Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ynK1SMacqS_MJKOD7x68Wd04l2Q.roa
File: ynK1SMacqS_MJKOD7x68Wd04l2Q.roa (raw, json)
Hash identifier: k6RgysCtN5d+xIX/cMJ8kEpGfCeV5ESxwVvZbwWwReg=
Subject key identifier: CA:72:B5:48:C6:9C:A9:2F:CC:24:A3:83:EF:1E:BC:59:DD:38:97:64
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCE01815C9C55A010E9FCE3B70A9F6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ynK1SMacqS_MJKOD7x68Wd04l2Q.roa
Signing time: Tue 02 Jan 2024 10:34:07 +0000
ROA not before: Tue 02 Jan 2024 10:34:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142282
IP address blocks: 2a0e:b107:120f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e0:18:15:c9:c5:5a:01:0e:9f:ce:3b:70:a9:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca72b548c69ca92fcc24a383ef1ebc59dd389764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7b:94:30:6d:3c:2a:c9:62:1f:46:f5:26:8f:
f2:b5:f3:c7:cf:24:e6:0b:1f:5a:f2:8b:09:c4:43:
56:9f:8d:ca:69:99:da:f9:d2:48:a3:26:24:78:91:
3b:6e:e9:3d:2d:a7:d4:63:02:47:a1:2c:44:3b:0b:
25:97:14:4c:6f:ce:16:0a:3e:f4:19:46:71:ad:e8:
62:2d:b9:94:17:63:be:48:b9:18:7c:cf:ab:63:0b:
82:d7:55:2c:f1:08:b4:9c:2c:87:fe:31:be:37:e9:
1b:4a:22:91:a6:04:ba:ff:38:4f:cb:54:8e:a7:1a:
75:15:98:e7:0d:e7:65:da:40:56:11:6e:31:8b:58:
75:98:a9:16:b5:03:ea:f0:26:ba:2d:35:90:57:bd:
a8:bb:c7:5b:14:0a:dc:8c:c0:97:ff:b9:ab:5a:77:
a2:5a:8f:cd:bf:e4:21:86:e9:6f:5a:8a:4b:c6:1a:
c9:f5:e1:28:94:5a:9e:8c:61:35:64:61:a9:3f:63:
9e:65:30:4b:e5:98:05:65:26:2b:70:ab:6c:60:a6:
5c:18:ea:7d:19:46:6b:5c:2c:05:6a:ad:2f:a6:49:
f8:ff:67:c0:e1:09:b7:64:1d:5a:55:f7:88:d4:d1:
f1:0d:0b:c6:f0:5c:68:e1:45:9f:5d:2b:0a:dd:a7:
53:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:72:B5:48:C6:9C:A9:2F:CC:24:A3:83:EF:1E:BC:59:DD:38:97:64
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ynK1SMacqS_MJKOD7x68Wd04l2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:120f::/48
Signature Algorithm: sha256WithRSAEncryption
8c:aa:0b:be:8a:b5:e0:e5:d7:d4:42:a4:ed:bd:00:b6:6c:94:
7d:3f:4f:06:c4:62:63:c8:c7:2e:e5:a7:a9:6d:f1:ad:29:9c:
eb:67:6b:85:10:e0:8d:2a:11:0c:ec:4d:7c:ba:0c:ed:64:8f:
44:6c:bb:91:5e:47:60:c9:77:14:f3:57:d6:35:bb:61:94:6c:
c9:dd:4b:b0:bf:02:8a:c3:68:63:6a:a9:59:7f:c8:9a:f1:64:
22:96:ef:2b:1c:d1:dc:d7:95:72:d3:0d:53:ba:41:1f:80:b5:
2d:f2:0d:b5:7f:88:0c:83:01:88:17:96:84:e7:0d:dd:04:a6:
c4:8f:3f:13:12:ea:57:cd:32:15:67:51:5f:50:da:a9:13:68:
45:da:80:5f:29:59:31:98:31:79:0c:c4:c7:07:ca:43:7a:8b:
dc:cd:92:ed:94:53:a1:4e:a2:ac:3d:01:15:4c:be:49:4e:f8:
49:0a:ce:14:15:ef:a7:e3:97:e8:6f:d0:d0:0a:59:92:03:ab:
69:48:64:61:ea:f9:45:20:2a:a9:97:a1:16:55:db:31:33:db:
58:3c:2e:fa:f9:2e:70:41:74:d0:5f:a3:34:c6:90:ab:da:22:
5f:3f:48:1c:66:7a:25:0a:21:11:5e:ac:3e:65:ba:be:de:2a:
a9:26:b6:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvOAYFcnFWgEOn847cKn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTcyYjU0OGM2OWNhOTJmY2MyNGEzODNlZjFlYmM1OWRkMzg5NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHuUMG08KsliH0b1Jo/ytfPHzyTm
Cx9a8osJxENWn43KaZna+dJIoyYkeJE7buk9LafUYwJHoSxEOwsllxRMb84WCj70
GUZxrehiLbmUF2O+SLkYfM+rYwuC11Us8Qi0nCyH/jG+N+kbSiKRpgS6/zhPy1SO
pxp1FZjnDedl2kBWEW4xi1h1mKkWtQPq8Ca6LTWQV72ou8dbFArcjMCX/7mrWnei
Wo/Nv+QhhulvWopLxhrJ9eEolFqejGE1ZGGpP2OeZTBL5ZgFZSYrcKtsYKZcGOp9
GUZrXCwFaq0vpkn4/2fA4Qm3ZB1aVfeI1NHxDQvG8Fxo4UWfXSsK3adTNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMpytUjGnKkvzCSjg+8evFndOJdkMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveW5LMVNNYWNxU19NSktPRDd4NjhXZDA0bDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxIP
MA0GCSqGSIb3DQEBCwUAA4IBAQCMqgu+irXg5dfUQqTtvQC2bJR9P08GxGJjyMcu
5aepbfGtKZzrZ2uFEOCNKhEM7E18ugztZI9EbLuRXkdgyXcU81fWNbthlGzJ3Uuw
vwKKw2hjaqlZf8ia8WQilu8rHNHc15Vy0w1TukEfgLUt8g21f4gMgwGIF5aE5w3d
BKbEjz8TEupXzTIVZ1FfUNqpE2hF2oBfKVkxmDF5DMTHB8pDeovczZLtlFOhTqKs
PQEVTL5JTvhJCs4UFe+n45fob9DQClmSA6tpSGRh6vlFICqpl6EWVdsxM9tYPC76
+S5wQXTQX6M0xpCr2iJfP0gcZnolCiERXqw+Zbq+3iqpJrbA
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:24:32 2024 by rpki-client on console-fra.rpki-client.org