Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1yrE69XJ257NhwfbZuH0m1gMeMQ.roa
File: 1yrE69XJ257NhwfbZuH0m1gMeMQ.roa (raw, json)
Hash identifier: /Kw56MTJsTRQIMuIR53lnw8Dp8KvDikF0QyG9VwvmGE=
Subject key identifier: D7:2A:C4:EB:D5:C9:DB:9E:CD:87:07:DB:66:E1:F4:9B:58:0C:78:C4
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195C4AD0C98A90738292739191FDC94FDAD
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1yrE69XJ257NhwfbZuH0m1gMeMQ.roa
Signing time: Sun 23 Mar 2025 20:23:50 +0000
ROA not before: Sun 23 Mar 2025 20:23:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211507
IP address blocks: 2a13:e040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:ad:0c:98:a9:07:38:29:27:39:19:1f:dc:94:fd:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 23 20:23:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d72ac4ebd5c9db9ecd8707db66e1f49b580c78c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:00:1a:19:aa:0e:68:33:16:93:60:7e:e9:95:
93:76:61:27:ce:83:8b:dc:c7:ee:3a:0c:e4:9b:27:
e8:1a:dd:16:bc:72:72:b3:15:12:fe:12:c8:02:13:
30:98:01:b7:81:23:89:3a:53:03:ef:35:b0:03:70:
c1:0e:81:31:04:13:65:11:ed:52:ff:8d:c2:8c:fd:
d1:c6:ec:8c:f5:b9:dc:e0:47:5c:f7:4c:a5:50:70:
ea:a8:7c:be:50:68:35:80:a7:55:0e:43:4b:b3:21:
e5:fc:ca:3c:6e:8d:9d:2e:8f:3a:66:a4:77:a5:f1:
5a:d6:eb:91:03:db:10:fa:c7:db:63:49:4e:54:8a:
d8:7e:ee:2d:37:f1:67:c0:44:ca:13:54:83:ae:c5:
43:20:e0:43:4a:70:8c:9e:66:30:d8:c7:ff:f5:b4:
ef:2a:1d:09:8c:be:95:40:a5:f0:e0:c9:a6:ef:61:
3e:c6:97:50:32:21:ca:c2:22:82:3b:44:61:68:2a:
b8:6e:df:63:6d:da:1d:21:15:2d:65:29:48:16:67:
77:86:f6:e0:6f:49:fd:17:8f:50:a3:7b:82:8b:11:
f4:1d:91:e1:50:4c:75:9e:7c:bc:e6:63:3b:6f:84:
6c:72:9d:e4:f6:e1:b9:7a:56:92:10:01:84:4d:a5:
e3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2A:C4:EB:D5:C9:DB:9E:CD:87:07:DB:66:E1:F4:9B:58:0C:78:C4
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1yrE69XJ257NhwfbZuH0m1gMeMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e040::/29
Signature Algorithm: sha256WithRSAEncryption
8e:43:9d:68:2a:5d:de:24:9d:61:71:65:db:cc:2c:b9:97:fd:
df:56:f5:6a:81:d3:5f:19:19:44:6d:a1:35:60:fd:53:c3:c1:
59:6c:04:7f:e6:39:13:70:45:31:09:27:fc:a3:56:3b:99:06:
71:c0:30:e2:2e:26:46:82:31:b0:42:5c:7c:f3:c8:4e:7e:f8:
8e:8c:7c:74:a6:d1:9d:58:ad:57:8b:64:25:a0:9c:cc:7a:ef:
95:e0:c8:23:51:67:4a:11:94:a2:35:30:4a:b3:50:20:e7:94:
c5:86:0f:8c:80:d8:0d:6a:75:5b:7d:18:5c:24:aa:30:94:cb:
14:87:e0:37:8f:6d:12:b6:99:75:16:5f:87:b0:a5:26:4a:e2:
fb:85:72:e5:60:b0:c9:59:3b:ef:7d:cc:13:db:d2:c3:fc:5c:
b9:1f:25:48:9f:4c:f7:0e:37:6e:83:0d:d3:93:1d:31:88:28:
59:2f:a4:bb:b5:3f:88:fc:39:13:47:81:ff:0d:66:29:e9:91:
da:d0:20:0e:8a:83:2b:1a:a9:e0:6d:8b:a2:3c:bc:1b:fb:5b:
da:e5:7f:f7:44:8f:32:77:89:c4:59:54:12:8f:57:ba:8f:f4:
e3:07:70:00:93:b9:5c:de:32:15:82:3f:bc:a0:b7:a3:1e:fc:
68:2b:ab:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXErQyYqQc4KSc5GR/clP2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIzMjAyMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJhYzRlYmQ1YzlkYjllY2Q4NzA3ZGI2NmUxZjQ5YjU4MGM3OGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQAaGaoOaDMWk2B+6ZWTdmEnzoOL
3MfuOgzkmyfoGt0WvHJysxUS/hLIAhMwmAG3gSOJOlMD7zWwA3DBDoExBBNlEe1S
/43CjP3RxuyM9bnc4Edc90ylUHDqqHy+UGg1gKdVDkNLsyHl/Mo8bo2dLo86ZqR3
pfFa1uuRA9sQ+sfbY0lOVIrYfu4tN/FnwETKE1SDrsVDIOBDSnCMnmYw2Mf/9bTv
Kh0JjL6VQKXw4Mmm72E+xpdQMiHKwiKCO0RhaCq4bt9jbdodIRUtZSlIFmd3hvbg
b0n9F49Qo3uCixH0HZHhUEx1nny85mM7b4Rscp3k9uG5elaSEAGETaXjiQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNcqxOvVyduezYcH22bh9JtYDHjEMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMXlyRTY5WEoyNTdOaHdmYlp1SDBtMWdNZU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAjkOdaCpd3iSdYXFl28wsuZf931b1aoHTXxkZRG2h
NWD9U8PBWWwEf+Y5E3BFMQkn/KNWO5kGccAw4i4mRoIxsEJcfPPITn74jox8dKbR
nVitV4tkJaCczHrvleDII1FnShGUojUwSrNQIOeUxYYPjIDYDWp1W30YXCSqMJTL
FIfgN49tEraZdRZfh7ClJkri+4Vy5WCwyVk7733ME9vSw/xcuR8lSJ9M9w43boMN
05MdMYgoWS+ku7U/iPw5E0eB/w1mKemR2tAgDoqDKxqp4G2Lojy8G/tb2uV/90SP
MneJxFlUEo9Xuo/04wdwAJO5XN4yFYI/vKC3ox78aCurRg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:30:37 2025 by rpki-client