Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/cQ6SdnmY7fIgfdAemGXpWF1FOPQ.roa
File: cQ6SdnmY7fIgfdAemGXpWF1FOPQ.roa (raw, json)
Hash identifier: rE5sWP16qEy550XaQGyvVum39Vv1f9SuBJn5Bpfsn24=
Subject key identifier: 71:0E:92:76:79:98:ED:F2:20:7D:D0:1E:98:65:E9:58:5D:45:38:F4
Certificate issuer: /CN=97893182b16718983bc008c8d087f8ddca3d8614
Certificate serial: 019424B3A47913D9DFD0FD8D638A748D93E0
Authority key identifier: 97:89:31:82:B1:67:18:98:3B:C0:08:C8:D0:87:F8:DD:CA:3D:86:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/cQ6SdnmY7fIgfdAemGXpWF1FOPQ.roa
Signing time: Thu 02 Jan 2025 01:49:00 +0000
ROA not before: Thu 02 Jan 2025 01:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133142
IP address blocks: 2a0b:1302::/34 maxlen: 34
2a0b:1302:4000::/48 maxlen: 48
2a0b:1306:9::/48 maxlen: 48
2a0b:1306:b::/48 maxlen: 48
2a0b:1306:400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a4:79:13:d9:df:d0:fd:8d:63:8a:74:8d:93:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97893182b16718983bc008c8d087f8ddca3d8614
Validity
Not Before: Jan 2 01:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=710e92767998edf2207dd01e9865e9585d4538f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:42:d0:7d:b8:a0:7d:6e:0d:64:bc:f5:4e:
ba:33:af:b5:28:71:38:8d:f9:31:11:d9:4b:eb:09:
82:55:2f:36:81:bd:14:bb:0d:17:cf:4f:6e:80:35:
47:e8:3f:7e:59:a9:ae:95:a9:a8:22:53:7b:86:d7:
dc:f3:a1:5b:46:68:f4:8f:1e:a6:ac:34:29:10:44:
91:33:cd:c8:11:00:c6:7c:86:3d:4e:9c:ff:4e:2f:
23:b9:cd:4c:67:b3:08:1a:8a:c8:29:01:59:e6:3c:
f2:2b:38:54:dc:7f:8d:b6:6a:ad:db:02:3e:93:8b:
a7:92:cf:47:f2:3d:fd:2b:25:9c:ba:74:59:d8:a5:
35:74:14:0d:c0:14:72:76:38:d8:da:e0:5e:d5:4c:
77:21:f7:eb:e2:c2:a6:f3:0c:e7:d7:f6:30:61:ae:
5a:a6:25:dd:d2:4f:8c:30:b3:98:47:22:6b:59:c8:
2b:4f:1d:fb:d5:19:8d:11:98:8a:a6:80:b5:fe:d9:
51:83:81:08:cc:dd:85:30:11:c2:6f:b8:c6:b6:82:
1f:f8:c0:8d:71:f9:62:b0:33:dc:7d:a8:9b:c5:9c:
23:8e:9a:c7:e0:13:12:b5:aa:fc:6e:e3:df:73:e2:
c2:69:14:6a:1d:ac:6c:5e:95:ce:fa:61:1f:56:d4:
fa:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0E:92:76:79:98:ED:F2:20:7D:D0:1E:98:65:E9:58:5D:45:38:F4
X509v3 Authority Key Identifier:
keyid:97:89:31:82:B1:67:18:98:3B:C0:08:C8:D0:87:F8:DD:CA:3D:86:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/cQ6SdnmY7fIgfdAemGXpWF1FOPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:1302::-2a0b:1302:4000:ffff:ffff:ffff:ffff:ffff
2a0b:1306:9::/48
2a0b:1306:b::/48
2a0b:1306:400::/48
Signature Algorithm: sha256WithRSAEncryption
21:9a:dd:21:52:c0:d3:e3:e3:23:1a:35:cd:a2:3a:55:05:59:
0c:f9:03:58:9c:44:fd:d3:ec:ef:cb:10:dd:e3:a8:4a:c2:72:
2c:eb:26:50:c3:13:57:d7:a2:e9:00:e6:1c:36:23:c1:56:f1:
75:fb:b8:b4:3f:aa:16:23:43:59:00:f7:8e:9c:e1:1a:72:7e:
ed:47:6e:72:7d:ad:a6:28:79:af:9d:c2:f6:2b:04:12:42:04:
e7:22:b5:77:9a:c1:a2:60:9b:ff:5a:ca:cc:8a:c3:20:7f:70:
31:c7:54:f5:ef:b1:1b:27:3a:1a:c7:61:a0:6e:43:18:d5:46:
d0:e8:02:b6:cb:b2:1d:36:06:ec:fb:29:31:8e:75:27:5e:2d:
85:99:f9:d4:e7:55:8d:37:ae:49:84:64:37:21:21:5c:33:3e:
a2:7e:9e:45:a9:44:29:5b:2b:ca:95:33:f8:f2:96:e3:55:21:
7e:9b:6d:da:7b:38:ca:12:bf:f7:18:e8:c1:b1:4a:5b:c4:fb:
75:4c:8a:03:8b:84:ab:28:60:45:26:98:a5:f6:36:40:d4:3f:
76:84:1a:b0:bf:b7:ea:a9:50:04:8c:b6:b8:43:4b:ea:de:e4:
86:6b:50:8c:9e:5c:de:a5:c1:72:a9:6e:c9:cc:4d:0f:5b:68:
59:66:67:1a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQks6R5E9nf0P2NY4p0jZPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODkzMTgyYjE2NzE4OTgzYmMwMDhjOGQwODdmOGRkY2Ez
ZDg2MTQwHhcNMjUwMTAyMDE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTBlOTI3Njc5OThlZGYyMjA3ZGQwMWU5ODY1ZTk1ODVkNDUzOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnJC0H24oH1uDWS89U66M6+1KHE4
jfkxEdlL6wmCVS82gb0Uuw0Xz09ugDVH6D9+WamulamoIlN7htfc86FbRmj0jx6m
rDQpEESRM83IEQDGfIY9Tpz/Ti8juc1MZ7MIGorIKQFZ5jzyKzhU3H+Ntmqt2wI+
k4unks9H8j39KyWcunRZ2KU1dBQNwBRydjjY2uBe1Ux3Iffr4sKm8wzn1/YwYa5a
piXd0k+MMLOYRyJrWcgrTx371RmNEZiKpoC1/tlRg4EIzN2FMBHCb7jGtoIf+MCN
cflisDPcfaibxZwjjprH4BMStar8buPfc+LCaRRqHaxsXpXO+mEfVtT6YwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHEOknZ5mO3yIH3QHphl6VhdRTj0MB8GA1UdIwQY
MBaAFJeJMYKxZxiYO8AIyNCH+N3KPYYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRreGdyRm5HSmc3d0FqSTBJZjQzY285aGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xMjAwNDMtMTczMy00YzcyLWFkNDct
YmMwZTUxMWMyMGNlLzEvY1E2U2RubVk3ZklnZmRBZW1HWHBXRjFGT1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xMjAwNDMtMTczMy00YzcyLWFkNDctYmMwZTUxMWMyMGNl
LzEvbDRreGdyRm5HSmc3d0FqSTBJZjQzY285aGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtMBADBQEqCxMC
AwcAKgsTAkAAAwcAKgsTBgAJAwcAKgsTBgALAwcAKgsTBgQAMA0GCSqGSIb3DQEB
CwUAA4IBAQAhmt0hUsDT4+MjGjXNojpVBVkM+QNYnET90+zvyxDd46hKwnIs6yZQ
wxNX16LpAOYcNiPBVvF1+7i0P6oWI0NZAPeOnOEacn7tR25yfa2mKHmvncL2KwQS
QgTnIrV3msGiYJv/WsrMisMgf3Axx1T177EbJzoax2GgbkMY1UbQ6AK2y7IdNgbs
+ykxjnUnXi2FmfnU51WNN65JhGQ3ISFcMz6ifp5FqUQpWyvKlTP48pbjVSF+m23a
ezjKEr/3GOjBsUpbxPt1TIoDi4SrKGBFJpil9jZA1D92hBqwv7fqqVAEjLa4Q0vq
3uSGa1CMnlzepcFyqW7JzE0PW2hZZmca
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:27:36 2025 by rpki-client