Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ywop266upqzFExLPd7OiXLDMIhk.roa
File: ywop266upqzFExLPd7OiXLDMIhk.roa (raw, json)
Hash identifier: ugturHk299k85X4WENYFspwtR7SGX8ERWoFc1b4CmWc=
Subject key identifier: CB:0A:29:DB:AE:AE:A6:AC:C5:13:12:CF:77:B3:A2:5C:B0:CC:22:19
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018DD5C6716D6F62242EF9A057EE3ED97C97
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ywop266upqzFExLPd7OiXLDMIhk.roa
Signing time: Fri 23 Feb 2024 11:42:48 +0000
ROA not before: Fri 23 Feb 2024 11:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211509
IP address blocks: 2a0e:b107:1180::/48 maxlen: 48
2a0e:b107:1181::/48 maxlen: 48
2a0e:b107:1182::/48 maxlen: 48
2a0e:b107:1183::/48 maxlen: 48
2a0e:b107:1184::/48 maxlen: 48
2a0e:b107:1185::/48 maxlen: 48
2a0e:b107:1186::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:c6:71:6d:6f:62:24:2e:f9:a0:57:ee:3e:d9:7c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 23 11:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb0a29dbaeaea6acc51312cf77b3a25cb0cc2219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:20:25:32:fe:f5:5f:f9:e4:48:07:b3:fa:cd:
12:fe:fc:22:64:89:6c:9e:1b:4e:d4:9a:f0:cb:51:
ab:4b:4e:78:d8:e1:51:af:70:cb:7d:01:f3:11:ff:
fd:fc:ec:b7:f0:18:3f:13:b3:90:9c:a7:12:1e:e0:
55:d1:b3:51:be:07:bb:20:1a:0d:69:fe:e6:99:f9:
54:6a:f5:af:e8:7a:e7:e5:1d:04:0a:13:e4:53:3c:
d4:53:3a:0e:1f:f8:7c:68:a5:1e:d8:c2:dc:7f:be:
1b:c0:ef:84:86:16:3f:f4:c2:64:24:9b:9e:68:62:
36:24:fa:aa:a0:74:cc:de:87:78:d7:65:17:2f:98:
86:42:54:66:e3:6a:6f:74:13:59:1b:cd:e5:7c:7a:
23:15:70:55:07:fd:55:c4:59:11:82:b3:9f:47:be:
fb:36:ee:30:d5:6a:fc:57:5d:8a:a4:bb:b3:fe:2b:
dc:a3:e8:33:7f:5f:84:a3:34:00:f5:c8:64:a6:f1:
c4:c6:9b:0e:ea:f3:e3:6c:b4:ab:59:72:f4:3e:a7:
0b:dd:c7:f0:c9:dc:06:e1:bb:ff:a7:c2:01:ef:23:
7f:a7:ab:d6:e6:ad:9e:7c:23:11:b4:6e:bd:39:c8:
09:99:37:01:9c:18:2d:b6:f6:ae:9b:39:7c:52:f3:
0d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0A:29:DB:AE:AE:A6:AC:C5:13:12:CF:77:B3:A2:5C:B0:CC:22:19
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ywop266upqzFExLPd7OiXLDMIhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1180::-2a0e:b107:1186:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ac:18:6a:2a:41:ad:cd:e3:dd:34:2b:28:76:4b:a2:88:20:58:
8a:9d:92:57:71:06:93:c9:5c:11:63:32:16:59:9a:53:a3:99:
bc:e2:d9:81:95:d8:9a:df:ff:2e:b3:de:d0:f9:ec:9a:2d:6a:
6a:75:43:51:ae:46:11:8d:3c:6b:c1:ae:b1:3c:0e:6a:ec:3c:
50:33:21:15:ce:c4:1b:6c:48:40:84:5c:8a:b4:39:20:c9:63:
13:88:be:fc:fb:c0:be:5e:df:43:ea:a7:fe:73:ce:af:a1:27:
eb:95:76:b6:1a:4b:42:86:87:51:d7:cd:a2:25:62:66:7f:d6:
88:e8:56:16:67:f7:15:34:43:bd:ac:3a:b8:9f:47:17:72:ee:
32:cf:13:c8:07:df:3f:44:60:70:80:3d:b5:ad:88:d8:96:d0:
89:23:97:79:5d:0e:23:7d:9f:58:0e:27:14:a7:01:90:fc:94:
27:02:2d:ae:8c:1d:69:0f:88:cd:db:7b:2f:ac:f0:f8:0e:40:
b4:72:dc:d8:6e:24:99:e1:71:16:2d:fe:ef:42:87:3f:33:aa:
9d:16:4f:ce:9b:9f:13:db:22:5d:87:51:7a:8e:74:9e:70:c5:
1a:2e:14:ca:28:dd:98:e4:f7:9e:83:ca:44:d8:50:62:95:11:
e3:a8:17:e2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY3VxnFtb2IkLvmgV+4+2XyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjIzMTE0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBhMjlkYmFlYWVhNmFjYzUxMzEyY2Y3N2IzYTI1Y2IwY2MyMjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCAlMv71X/nkSAez+s0S/vwiZIls
nhtO1Jrwy1GrS0542OFRr3DLfQHzEf/9/Oy38Bg/E7OQnKcSHuBV0bNRvge7IBoN
af7mmflUavWv6Hrn5R0EChPkUzzUUzoOH/h8aKUe2MLcf74bwO+EhhY/9MJkJJue
aGI2JPqqoHTM3od412UXL5iGQlRm42pvdBNZG83lfHojFXBVB/1VxFkRgrOfR777
Nu4w1Wr8V12KpLuz/ivco+gzf1+EozQA9chkpvHExpsO6vPjbLSrWXL0PqcL3cfw
ydwG4bv/p8IB7yN/p6vW5q2efCMRtG69OcgJmTcBnBgttvaumzl8UvMNuQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMsKKduurqasxRMSz3ezolywzCIZMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveXdvcDI2NnVwcXpGRXhMUGQ3T2lYTERNSWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwcqDrEH
EYADBwAqDrEHEYYwDQYJKoZIhvcNAQELBQADggEBAKwYaipBrc3j3TQrKHZLoogg
WIqdkldxBpPJXBFjMhZZmlOjmbzi2YGV2Jrf/y6z3tD57Jotamp1Q1GuRhGNPGvB
rrE8DmrsPFAzIRXOxBtsSECEXIq0OSDJYxOIvvz7wL5e30Pqp/5zzq+hJ+uVdrYa
S0KGh1HXzaIlYmZ/1ojoVhZn9xU0Q72sOrifRxdy7jLPE8gH3z9EYHCAPbWtiNiW
0Ikjl3ldDiN9n1gOJxSnAZD8lCcCLa6MHWkPiM3bey+s8PgOQLRy3NhuJJnhcRYt
/u9Chz8zqp0WT86bnxPbIl2HUXqOdJ5wxRouFMoo3Zjk956DykTYUGKVEeOoF+I=
-----END CERTIFICATE-----
Generated at Fri May 3 09:37:10 2024 by rpki-client on console-fra.rpki-client.org