
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:23:51 2024 by rpki-client on console-fra.rpki-client.org