Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o87KEcvIZPTdAugDV8UCZ6d-fwE.roa
File: o87KEcvIZPTdAugDV8UCZ6d-fwE.roa (raw, json)
Hash identifier: AyoUL5/sPNbDWsXpewjEtiBs8c7c2HBgyZDLx+oiHdA=
Subject key identifier: A3:CE:CA:11:CB:C8:64:F4:DD:02:E8:03:57:C5:02:67:A7:7E:7F:01
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCE9B27FFF55D49A348E7BA6FBE453
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o87KEcvIZPTdAugDV8UCZ6d-fwE.roa
Signing time: Tue 02 Jan 2024 10:34:10 +0000
ROA not before: Tue 02 Jan 2024 10:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198276
IP address blocks: 2a0e:b107:2030::/48 maxlen: 48
2a0e:b107:2035::/48 maxlen: 48
2a0e:b107:203a::/48 maxlen: 48
2a0e:b107:203f::/48 maxlen: 48
2a0e:b107:2034::/48 maxlen: 48
2a0e:b107:2039::/48 maxlen: 48
2a0e:b107:203e::/48 maxlen: 48
2a0e:b107:2033::/48 maxlen: 48
2a0e:b107:2038::/48 maxlen: 48
2a0e:b107:203d::/48 maxlen: 48
2a0e:b107:2030::/44 maxlen: 48
2a0e:b107:2032::/48 maxlen: 48
2a0e:b107:2037::/48 maxlen: 48
2a0e:b107:203c::/48 maxlen: 48
2a0e:b107:2031::/48 maxlen: 48
2a0e:b107:2036::/48 maxlen: 48
2a0e:b107:203b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e9:b2:7f:ff:55:d4:9a:34:8e:7b:a6:fb:e4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3ceca11cbc864f4dd02e80357c50267a77e7f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fe:74:1d:b6:ff:d0:6a:4b:2e:74:1b:ae:16:
9d:7a:a2:51:bc:08:c4:ff:55:14:06:ca:1b:8f:7f:
1c:4c:a8:f3:cc:22:6c:92:70:f4:c4:32:38:37:62:
aa:59:19:c5:77:81:36:f0:77:1e:ac:96:a7:7a:68:
9c:3b:df:54:3a:aa:ec:68:57:68:5d:4e:8e:80:17:
d3:24:9c:fa:c3:9c:3c:66:f5:15:99:86:65:db:dc:
11:d3:5c:82:18:b8:5e:f7:df:81:c6:95:be:7b:48:
08:ee:59:a7:b4:dd:bf:d0:a4:ac:43:7b:67:cf:a0:
2a:60:5f:b3:29:f4:ab:e5:82:10:ec:0d:eb:5a:5a:
a5:b9:ac:5d:6b:a6:36:bc:a5:3d:47:0e:15:f5:bd:
1d:b3:09:c7:b7:4c:6f:94:94:e5:75:5f:80:02:f3:
e0:61:f0:8f:e3:09:69:46:67:93:ac:90:ea:7f:93:
23:90:3d:ab:d5:d7:13:2a:70:45:e1:ae:f0:40:23:
a0:17:79:b9:67:58:3d:f1:36:6c:a2:83:00:f2:6e:
3b:76:8a:07:04:26:31:45:5c:f9:d1:b3:a1:26:ff:
7f:a7:ed:0b:6b:e9:2a:15:9c:22:3f:e3:6b:fa:33:
ae:d8:e2:5c:27:52:d4:fe:98:c9:8e:7a:b2:f8:6a:
48:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CE:CA:11:CB:C8:64:F4:DD:02:E8:03:57:C5:02:67:A7:7E:7F:01
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/o87KEcvIZPTdAugDV8UCZ6d-fwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:2030::/44
Signature Algorithm: sha256WithRSAEncryption
5d:dc:e2:14:a9:43:07:9d:13:a3:9d:9a:cc:12:05:85:a8:c2:
bb:0b:4b:63:d7:99:90:fb:31:22:db:05:72:7a:4c:d7:db:f0:
b7:b0:b2:ec:bc:c8:61:2d:bc:60:e6:57:26:b2:e1:25:01:fc:
b7:01:dd:49:f7:17:e8:c9:50:56:3a:14:73:47:34:0d:c3:cc:
db:23:c3:3b:00:d3:db:17:d1:1f:81:0a:83:3d:4b:00:99:50:
24:75:1c:61:19:fa:79:71:08:60:a5:18:da:3f:60:70:a6:7d:
66:4a:d4:e2:04:ca:92:8c:1d:05:dd:40:9b:27:70:6d:c6:e2:
66:22:06:3d:c5:32:bc:9f:54:af:5a:06:04:62:08:6b:d6:01:
20:cc:ba:ae:b5:98:03:0b:54:cf:55:14:52:7b:2a:4b:82:65:
14:34:48:92:3c:fe:1d:07:5a:ca:0b:e6:87:77:74:ca:05:a6:
62:10:b6:8e:9c:19:3e:c7:3d:28:93:47:7b:9b:09:e7:54:46:
81:63:8d:90:f6:ab:6a:16:8a:5d:2c:7a:49:46:59:19:69:97:
24:41:52:c8:dd:83:b3:ff:12:aa:28:ce:dc:45:45:b3:24:5b:
b0:53:38:63:66:b9:bc:71:1b:65:d5:c7:d3:5f:56:eb:f5:93:
b3:22:86:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvOmyf/9V1Jo0jnum++RTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NlY2ExMWNiYzg2NGY0ZGQwMmU4MDM1N2M1MDI2N2E3N2U3ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP50Hbb/0GpLLnQbrhadeqJRvAjE
/1UUBsobj38cTKjzzCJsknD0xDI4N2KqWRnFd4E28HcerJanemicO99UOqrsaFdo
XU6OgBfTJJz6w5w8ZvUVmYZl29wR01yCGLhe99+BxpW+e0gI7lmntN2/0KSsQ3tn
z6AqYF+zKfSr5YIQ7A3rWlqluaxda6Y2vKU9Rw4V9b0dswnHt0xvlJTldV+AAvPg
YfCP4wlpRmeTrJDqf5MjkD2r1dcTKnBF4a7wQCOgF3m5Z1g98TZsooMA8m47dooH
BCYxRVz50bOhJv9/p+0La+kqFZwiP+Nr+jOu2OJcJ1LU/pjJjnqy+GpIbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKPOyhHLyGT03QLoA1fFAmenfn8BMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbzg3S0VjdklaUFRkQXVnRFY4VUNaNmQtZndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xByAw
MA0GCSqGSIb3DQEBCwUAA4IBAQBd3OIUqUMHnROjnZrMEgWFqMK7C0tj15mQ+zEi
2wVyekzX2/C3sLLsvMhhLbxg5lcmsuElAfy3Ad1J9xfoyVBWOhRzRzQNw8zbI8M7
ANPbF9EfgQqDPUsAmVAkdRxhGfp5cQhgpRjaP2Bwpn1mStTiBMqSjB0F3UCbJ3Bt
xuJmIgY9xTK8n1SvWgYEYghr1gEgzLqutZgDC1TPVRRSeypLgmUUNEiSPP4dB1rK
C+aHd3TKBaZiELaOnBk+xz0ok0d7mwnnVEaBY42Q9qtqFopdLHpJRlkZaZckQVLI
3YOz/xKqKM7cRUWzJFuwUzhjZrm8cRtl1cfTX1br9ZOzIoa3
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:31 2024 by rpki-client on console-fra.rpki-client.org