Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oRI8cfhO4lDhxlBqv2IZ6dMjY38.roa
File: oRI8cfhO4lDhxlBqv2IZ6dMjY38.roa (raw, json)
Hash identifier: yCyS+wHTMrtFg7nyQbS80VwPr79zH13sp12xita/qUo=
Subject key identifier: A1:12:3C:71:F8:4E:E2:50:E1:C6:50:6A:BF:62:19:E9:D3:23:63:7F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01916BCC313226C06B267580EBD2D8683B16
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oRI8cfhO4lDhxlBqv2IZ6dMjY38.roa
Signing time: Mon 19 Aug 2024 18:00:29 +0000
ROA not before: Mon 19 Aug 2024 18:00:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59922
IP address blocks: 2a0e:97c0:f20::/44 maxlen: 48
2a0e:b107:13de::/48 maxlen: 48
2a10:cc44:110::/44 maxlen: 48
2a10:cc44:110::/48 maxlen: 48
2a10:cc44:112::/48 maxlen: 48
2a10:ccc4:2020::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:cc:31:32:26:c0:6b:26:75:80:eb:d2:d8:68:3b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 19 18:00:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1123c71f84ee250e1c6506abf6219e9d323637f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:61:2b:de:d7:7c:e2:09:98:34:ac:8d:a6:
7e:5e:3b:e7:c1:93:c3:f5:8f:ae:8d:31:8d:5c:af:
9f:09:35:b9:be:6c:34:18:26:cf:39:99:01:35:c8:
20:24:9f:e3:97:5a:42:67:f7:18:36:a5:39:92:7a:
e5:29:be:5d:43:85:bd:a6:80:42:43:04:ac:7a:24:
d2:19:4b:20:d2:92:fc:24:10:e7:13:fe:77:c4:09:
b2:f7:35:fd:ec:81:24:96:94:33:87:11:31:3c:0b:
6c:91:a8:5a:a1:23:30:8d:42:85:13:48:d2:76:37:
8e:88:c3:1b:4a:3b:3e:97:69:12:82:8e:36:42:a3:
7c:d3:3e:9c:fd:d8:6a:28:c7:6a:d6:51:6e:0f:72:
73:3e:eb:05:1c:3d:9d:11:e7:5e:ac:07:16:5a:dd:
bb:f6:ab:78:b0:87:79:3e:ba:7a:88:1c:86:d8:2b:
66:7e:24:f0:23:6e:56:13:42:1d:5f:02:e4:60:e7:
53:ee:fc:e5:3b:c5:3c:fe:0e:f3:da:f8:bc:de:14:
12:39:4f:de:cf:6a:f6:a8:ba:28:a6:d1:2b:a8:11:
0d:08:61:b1:43:db:cf:72:c3:72:e0:59:ab:00:13:
48:27:0e:b3:43:e2:e0:80:f7:40:28:99:b2:a6:e3:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:12:3C:71:F8:4E:E2:50:E1:C6:50:6A:BF:62:19:E9:D3:23:63:7F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oRI8cfhO4lDhxlBqv2IZ6dMjY38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:f20::/44
2a0e:b107:13de::/48
2a10:cc44:110::/44
2a10:ccc4:2020::/44
Signature Algorithm: sha256WithRSAEncryption
88:cb:64:36:45:7b:e8:2a:86:ed:30:1b:08:b1:72:83:b5:54:
30:b2:42:38:ee:8e:bc:a5:9c:f0:a1:ba:d0:e9:32:9c:bf:48:
58:8a:ed:a4:e5:be:3f:a8:8a:61:e6:72:37:73:bc:63:02:b3:
06:07:ac:79:37:ca:aa:38:ab:7b:7f:ae:32:35:2e:f6:f3:ba:
c8:3c:3c:aa:be:28:88:f8:7b:ef:48:41:89:cf:97:6a:40:cb:
c8:61:28:f5:0f:cb:a7:67:42:ab:1a:38:dd:dc:46:8b:c9:54:
44:34:b7:27:9b:20:de:50:e3:7e:47:3b:cb:83:e3:e0:81:63:
30:e4:cf:bb:1a:1f:66:60:00:25:79:c5:cc:b9:1c:62:79:6e:
d2:f7:c6:d8:b4:ca:af:55:44:67:86:96:0d:41:f6:38:fd:0d:
1f:e2:0b:c8:ae:1a:6f:4b:15:69:4a:d9:cd:c8:7a:ef:92:20:
d3:8c:a7:81:89:64:91:e2:a9:c0:6b:ef:fc:2b:dd:7b:86:4f:
8f:17:1d:7a:3a:83:6c:09:10:9a:32:69:d8:c2:73:12:dc:2c:
96:97:12:38:92:84:61:8b:dd:e3:bf:91:bd:78:f5:2f:31:46:
ed:f2:76:63:d1:ca:3c:59:7e:62:28:e8:a8:59:b3:85:af:65:
e5:97:9a:17
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZFrzDEyJsBrJnWA69LYaDsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwODE5MTgwMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTEyM2M3MWY4NGVlMjUwZTFjNjUwNmFiZjYyMTllOWQzMjM2MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutlhK97XfOIJmDSsjaZ+XjvnwZPD
9Y+ujTGNXK+fCTW5vmw0GCbPOZkBNcggJJ/jl1pCZ/cYNqU5knrlKb5dQ4W9poBC
QwSseiTSGUsg0pL8JBDnE/53xAmy9zX97IEklpQzhxExPAtskahaoSMwjUKFE0jS
djeOiMMbSjs+l2kSgo42QqN80z6c/dhqKMdq1lFuD3JzPusFHD2dEederAcWWt27
9qt4sId5Prp6iByG2CtmfiTwI25WE0IdXwLkYOdT7vzlO8U8/g7z2vi83hQSOU/e
z2r2qLooptErqBENCGGxQ9vPcsNy4FmrABNIJw6zQ+LggPdAKJmypuMwoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKESPHH4TuJQ4cZQar9iGenTI2N/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb1JJOGNmaE80bERoeGxCcXYySVo2ZE1qWTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XwA8g
AwcAKg6xBxPeAwcEKhDMRAEQAwcEKhDMxCAgMA0GCSqGSIb3DQEBCwUAA4IBAQCI
y2Q2RXvoKobtMBsIsXKDtVQwskI47o68pZzwobrQ6TKcv0hYiu2k5b4/qIph5nI3
c7xjArMGB6x5N8qqOKt7f64yNS7287rIPDyqviiI+HvvSEGJz5dqQMvIYSj1D8un
Z0KrGjjd3EaLyVRENLcnmyDeUON+RzvLg+PggWMw5M+7Gh9mYAAlecXMuRxieW7S
98bYtMqvVURnhpYNQfY4/Q0f4gvIrhpvSxVpStnNyHrvkiDTjKeBiWSR4qnAa+/8
K917hk+PFx16OoNsCRCaMmnYwnMS3CyWlxI4koRhi93jv5G9ePUvMUbt8nZj0co8
WX5iKOioWbOFr2Xll5oX
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:31 2024 by rpki-client on console-fra.rpki-client.org