Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qBWI7SNfwI9pp8qwTsmHUohz90Q.roa
File: qBWI7SNfwI9pp8qwTsmHUohz90Q.roa (raw, json)
Hash identifier: 0a7U353/pnggB9QroGJeGllEgSX2fxTfKvfeibOSWK4=
Subject key identifier: A8:15:88:ED:23:5F:C0:8F:69:A7:CA:B0:4E:C9:87:52:88:73:F7:44
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CF25EB29BDADA511B8219547DE5975A63
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qBWI7SNfwI9pp8qwTsmHUohz90Q.roa
Signing time: Wed 10 Jan 2024 07:55:41 +0000
ROA not before: Wed 10 Jan 2024 07:55:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212129
IP address blocks: 2a0e:b107:eff::/48 maxlen: 48
2a10:2f00:160::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 09:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:5e:b2:9b:da:da:51:1b:82:19:54:7d:e5:97:5a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 10 07:55:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a81588ed235fc08f69a7cab04ec987528873f744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:83:74:d6:77:9f:a7:42:73:e2:b2:64:e0:
03:a5:7c:16:c0:e1:de:0d:7a:c7:9d:39:ae:54:6f:
ac:c7:47:f0:56:aa:a1:39:2c:56:af:44:65:f9:5a:
1d:25:fc:88:bb:c3:f3:f7:00:e1:f0:26:91:fe:50:
b6:c4:1d:f2:27:82:17:90:53:c6:2b:f3:d1:d1:51:
92:55:d8:33:48:01:29:db:0e:6a:16:0d:b2:fd:0f:
26:0c:93:c4:37:2f:61:87:77:cb:9b:44:6c:cf:e2:
06:9b:63:7f:f8:47:56:ed:f1:c2:82:48:61:b9:a3:
98:02:a7:e1:29:85:a3:21:b5:12:7c:24:2e:0b:4e:
98:65:5e:52:a7:95:33:dc:5a:c6:1b:6b:12:95:9b:
40:55:d0:7d:ba:7a:be:1d:2a:5b:f9:42:d9:d5:d4:
3d:9b:36:0e:fe:e8:97:71:a9:65:05:44:5c:e2:31:
a8:22:92:db:27:e5:06:42:1f:9d:70:9c:a6:cd:2c:
cf:a0:1f:8f:29:9a:82:f9:72:c1:22:b5:33:6c:cf:
45:03:67:a1:87:ed:c9:dd:cf:4c:81:a0:7d:2a:be:
4d:cc:34:a3:08:b7:01:88:93:49:9f:de:e6:10:f7:
b8:cf:d0:ba:8a:fe:e4:ec:6f:1f:c5:80:38:77:ba:
cf:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:15:88:ED:23:5F:C0:8F:69:A7:CA:B0:4E:C9:87:52:88:73:F7:44
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/qBWI7SNfwI9pp8qwTsmHUohz90Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:eff::/48
2a10:2f00:160::/48
Signature Algorithm: sha256WithRSAEncryption
03:31:4f:01:cc:a1:12:dd:4d:50:a9:c6:e4:37:67:f5:eb:50:
de:c9:8a:c3:88:76:52:58:72:af:98:19:11:67:01:b6:59:e1:
e8:1a:dc:66:ab:8e:6c:b2:f1:54:df:36:d3:b9:4b:84:4e:98:
55:47:7f:5c:c3:8f:32:97:f2:8e:38:6b:bc:53:0b:5d:e2:f7:
ca:ca:a9:1c:1f:75:a9:b3:dd:86:4d:7f:bf:be:b7:ed:e3:75:
a9:59:da:21:36:3c:f5:fb:a7:3f:a3:fe:98:1d:d5:a4:0d:52:
40:db:59:9f:13:88:32:f4:51:42:51:d8:f9:a5:a7:03:9f:d4:
4a:73:9c:e6:31:96:2c:e8:b3:42:af:20:db:b3:01:38:b8:9f:
a2:4f:93:c1:d0:2f:39:4a:e6:f9:1e:0c:11:bc:2f:f8:8d:43:
e3:a9:bc:52:2e:a6:16:f9:6c:d8:b1:f2:6a:f3:1d:8f:16:5b:
f9:42:b1:b0:eb:1a:37:e8:c6:d0:15:32:62:50:57:4b:46:92:
66:34:2e:fb:7a:6a:5b:49:2e:28:10:46:05:cd:15:fa:cd:9c:
a5:b6:a8:78:3e:79:b9:8c:f4:ba:98:41:d9:c3:ea:fa:ce:45:
b4:be:48:e4:f0:e1:4c:75:a3:6e:d9:87:4e:19:a3:61:b4:42:
30:f1:ec:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzyXrKb2tpRG4IZVH3ll1pjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTEwMDc1NTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE1ODhlZDIzNWZjMDhmNjlhN2NhYjA0ZWM5ODc1Mjg4NzNmNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOWDdNZ3n6dCc+KyZOADpXwWwOHe
DXrHnTmuVG+sx0fwVqqhOSxWr0Rl+VodJfyIu8Pz9wDh8CaR/lC2xB3yJ4IXkFPG
K/PR0VGSVdgzSAEp2w5qFg2y/Q8mDJPENy9hh3fLm0Rsz+IGm2N/+EdW7fHCgkhh
uaOYAqfhKYWjIbUSfCQuC06YZV5Sp5Uz3FrGG2sSlZtAVdB9unq+HSpb+ULZ1dQ9
mzYO/uiXcallBURc4jGoIpLbJ+UGQh+dcJymzSzPoB+PKZqC+XLBIrUzbM9FA2eh
h+3J3c9MgaB9Kr5NzDSjCLcBiJNJn97mEPe4z9C6iv7k7G8fxYA4d7rP3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKgViO0jX8CPaafKsE7Jh1KIc/dEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcUJXSTdTTmZ3STlwcDhxd1RzbUhVb2h6OTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBw7/
AwcAKhAvAAFgMA0GCSqGSIb3DQEBCwUAA4IBAQADMU8BzKES3U1QqcbkN2f161De
yYrDiHZSWHKvmBkRZwG2WeHoGtxmq45ssvFU3zbTuUuETphVR39cw48yl/KOOGu8
Uwtd4vfKyqkcH3Wps92GTX+/vrft43WpWdohNjz1+6c/o/6YHdWkDVJA21mfE4gy
9FFCUdj5pacDn9RKc5zmMZYs6LNCryDbswE4uJ+iT5PB0C85Sub5HgwRvC/4jUPj
qbxSLqYW+WzYsfJq8x2PFlv5QrGw6xo36MbQFTJiUFdLRpJmNC77empbSS4oEEYF
zRX6zZyltqh4Pnm5jPS6mEHZw+r6zkW0vkjk8OFMdaNu2YdOGaNhtEIw8exi
-----END CERTIFICATE-----
Generated at Fri May 3 13:17:53 2024 by rpki-client on console-ams.rpki-client.org