Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/jIGs3qKcDxBmqJ2fipFLAdujx6w.roa
File: jIGs3qKcDxBmqJ2fipFLAdujx6w.roa (raw, json)
Hash identifier: KLPs+8T03UuOOCPXUYOJk9ZNwTltd+bx8VIhJhWnYmw=
Subject key identifier: 8C:81:AC:DE:A2:9C:0F:10:66:A8:9D:9F:8A:91:4B:01:DB:A3:C7:AC
Certificate issuer: /CN=b93d4908d9c43a85f85be19334a26f5d51350bcb
Certificate serial: 01942747ACC4DE826D6DDC95B195FBEA9ED4
Authority key identifier: B9:3D:49:08:D9:C4:3A:85:F8:5B:E1:93:34:A2:6F:5D:51:35:0B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uT1JCNnEOoX4W-GTNKJvXVE1C8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/jIGs3qKcDxBmqJ2fipFLAdujx6w.roa
Signing time: Thu 02 Jan 2025 13:49:56 +0000
ROA not before: Thu 02 Jan 2025 13:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 2a14:1d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/uT1JCNnEOoX4W-GTNKJvXVE1C8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/uT1JCNnEOoX4W-GTNKJvXVE1C8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/uT1JCNnEOoX4W-GTNKJvXVE1C8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ac:c4:de:82:6d:6d:dc:95:b1:95:fb:ea:9e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93d4908d9c43a85f85be19334a26f5d51350bcb
Validity
Not Before: Jan 2 13:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c81acdea29c0f1066a89d9f8a914b01dba3c7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c7:46:25:96:8e:a3:0d:1e:9d:96:31:a2:28:
a5:da:54:85:35:60:47:23:1c:a4:36:3b:b1:d5:de:
07:c8:94:23:af:1c:88:69:19:d8:81:66:06:b9:a1:
13:4c:9f:9c:ab:09:c9:80:6a:e3:da:42:e0:63:64:
d3:93:a0:29:c3:25:79:53:7d:ed:f0:00:c9:2a:bc:
ec:60:bc:27:13:89:bc:e1:93:89:4b:82:0a:c6:e0:
39:88:24:b9:c8:52:1a:39:a0:a8:7c:f3:58:70:a2:
0d:0e:73:ca:37:96:2a:dd:59:86:f9:f8:82:0d:c1:
6b:e7:13:56:08:35:4d:33:75:90:da:c1:71:ce:fe:
f7:fc:18:6d:64:5e:03:b1:28:1c:7f:79:37:1e:46:
aa:7b:e1:fd:00:4e:59:23:c4:6d:de:fd:59:fe:22:
d7:86:3c:da:6c:87:f9:24:cf:dd:66:3b:30:e0:3d:
50:c2:45:52:d6:7a:f1:aa:af:b3:d3:42:66:ff:63:
e1:b6:64:8c:8c:20:48:39:bc:2b:73:33:f4:25:b3:
38:a2:b8:f0:06:02:72:e1:20:6d:3a:a7:1c:ee:42:
82:2e:c3:5e:a4:01:2b:1d:9a:19:06:7d:74:84:0f:
da:75:7a:43:7e:28:01:90:79:7d:e7:ae:b4:1a:b9:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:81:AC:DE:A2:9C:0F:10:66:A8:9D:9F:8A:91:4B:01:DB:A3:C7:AC
X509v3 Authority Key Identifier:
keyid:B9:3D:49:08:D9:C4:3A:85:F8:5B:E1:93:34:A2:6F:5D:51:35:0B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uT1JCNnEOoX4W-GTNKJvXVE1C8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/jIGs3qKcDxBmqJ2fipFLAdujx6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/1d7b0c-2251-4dd3-8690-52874611cd21/1/uT1JCNnEOoX4W-GTNKJvXVE1C8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1d40::/29
Signature Algorithm: sha256WithRSAEncryption
17:46:92:c1:ca:b3:6c:b5:84:1e:94:55:7b:e5:5c:74:34:6b:
51:d7:93:5c:94:a8:a6:92:fa:10:21:a1:43:fb:70:22:47:7d:
cb:29:c4:2a:f4:6d:93:a5:b3:73:1e:c9:b6:74:7e:3b:70:1e:
f5:48:cc:dd:4b:fd:46:03:cc:5b:a7:67:17:f3:6a:4c:84:4b:
78:8e:2a:cc:38:8e:d8:28:e1:ab:0e:04:3b:85:f5:d4:1e:86:
4a:e6:25:16:ee:f3:95:12:ab:f5:7c:1a:92:e8:4f:32:e8:1f:
f7:35:81:9a:ea:6a:77:bf:32:69:21:5e:55:53:89:e5:4f:2d:
2b:d9:df:53:c3:6a:f2:48:9f:7a:c3:77:1f:9e:c7:44:82:9a:
bc:8a:91:22:c9:ca:76:c2:82:2e:b9:be:f8:56:ae:5b:57:c9:
2a:6e:80:64:f6:c9:00:aa:a6:b1:34:6a:94:b3:19:6c:3b:2c:
b6:38:f2:b5:0b:dc:85:07:2b:42:d8:e6:cb:a1:15:12:16:84:
e9:c7:a7:a1:fd:d5:4f:2e:2e:aa:a1:1e:de:89:49:5f:5f:64:
af:a7:b7:55:d7:54:5b:99:5a:0b:36:7f:03:8c:ac:96:05:1a:
92:24:ca:01:34:45:4f:b3:a7:25:f4:70:a5:9e:d4:4a:24:06:
26:8f:9b:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnR6zE3oJtbdyVsZX76p7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2Q0OTA4ZDljNDNhODVmODViZTE5MzM0YTI2ZjVkNTEz
NTBiY2IwHhcNMjUwMTAyMTM0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzgxYWNkZWEyOWMwZjEwNjZhODlkOWY4YTkxNGIwMWRiYTNjN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8dGJZaOow0enZYxoiil2lSFNWBH
IxykNjux1d4HyJQjrxyIaRnYgWYGuaETTJ+cqwnJgGrj2kLgY2TTk6ApwyV5U33t
8ADJKrzsYLwnE4m84ZOJS4IKxuA5iCS5yFIaOaCofPNYcKINDnPKN5Yq3VmG+fiC
DcFr5xNWCDVNM3WQ2sFxzv73/BhtZF4DsSgcf3k3Hkaqe+H9AE5ZI8Rt3v1Z/iLX
hjzabIf5JM/dZjsw4D1QwkVS1nrxqq+z00Jm/2PhtmSMjCBIObwrczP0JbM4orjw
BgJy4SBtOqcc7kKCLsNepAErHZoZBn10hA/adXpDfigBkHl95660GrlomwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIyBrN6inA8QZqidn4qRSwHbo8esMB8GA1UdIwQY
MBaAFLk9SQjZxDqF+FvhkzSib11RNQvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVQxSkNObkVPb1g0Vy1HVE5LSnZYVkUxQzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8xZDdiMGMtMjI1MS00ZGQzLTg2OTAt
NTI4NzQ2MTFjZDIxLzEvaklHczNxS2NEeEJtcUoyZmlwRkxBZHVqeDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8xZDdiMGMtMjI1MS00ZGQzLTg2OTAtNTI4NzQ2MTFjZDIx
LzEvdVQxSkNObkVPb1g0Vy1HVE5LSnZYVkUxQzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQdQDAN
BgkqhkiG9w0BAQsFAAOCAQEAF0aSwcqzbLWEHpRVe+VcdDRrUdeTXJSoppL6ECGh
Q/twIkd9yynEKvRtk6Wzcx7JtnR+O3Ae9UjM3Uv9RgPMW6dnF/NqTIRLeI4qzDiO
2Cjhqw4EO4X11B6GSuYlFu7zlRKr9XwakuhPMugf9zWBmupqd78yaSFeVVOJ5U8t
K9nfU8Nq8kifesN3H57HRIKavIqRIsnKdsKCLrm++FauW1fJKm6AZPbJAKqmsTRq
lLMZbDsstjjytQvchQcrQtjmy6EVEhaE6cenof3VTy4uqqEe3olJX19kr6e3VddU
W5laCzZ/A4yslgUakiTKATRFT7OnJfRwpZ7USiQGJo+btg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:33:19 2025 by rpki-client