Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uVJGjgY2DDXp0rwpLGsXhkcglS0.roa
File: uVJGjgY2DDXp0rwpLGsXhkcglS0.roa (raw, json)
Hash identifier: SitTh6kYNfCqosTOw7I/7JpWjwCEGDCXNvKVN31cPJ4=
Subject key identifier: B9:52:46:8E:06:36:0C:35:E9:D2:BC:29:2C:6B:17:86:47:20:95:2D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D2590F26671A5177361C9B2408BCC03C4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uVJGjgY2DDXp0rwpLGsXhkcglS0.roa
Signing time: Sat 20 Jan 2024 06:31:12 +0000
ROA not before: Sat 20 Jan 2024 06:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141232
IP address blocks: 2a10:ccc1:105::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:25:90:f2:66:71:a5:17:73:61:c9:b2:40:8b:cc:03:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 20 06:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b952468e06360c35e9d2bc292c6b17864720952d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f4:85:00:7a:a1:25:f6:10:94:e7:61:0f:73:
c9:4f:9f:62:a9:76:34:7e:20:9a:72:80:43:44:56:
df:e1:07:78:14:5e:e6:c4:a0:44:d6:63:f7:79:d7:
a1:19:c4:a7:5e:62:16:78:f7:64:f9:9a:91:23:2b:
c1:34:9a:6f:99:fd:d9:a8:1e:44:6b:79:55:26:c3:
bf:fe:b4:5f:16:51:d7:1c:0a:81:47:51:bd:e9:88:
3c:7d:f7:71:e1:02:86:21:3b:9c:55:c5:b3:65:f0:
b5:d1:44:66:47:74:2e:df:5c:10:17:de:26:6d:1f:
2f:0e:84:de:e5:5b:ed:f0:2c:73:f8:c3:a5:8c:65:
61:cd:f8:42:75:97:00:11:d2:62:a7:44:7a:87:5e:
3b:46:b4:7b:2f:1a:59:03:19:60:ca:6a:b8:74:ee:
d4:ea:ff:e9:0c:57:e1:5d:37:e7:70:9f:60:f6:25:
c7:60:9e:e4:fc:e3:69:fd:f2:7d:ce:bd:76:03:24:
8a:5f:88:8d:1c:fe:45:40:cf:e9:68:70:c2:df:62:
0d:aa:0b:cd:a2:19:4b:ef:7f:c4:08:d8:7f:ec:fa:
8d:78:a4:74:4d:c4:a6:a8:e6:23:98:a0:1a:89:8b:
4c:8f:e0:75:eb:16:3a:df:91:d6:4a:5d:fc:fa:4a:
a5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:52:46:8E:06:36:0C:35:E9:D2:BC:29:2C:6B:17:86:47:20:95:2D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uVJGjgY2DDXp0rwpLGsXhkcglS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc1:105::/48
Signature Algorithm: sha256WithRSAEncryption
34:e5:3e:5d:c2:4b:59:ad:14:d1:39:0d:51:b0:fb:08:d8:f1:
14:7f:67:f3:44:52:f2:73:09:7f:0f:8d:c0:9f:25:b4:5d:6c:
cd:15:67:5c:0c:8b:bd:e2:22:62:ad:c3:ca:9f:7c:67:70:f5:
54:5f:31:62:7c:37:c8:ef:84:d8:f7:32:01:51:75:29:19:3f:
08:13:fe:28:91:7f:11:8b:ab:71:2f:d7:cb:84:1e:dd:0e:ea:
ef:5c:d0:2a:91:34:d9:48:c2:27:70:db:16:73:f1:40:21:ed:
30:2b:a8:88:d2:57:ff:da:9f:78:f6:74:30:aa:82:da:df:c0:
9d:2f:77:e4:c9:bd:9a:f0:3a:e7:e8:32:94:a1:22:a3:1a:f7:
d9:9c:b2:76:f2:4c:2c:c0:57:87:77:5f:bd:20:82:a9:04:05:
76:9b:b3:e1:64:16:28:48:d7:a3:71:69:42:08:6c:15:cb:1d:
31:52:e3:4c:be:70:dc:0b:ca:a1:1f:a9:da:a8:e9:ca:12:f5:
98:17:4f:9d:ee:67:01:dc:6f:d6:bd:8c:22:51:90:5a:9b:dd:
74:d0:52:c7:58:bb:6d:a8:3d:f7:86:5d:d4:d6:bf:3c:a1:52:
82:4b:22:43:b4:d9:09:5e:5d:ac:e7:19:9b:e6:78:bb:75:32:
5b:d3:04:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0lkPJmcaUXc2HJskCLzAPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTIwMDYzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTUyNDY4ZTA2MzYwYzM1ZTlkMmJjMjkyYzZiMTc4NjQ3MjA5NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/SFAHqhJfYQlOdhD3PJT59iqXY0
fiCacoBDRFbf4Qd4FF7mxKBE1mP3edehGcSnXmIWePdk+ZqRIyvBNJpvmf3ZqB5E
a3lVJsO//rRfFlHXHAqBR1G96Yg8ffdx4QKGITucVcWzZfC10URmR3Qu31wQF94m
bR8vDoTe5Vvt8Cxz+MOljGVhzfhCdZcAEdJip0R6h147RrR7LxpZAxlgymq4dO7U
6v/pDFfhXTfncJ9g9iXHYJ7k/ONp/fJ9zr12AySKX4iNHP5FQM/paHDC32INqgvN
ohlL73/ECNh/7PqNeKR0TcSmqOYjmKAaiYtMj+B16xY635HWSl38+kqlBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLlSRo4GNgw16dK8KSxrF4ZHIJUtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdVZKR2pnWTJERFhwMHJ3cExHc1hoa2NnbFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhDMwQEF
MA0GCSqGSIb3DQEBCwUAA4IBAQA05T5dwktZrRTROQ1RsPsI2PEUf2fzRFLycwl/
D43AnyW0XWzNFWdcDIu94iJircPKn3xncPVUXzFifDfI74TY9zIBUXUpGT8IE/4o
kX8Ri6txL9fLhB7dDurvXNAqkTTZSMIncNsWc/FAIe0wK6iI0lf/2p949nQwqoLa
38CdL3fkyb2a8Drn6DKUoSKjGvfZnLJ28kwswFeHd1+9IIKpBAV2m7PhZBYoSNej
cWlCCGwVyx0xUuNMvnDcC8qhH6naqOnKEvWYF0+d7mcB3G/WvYwiUZBam9100FLH
WLttqD33hl3U1r88oVKCSyJDtNkJXl2s5xmb5ni7dTJb0wR0
-----END CERTIFICATE-----
Generated at Fri May 3 08:41:06 2024 by rpki-client on console-ams.rpki-client.org