Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wrUbij6Om4RQVfcolbZmKHh8gMM.roa
File: wrUbij6Om4RQVfcolbZmKHh8gMM.roa (raw, json)
Hash identifier: LpDz5wCz6wU9BgcVvKn0xLFqMuhrSi95ArlVWYoMerg=
Subject key identifier: C2:B5:1B:8A:3E:8E:9B:84:50:55:F7:28:95:B6:66:28:78:7C:80:C3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCFEB74CBDE9F06F62269FC921FC70
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wrUbij6Om4RQVfcolbZmKHh8gMM.roa
Signing time: Tue 02 Jan 2024 10:34:15 +0000
ROA not before: Tue 02 Jan 2024 10:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202340
IP address blocks: 2a10:cc40:212::/48 maxlen: 48
2a10:cc40:215::/48 maxlen: 48
2a10:cc40:210::/44 maxlen: 48
2a10:cc40:213::/48 maxlen: 48
2a10:cc40:211::/48 maxlen: 48
2a10:cc40:214::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:fe:b7:4c:bd:e9:f0:6f:62:26:9f:c9:21:fc:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2b51b8a3e8e9b845055f72895b66628787c80c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f4:cd:bc:68:96:ae:26:d4:53:15:45:b6:15:
51:73:9a:0e:f5:ac:70:00:78:81:1f:18:e4:bc:bf:
17:6f:b1:5a:3d:28:77:0d:74:f2:17:cf:87:f4:7f:
4d:d6:65:ac:d1:de:26:5f:2e:c0:7e:85:9d:e5:db:
a7:a3:d8:fe:5e:c7:26:9f:c0:ed:aa:17:72:57:36:
d3:7c:b2:98:a6:96:52:76:c9:65:a5:aa:9f:04:1e:
11:36:f0:cc:02:6f:f6:e6:8a:1d:d9:f4:6a:f5:75:
ef:5b:9c:3b:50:71:cf:63:32:8e:66:91:af:7c:6a:
1c:ea:fd:d5:84:0e:51:34:3d:e3:ac:fb:f3:0c:4d:
33:12:ba:9c:66:fa:59:ac:64:49:6c:1e:e4:fb:d9:
0d:da:05:81:4a:2e:0e:60:65:9a:a8:41:07:b0:d4:
52:b7:53:a0:d8:5b:44:59:b5:f0:1e:7b:e2:61:1a:
2d:85:43:24:68:84:f6:30:cb:66:4b:bf:e6:dd:ab:
36:7d:9f:da:07:35:11:e6:58:44:65:b7:90:4f:0c:
f7:6d:8d:a9:1c:15:37:11:44:31:d7:f2:d1:57:11:
b1:b0:2b:9d:5c:d9:ed:67:12:72:f6:2f:06:97:aa:
44:ab:6a:eb:1d:6b:3b:e4:78:65:1d:14:12:32:c7:
d6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B5:1B:8A:3E:8E:9B:84:50:55:F7:28:95:B6:66:28:78:7C:80:C3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wrUbij6Om4RQVfcolbZmKHh8gMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc40:210::/44
Signature Algorithm: sha256WithRSAEncryption
2c:ad:87:79:1d:9b:b3:24:42:60:3c:55:50:ed:94:82:62:f7:
96:d7:cb:3b:9b:7c:96:87:e7:9b:96:9c:2e:b7:65:ce:c1:8a:
18:fe:58:3a:16:53:c6:bb:35:4f:11:9d:49:a3:d2:a5:c1:f2:
86:a0:b8:8e:ce:95:fb:7f:a6:f7:93:df:0a:47:99:24:5c:00:
8d:07:ea:16:c4:76:73:3b:a5:73:21:a8:3b:2c:35:7f:23:50:
65:78:7f:2c:53:9e:46:60:7c:b7:79:77:3d:8d:46:3d:bc:aa:
f7:c7:78:34:90:93:18:91:0f:d9:7f:3e:aa:03:1c:27:40:b4:
a5:46:6c:3b:b7:60:fb:a3:cc:a7:d0:b6:ae:2d:3e:1d:ec:fe:
aa:c0:7d:8e:04:96:cb:b2:00:0d:59:da:da:fd:42:7b:66:da:
7e:ae:a2:0f:c7:56:95:96:39:1b:6f:52:7f:56:95:a8:50:0c:
36:17:27:62:e4:a0:a9:27:1a:9d:29:6c:c8:3d:45:02:dc:e3:
1e:2b:e1:48:04:ba:1a:ea:09:db:25:a4:7a:36:88:97:61:cc:
d9:d1:f0:00:2b:f4:46:4c:88:1d:35:34:6b:68:52:b3:ab:9d:
82:e7:d9:1b:a1:d9:24:f0:ed:42:56:6a:3b:84:61:39:3d:20:
38:b1:6a:d4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvP63TL3p8G9iJp/JIfxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI1MWI4YTNlOGU5Yjg0NTA1NWY3Mjg5NWI2NjYyODc4N2M4MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/TNvGiWribUUxVFthVRc5oO9axw
AHiBHxjkvL8Xb7FaPSh3DXTyF8+H9H9N1mWs0d4mXy7AfoWd5duno9j+Xscmn8Dt
qhdyVzbTfLKYppZSdsllpaqfBB4RNvDMAm/25ood2fRq9XXvW5w7UHHPYzKOZpGv
fGoc6v3VhA5RND3jrPvzDE0zErqcZvpZrGRJbB7k+9kN2gWBSi4OYGWaqEEHsNRS
t1Og2FtEWbXwHnviYRothUMkaIT2MMtmS7/m3as2fZ/aBzUR5lhEZbeQTwz3bY2p
HBU3EUQx1/LRVxGxsCudXNntZxJy9i8Gl6pEq2rrHWs75HhlHRQSMsfWPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMK1G4o+jpuEUFX3KJW2Zih4fIDDMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd3JVYmlqNk9tNFJRVmZjb2xiWm1LSGg4Z01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMQAIQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAsrYd5HZuzJEJgPFVQ7ZSCYveW18s7m3yWh+eb
lpwut2XOwYoY/lg6FlPGuzVPEZ1Jo9KlwfKGoLiOzpX7f6b3k98KR5kkXACNB+oW
xHZzO6VzIag7LDV/I1BleH8sU55GYHy3eXc9jUY9vKr3x3g0kJMYkQ/Zfz6qAxwn
QLSlRmw7t2D7o8yn0LauLT4d7P6qwH2OBJbLsgANWdra/UJ7Ztp+rqIPx1aVljkb
b1J/VpWoUAw2Fydi5KCpJxqdKWzIPUUC3OMeK+FIBLoa6gnbJaR6NoiXYczZ0fAA
K/RGTIgdNTRraFKzq52C59kbodkk8O1CVmo7hGE5PSA4sWrU
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:32 2024 by rpki-client on console-fra.rpki-client.org