Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pRVnA6MEs6h-dV1_gSMi5PtqZyQ.roa
File: pRVnA6MEs6h-dV1_gSMi5PtqZyQ.roa (raw, json)
Hash identifier: jb/aNdP7CQLwEhYyguSEg9YQphignjEHyfV5HIJfrew=
Subject key identifier: A5:15:67:03:A3:04:B3:A8:7E:75:5D:7F:81:23:22:E4:FB:6A:67:24
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD42DDEB34FCB11092BDB8790942A1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pRVnA6MEs6h-dV1_gSMi5PtqZyQ.roa
Signing time: Tue 02 Jan 2024 10:34:32 +0000
ROA not before: Tue 02 Jan 2024 10:34:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212270
IP address blocks: 2a0e:b107:1210::/44 maxlen: 48
2a0e:b107:f50::/44 maxlen: 48
2a0e:b107:1510::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:42:dd:eb:34:fc:b1:10:92:bd:b8:79:09:42:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5156703a304b3a87e755d7f812322e4fb6a6724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:7c:eb:24:29:d0:0c:f6:e5:53:63:36:41:
05:08:e3:73:59:2a:f3:fb:19:38:88:8e:d6:87:5f:
0c:45:27:ae:9b:10:2a:8f:aa:59:26:4b:66:90:33:
f0:9e:34:75:1f:61:18:f6:e2:76:c6:d8:2f:02:c7:
2d:8d:00:46:e5:7f:ae:19:2d:50:d1:05:c7:56:35:
fb:63:7e:22:0e:53:cc:7f:06:f4:3d:71:24:c2:ad:
37:1f:90:28:9c:70:57:b8:25:a5:6d:3b:b4:f1:75:
de:bd:18:e3:58:2e:4f:07:d5:7b:7b:47:10:ca:d9:
8b:93:aa:66:b1:2e:79:d1:9c:25:34:14:d6:bc:d0:
a3:0e:45:ca:33:6e:8e:39:4f:88:e6:d0:82:3e:be:
66:ca:d9:f1:de:d3:41:fb:dc:29:6f:5d:fd:97:79:
a6:14:a3:05:e2:80:e2:c0:4b:f8:35:e4:45:1c:71:
c2:bc:66:d6:13:eb:2a:c5:76:1d:cd:a0:02:77:d5:
86:af:56:96:ab:43:e9:49:12:d3:5c:e4:7c:f4:38:
2d:18:f9:46:dd:a6:c4:d8:bc:14:42:f5:78:7c:22:
8b:28:35:86:d5:ab:f8:42:84:d0:7b:8f:92:57:e7:
1c:29:0b:17:a6:4b:80:05:a5:ad:2e:4b:da:d4:76:
11:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:15:67:03:A3:04:B3:A8:7E:75:5D:7F:81:23:22:E4:FB:6A:67:24
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/pRVnA6MEs6h-dV1_gSMi5PtqZyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:f50::/44
2a0e:b107:1210::/44
2a0e:b107:1510::/44
Signature Algorithm: sha256WithRSAEncryption
6d:97:34:83:a5:43:81:ec:4a:6e:55:9d:2d:5d:e0:ec:65:98:
12:b7:db:28:5d:26:6b:ed:96:45:a7:a9:85:f4:b1:81:2a:41:
f2:9b:a6:a8:aa:70:88:ba:2f:30:3f:07:bb:d6:fc:a7:d8:13:
19:1d:05:35:53:1f:2c:2e:37:bc:f0:83:61:cc:bc:9f:b0:d4:
06:bf:34:9f:31:b4:86:be:2f:3e:7a:9f:15:f7:f0:55:98:5a:
78:7c:87:8b:27:dc:76:ff:51:aa:90:0d:1c:03:86:6d:b9:df:
86:37:94:d1:dd:0a:4c:6a:1c:c3:91:f4:e8:90:57:fd:3a:37:
8c:97:f0:26:99:03:71:96:5b:61:59:6e:82:c3:93:92:25:bf:
d6:44:d2:30:10:b8:85:e4:cc:53:4b:60:41:bb:cf:7b:70:38:
e1:e6:08:d0:66:b2:aa:d2:48:8a:5a:8f:c1:4f:8d:9a:41:48:
54:ed:2a:a5:26:39:c5:20:62:f9:56:9b:b5:0d:7a:06:22:8e:
82:03:eb:fa:80:ab:6d:56:52:a2:36:a8:49:d9:c1:5f:27:b5:
3d:9d:ee:86:14:86:92:9a:d3:6c:4e:bc:53:a8:c6:25:52:59:
a8:36:4b:0e:e8:35:9c:1e:6e:30:26:59:1c:15:e2:87:94:db:
83:14:f7:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvULd6zT8sRCSvbh5CUKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTE1NjcwM2EzMDRiM2E4N2U3NTVkN2Y4MTIzMjJlNGZiNmE2NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpN86yQp0Az25VNjNkEFCONzWSrz
+xk4iI7Wh18MRSeumxAqj6pZJktmkDPwnjR1H2EY9uJ2xtgvAsctjQBG5X+uGS1Q
0QXHVjX7Y34iDlPMfwb0PXEkwq03H5AonHBXuCWlbTu08XXevRjjWC5PB9V7e0cQ
ytmLk6pmsS550ZwlNBTWvNCjDkXKM26OOU+I5tCCPr5mytnx3tNB+9wpb139l3mm
FKMF4oDiwEv4NeRFHHHCvGbWE+sqxXYdzaACd9WGr1aWq0PpSRLTXOR89DgtGPlG
3abE2LwUQvV4fCKLKDWG1av4QoTQe4+SV+ccKQsXpkuABaWtLkva1HYRDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKUVZwOjBLOofnVdf4EjIuT7amckMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcFJWbkE2TUVzNmgtZFYxX2dTTWk1UHRxWnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKg6xBw9Q
AwcEKg6xBxIQAwcEKg6xBxUQMA0GCSqGSIb3DQEBCwUAA4IBAQBtlzSDpUOB7Epu
VZ0tXeDsZZgSt9soXSZr7ZZFp6mF9LGBKkHym6aoqnCIui8wPwe71vyn2BMZHQU1
Ux8sLje88INhzLyfsNQGvzSfMbSGvi8+ep8V9/BVmFp4fIeLJ9x2/1GqkA0cA4Zt
ud+GN5TR3QpMahzDkfTokFf9OjeMl/AmmQNxllthWW6Cw5OSJb/WRNIwELiF5MxT
S2BBu897cDjh5gjQZrKq0kiKWo/BT42aQUhU7SqlJjnFIGL5Vpu1DXoGIo6CA+v6
gKttVlKiNqhJ2cFfJ7U9ne6GFIaSmtNsTrxTqMYlUlmoNksO6DWcHm4wJlkcFeKH
lNuDFPck
-----END CERTIFICATE-----
Generated at Fri May 3 11:06:43 2024 by rpki-client on console-ams.rpki-client.org