Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/bB3G3EZqBAqArfU6X5zzc1opBME.roa
File: bB3G3EZqBAqArfU6X5zzc1opBME.roa (raw, json)
Hash identifier: gPeixOKastqxOj7HlHBp8UwchVAjS4fsBzFCexJl5H8=
Subject key identifier: 6C:1D:C6:DC:46:6A:04:0A:80:AD:F5:3A:5F:9C:F3:73:5A:29:04:C1
Certificate issuer: /CN=41e383c5807e9b32f576d0a5b8ee7744cacfb717
Certificate serial: 019427B5AAE5F19AC6E713AA83807197FB15
Authority key identifier: 41:E3:83:C5:80:7E:9B:32:F5:76:D0:A5:B8:EE:77:44:CA:CF:B7:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QeODxYB-mzL1dtCluO53RMrPtxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/bB3G3EZqBAqArfU6X5zzc1opBME.roa
Signing time: Thu 02 Jan 2025 15:50:04 +0000
ROA not before: Thu 02 Jan 2025 15:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a06:9080::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/QeODxYB-mzL1dtCluO53RMrPtxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/QeODxYB-mzL1dtCluO53RMrPtxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QeODxYB-mzL1dtCluO53RMrPtxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:aa:e5:f1:9a:c6:e7:13:aa:83:80:71:97:fb:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41e383c5807e9b32f576d0a5b8ee7744cacfb717
Validity
Not Before: Jan 2 15:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c1dc6dc466a040a80adf53a5f9cf3735a2904c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:5e:22:4e:8d:b8:a6:61:c9:30:98:36:1f:ff:
c0:48:53:91:5b:6f:dc:67:6a:03:5f:b8:b1:a0:6e:
b8:2f:0a:b3:57:e2:ef:a9:61:3b:51:f6:6d:61:b2:
7c:19:24:70:84:99:22:d1:28:33:7f:ab:96:94:ef:
5f:a6:47:d4:19:84:0e:82:61:53:19:22:88:71:80:
0a:bf:85:8b:a9:0a:68:06:24:09:6f:57:e5:16:ac:
d0:1e:a3:99:43:ed:6f:47:f8:c9:17:4b:f7:72:54:
a0:95:65:25:50:3a:57:83:40:21:bd:6a:22:6f:95:
7f:5b:42:a8:26:67:d6:5f:b6:e2:e2:8a:2b:cd:7e:
ea:79:5a:e7:9d:cd:38:84:6e:1c:ed:be:32:e1:38:
a6:b0:08:0f:35:b1:a2:95:75:b7:10:f4:fe:d3:e7:
c1:eb:1b:fa:bf:f2:34:ae:ec:f8:a6:17:5e:bd:5c:
0e:ac:2c:88:46:27:76:b0:02:a3:68:cb:1a:f6:61:
68:3e:85:bf:93:05:81:dc:7b:a8:9a:7e:c4:5e:6d:
18:d1:77:71:ef:f2:ba:4e:2a:db:51:e7:a2:9f:5e:
27:82:8a:06:20:87:fd:f7:e6:58:9a:13:a3:04:02:
ff:d0:96:c7:b4:2f:7f:f6:f6:56:c8:db:86:28:2d:
83:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1D:C6:DC:46:6A:04:0A:80:AD:F5:3A:5F:9C:F3:73:5A:29:04:C1
X509v3 Authority Key Identifier:
keyid:41:E3:83:C5:80:7E:9B:32:F5:76:D0:A5:B8:EE:77:44:CA:CF:B7:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeODxYB-mzL1dtCluO53RMrPtxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/bB3G3EZqBAqArfU6X5zzc1opBME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/QeODxYB-mzL1dtCluO53RMrPtxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9080::/29
Signature Algorithm: sha256WithRSAEncryption
0f:92:c7:37:52:54:fc:b9:54:14:df:f2:db:20:ce:8c:2e:bf:
28:75:63:16:a1:4e:50:76:37:57:67:e3:a6:56:6b:c8:f6:4c:
04:51:54:ae:10:6f:af:e9:8f:7c:39:a6:36:20:77:6c:6d:62:
a8:4f:64:a9:a6:99:6e:f2:83:a8:98:c3:7e:f9:47:4f:e1:b5:
3d:fa:a8:cd:0f:92:2f:c2:76:a6:a2:ac:a2:1c:c7:b0:da:f0:
70:3c:ee:09:93:9d:bc:75:8c:f5:8d:67:04:c1:76:5b:12:82:
ee:7c:31:a7:b5:11:15:4f:8e:f8:f5:2b:09:68:37:c3:bf:22:
59:9d:f2:d8:7a:74:1c:f8:4f:a9:94:f4:ee:1d:50:ba:38:00:
6b:db:b6:bd:4b:81:83:3c:ae:99:51:0f:c9:eb:76:00:20:8c:
96:ab:c8:92:e7:9b:ce:00:27:9e:9a:0b:df:7b:c1:54:8e:58:
3e:ee:fc:85:cc:d0:bf:11:1b:1e:33:cf:7e:2a:1c:84:bf:6a:
61:3d:c3:74:bb:d1:1f:88:b6:2d:31:94:7b:cb:a4:a8:05:86:
33:fb:04:ef:0a:3d:c8:72:73:01:da:d4:9f:bd:79:26:66:1a:
0b:6e:d7:77:0a:c2:49:96:08:a7:27:cc:57:bf:78:cc:59:a1:
1e:9a:d7:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntarl8ZrG5xOqg4Bxl/sVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZTM4M2M1ODA3ZTliMzJmNTc2ZDBhNWI4ZWU3NzQ0Y2Fj
ZmI3MTcwHhcNMjUwMTAyMTU1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzFkYzZkYzQ2NmEwNDBhODBhZGY1M2E1ZjljZjM3MzVhMjkwNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8F4iTo24pmHJMJg2H//ASFORW2/c
Z2oDX7ixoG64LwqzV+LvqWE7UfZtYbJ8GSRwhJki0Sgzf6uWlO9fpkfUGYQOgmFT
GSKIcYAKv4WLqQpoBiQJb1flFqzQHqOZQ+1vR/jJF0v3clSglWUlUDpXg0AhvWoi
b5V/W0KoJmfWX7bi4oorzX7qeVrnnc04hG4c7b4y4TimsAgPNbGilXW3EPT+0+fB
6xv6v/I0ruz4phdevVwOrCyIRid2sAKjaMsa9mFoPoW/kwWB3Huomn7EXm0Y0Xdx
7/K6TirbUeein14ngooGIIf99+ZYmhOjBAL/0JbHtC9/9vZWyNuGKC2D0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGwdxtxGagQKgK31Ol+c83NaKQTBMB8GA1UdIwQY
MBaAFEHjg8WAfpsy9XbQpbjud0TKz7cXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWVPRHhZQi1tekwxZHRDbHVPNTNSTXJQdHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9hZWE0NjUtYmE0NS00OWFjLTljNjgt
N2I0MWZhYmM2ZjY3LzEvYkIzRzNFWnFCQXFBcmZVNlg1enpjMW9wQk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9hZWE0NjUtYmE0NS00OWFjLTljNjgtN2I0MWZhYmM2ZjY3
LzEvUWVPRHhZQi1tekwxZHRDbHVPNTNSTXJQdHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgaQgDAN
BgkqhkiG9w0BAQsFAAOCAQEAD5LHN1JU/LlUFN/y2yDOjC6/KHVjFqFOUHY3V2fj
plZryPZMBFFUrhBvr+mPfDmmNiB3bG1iqE9kqaaZbvKDqJjDfvlHT+G1PfqozQ+S
L8J2pqKsohzHsNrwcDzuCZOdvHWM9Y1nBMF2WxKC7nwxp7URFU+O+PUrCWg3w78i
WZ3y2Hp0HPhPqZT07h1QujgAa9u2vUuBgzyumVEPyet2ACCMlqvIkuebzgAnnpoL
33vBVI5YPu78hczQvxEbHjPPfiochL9qYT3DdLvRH4i2LTGUe8ukqAWGM/sE7wo9
yHJzAdrUn715JmYaC27XdwrCSZYIpyfMV794zFmhHprXAQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:54 2025 by rpki-client