Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u_oytU7Mrz0WS5ScM_q6Vw2uJyY.roa
File: u_oytU7Mrz0WS5ScM_q6Vw2uJyY.roa (raw, json)
Hash identifier: w+eM921AkMNZZglmdjheVG6xC5IZO8461PxraBpFbBE=
Subject key identifier: BB:FA:32:B5:4E:CC:AF:3D:16:4B:94:9C:33:FA:BA:57:0D:AE:27:26
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD44C43C108EE28D837122909C339D
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u_oytU7Mrz0WS5ScM_q6Vw2uJyY.roa
Signing time: Tue 02 Jan 2024 10:34:33 +0000
ROA not before: Tue 02 Jan 2024 10:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212427
IP address blocks: 2a0e:97c0:810::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:44:c4:3c:10:8e:e2:8d:83:71:22:90:9c:33:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbfa32b54eccaf3d164b949c33faba570dae2726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:aa:c4:d8:b7:4b:a9:94:59:e0:ae:8c:fe:9c:
da:d9:73:c9:5c:6a:00:9d:ab:4d:18:92:38:00:1e:
91:d9:15:f6:79:b4:3e:b8:6e:d7:8f:c2:52:ba:ef:
32:38:82:ff:3e:62:9e:d7:06:f3:1f:ef:d6:5f:6d:
4d:49:00:38:0b:e8:3b:59:4b:50:86:fa:58:93:81:
90:21:e2:43:f6:ce:46:82:57:87:07:41:0f:a7:d8:
dc:9a:a5:69:b7:52:ea:66:be:ab:87:90:54:a3:f0:
97:82:50:11:69:57:13:b3:81:95:59:18:77:d3:9c:
95:a2:4d:ac:88:aa:28:c7:19:e0:9c:33:b0:98:1d:
36:a8:39:01:0a:17:3e:35:54:60:ed:66:40:c9:88:
34:6f:93:ee:d9:3e:6d:59:c4:a9:21:c3:b5:2e:43:
f9:5a:f5:45:01:cd:9c:ef:25:79:10:0b:92:72:96:
b7:e4:c9:30:77:a2:97:e4:d2:36:66:4b:27:3d:6a:
d9:23:73:72:e5:a3:aa:2f:14:84:9b:0a:c8:3a:67:
e7:c0:46:19:e1:4d:cc:6c:18:82:8c:1a:9a:85:32:
b0:53:65:d7:1d:27:74:f4:17:1a:c5:70:82:5e:c2:
b4:72:9d:5a:ca:5f:dc:65:13:c3:1e:56:05:d5:53:
07:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FA:32:B5:4E:CC:AF:3D:16:4B:94:9C:33:FA:BA:57:0D:AE:27:26
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/u_oytU7Mrz0WS5ScM_q6Vw2uJyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:810::/44
Signature Algorithm: sha256WithRSAEncryption
59:ef:fa:f6:01:da:69:ca:28:4f:60:e6:6d:b5:ff:d6:d3:56:
e5:90:52:98:74:89:1f:5d:62:b3:fd:0b:b3:34:05:27:9d:c5:
11:e5:84:05:a1:d6:9b:af:cf:96:e9:9d:8f:f3:5f:1e:d5:1d:
fb:d6:c6:eb:86:ea:cc:91:ea:61:1d:2d:74:8c:df:c5:36:38:
38:c4:46:b7:2e:c8:ad:18:98:2e:33:5c:32:b4:26:a4:c4:5a:
1e:3c:27:2f:68:5c:5d:e4:c3:2d:1d:0d:3c:6b:01:ec:43:03:
1b:9f:38:93:6a:f0:ee:0f:38:fa:94:9f:e6:a1:14:38:d0:65:
fd:45:c7:09:60:07:a0:17:fa:ee:fb:19:a6:cb:95:98:fc:0d:
04:d9:ca:ba:8b:07:61:66:fa:d3:8d:26:db:68:9e:05:a1:97:
bf:17:98:6c:f8:ea:d6:41:cc:69:0b:1b:a0:63:54:dc:f2:9d:
5e:a6:ba:d9:b0:9c:c2:1e:88:2b:f4:bc:f3:0b:c3:0b:31:9b:
30:e7:60:c7:1f:37:95:11:e2:cd:2e:09:10:94:a2:a8:76:c6:
a6:56:10:57:3c:c2:53:fd:81:4d:77:d3:33:c2:05:1a:59:b5:
1f:2e:4a:76:15:81:c5:f1:e9:4a:29:d1:ff:83:be:fb:44:9a:
d9:6a:ec:3c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvUTEPBCO4o2DcSKQnDOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZhMzJiNTRlY2NhZjNkMTY0Yjk0OWMzM2ZhYmE1NzBkYWUyNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzarE2LdLqZRZ4K6M/pza2XPJXGoA
natNGJI4AB6R2RX2ebQ+uG7Xj8JSuu8yOIL/PmKe1wbzH+/WX21NSQA4C+g7WUtQ
hvpYk4GQIeJD9s5GgleHB0EPp9jcmqVpt1LqZr6rh5BUo/CXglARaVcTs4GVWRh3
05yVok2siKooxxngnDOwmB02qDkBChc+NVRg7WZAyYg0b5Pu2T5tWcSpIcO1LkP5
WvVFAc2c7yV5EAuScpa35Mkwd6KX5NI2ZksnPWrZI3Ny5aOqLxSEmwrIOmfnwEYZ
4U3MbBiCjBqahTKwU2XXHSd09BcaxXCCXsK0cp1ayl/cZRPDHlYF1VMHcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLv6MrVOzK89FkuUnDP6ulcNricmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdV9veXRVN01yejBXUzVTY01fcTZWdzJ1SnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBZ7/r2AdppyihPYOZttf/W01blkFKYdIkfXWKz
/QuzNAUnncUR5YQFodabr8+W6Z2P818e1R371sbrhurMkephHS10jN/FNjg4xEa3
LsitGJguM1wytCakxFoePCcvaFxd5MMtHQ08awHsQwMbnziTavDuDzj6lJ/moRQ4
0GX9RccJYAegF/ru+xmmy5WY/A0E2cq6iwdhZvrTjSbbaJ4FoZe/F5hs+OrWQcxp
CxugY1Tc8p1eprrZsJzCHogr9LzzC8MLMZsw52DHHzeVEeLNLgkQlKKodsamVhBX
PMJT/YFNd9MzwgUaWbUfLkp2FYHF8elKKdH/g777RJrZauw8
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:07:59 2024 by rpki-client on console-ams.rpki-client.org