Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/okUGuZ8lAnXlztCzDSqnAkYoSp4.roa
File: okUGuZ8lAnXlztCzDSqnAkYoSp4.roa (raw, json)
Hash identifier: u+iyOsFtlhJAjpSmZYWoVYz0XHtqVP53qDw933OtosI=
Subject key identifier: A2:45:06:B9:9F:25:02:75:E5:CE:D0:B3:0D:2A:A7:02:46:28:4A:9E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD0120497179D5A64C4712C653484C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/okUGuZ8lAnXlztCzDSqnAkYoSp4.roa
Signing time: Tue 02 Jan 2024 10:34:16 +0000
ROA not before: Tue 02 Jan 2024 10:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202929
IP address blocks: 2a0e:97c0:510::/47 maxlen: 48
2a0e:97c0:513::/48 maxlen: 48
2a0e:97c0:514::/47 maxlen: 48
2a0e:97c0:512::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:01:20:49:71:79:d5:a6:4c:47:12:c6:53:48:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a24506b99f250275e5ced0b30d2aa70246284a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:50:14:dd:7d:a5:fe:1a:1f:8b:35:a7:b5:20:
21:5a:50:47:2a:f1:51:af:86:03:a4:41:06:49:db:
fe:a3:e8:a6:44:83:fb:1c:44:9e:33:2c:eb:b6:07:
7b:ff:86:aa:20:8b:14:f4:52:60:6b:33:90:37:2c:
cd:3b:22:b7:93:c2:5e:ba:e8:89:aa:db:2d:41:20:
d9:70:af:4f:eb:2b:2d:8e:e3:77:2b:ec:44:ab:ca:
f7:c1:11:46:80:4c:5b:02:f4:b8:1e:6e:3a:25:23:
54:f3:37:1f:7f:a5:a6:08:23:61:f3:77:e3:4c:8e:
26:ec:87:2b:30:00:1f:9c:29:e1:0e:21:b2:29:91:
74:24:65:61:59:41:7c:97:f6:22:73:8c:b7:06:f5:
df:f5:ab:4c:da:f4:74:a8:39:5b:7f:20:1b:c4:91:
bf:01:3c:57:81:a8:93:ec:04:c9:6c:22:eb:5a:88:
64:86:e5:b5:93:f8:27:e6:10:9e:e8:40:58:e9:a7:
fb:67:2a:03:86:f3:d3:db:fa:b5:75:45:72:cd:de:
a0:08:1c:24:30:b9:57:b1:96:1c:17:a9:2c:ee:4b:
40:8c:5f:68:38:9f:65:76:cb:32:a8:71:b1:91:08:
6d:94:27:47:b1:54:6f:fa:42:c7:b5:26:94:05:e7:
72:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:45:06:B9:9F:25:02:75:E5:CE:D0:B3:0D:2A:A7:02:46:28:4A:9E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/okUGuZ8lAnXlztCzDSqnAkYoSp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:510::-2a0e:97c0:515:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
36:ac:93:c4:42:22:13:09:17:69:2c:94:2c:64:be:b4:8b:b4:
4e:03:e4:87:d4:dc:1f:53:b7:77:97:15:02:a5:e8:96:09:fd:
60:cc:52:91:98:aa:84:7c:c2:e7:79:19:44:3f:d0:1d:28:06:
68:43:89:5d:b7:82:a3:e3:38:aa:72:f1:01:af:a2:5d:00:b7:
17:08:55:03:7e:09:f2:98:ad:95:73:f6:ba:2b:94:d9:90:0d:
1f:66:ec:94:48:cd:5e:30:ee:76:b7:b9:bf:4f:41:5e:8b:42:
0c:99:37:7a:e9:99:74:eb:0a:99:37:ef:3f:d5:76:c0:e1:bf:
5e:18:30:b0:95:89:18:15:00:86:af:8a:cd:8f:c9:74:82:55:
70:60:72:cf:9e:c8:8f:19:39:26:bb:da:e9:58:58:03:46:9b:
32:b8:a8:dc:60:2a:0d:f2:dd:3a:66:c6:66:ed:b9:e9:fd:00:
7f:13:40:8e:24:a2:72:28:7f:26:8d:67:01:0f:ec:6e:e5:25:
c3:36:3d:e7:98:cf:85:4c:20:de:fb:44:61:ed:ab:ec:19:33:
5f:7b:6e:d6:61:90:d1:67:ed:e7:5e:b7:85:75:05:ad:96:d4:
87:60:51:e3:5a:4a:7d:02:1f:70:5c:28:c6:64:f3:8d:fb:c1:
45:4f:74:a8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJvQEgSXF51aZMRxLGU0hMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ1MDZiOTlmMjUwMjc1ZTVjZWQwYjMwZDJhYTcwMjQ2Mjg0YTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1AU3X2l/hofizWntSAhWlBHKvFR
r4YDpEEGSdv+o+imRIP7HESeMyzrtgd7/4aqIIsU9FJgazOQNyzNOyK3k8JeuuiJ
qtstQSDZcK9P6ystjuN3K+xEq8r3wRFGgExbAvS4Hm46JSNU8zcff6WmCCNh83fj
TI4m7IcrMAAfnCnhDiGyKZF0JGVhWUF8l/Yic4y3BvXf9atM2vR0qDlbfyAbxJG/
ATxXgaiT7ATJbCLrWohkhuW1k/gn5hCe6EBY6af7ZyoDhvPT2/q1dUVyzd6gCBwk
MLlXsZYcF6ks7ktAjF9oOJ9ldssyqHGxkQhtlCdHsVRv+kLHtSaUBedy3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKJFBrmfJQJ15c7Qsw0qpwJGKEqeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb2tVR3VaOGxBblhsenRDekRTcW5Ba1lvU3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwQqDpfA
BRADBwEqDpfABRQwDQYJKoZIhvcNAQELBQADggEBADask8RCIhMJF2kslCxkvrSL
tE4D5IfU3B9Tt3eXFQKl6JYJ/WDMUpGYqoR8wud5GUQ/0B0oBmhDiV23gqPjOKpy
8QGvol0AtxcIVQN+CfKYrZVz9rorlNmQDR9m7JRIzV4w7na3ub9PQV6LQgyZN3rp
mXTrCpk37z/VdsDhv14YMLCViRgVAIavis2PyXSCVXBgcs+eyI8ZOSa72ulYWANG
mzK4qNxgKg3y3Tpmxmbtuen9AH8TQI4konIofyaNZwEP7G7lJcM2PeeYz4VMIN77
RGHtq+wZM197btZhkNFn7edet4V1Ba2W1IdgUeNaSn0CH3BcKMZk8437wUVPdKg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:31 2024 by rpki-client on console-fra.rpki-client.org