Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/w8idkeWbG52TtIpx9U6pAxc7Df8.roa
File: w8idkeWbG52TtIpx9U6pAxc7Df8.roa (raw, json)
Hash identifier: u3rb6lYT1ibz1O/axkufNUJsAz+Fi6V/7un9KfX38o4=
Subject key identifier: C3:C8:9D:91:E5:9B:1B:9D:93:B4:8A:71:F5:4E:A9:03:17:3B:0D:FF
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019422FB653ECA7A103E78E17E8F1651DD5B
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/w8idkeWbG52TtIpx9U6pAxc7Df8.roa
Signing time: Wed 01 Jan 2025 17:48:08 +0000
ROA not before: Wed 01 Jan 2025 17:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208861
IP address blocks: 2a0c:ab03::/32 maxlen: 32
2a0c:ab05::/32 maxlen: 32
2a0c:ab06::/32 maxlen: 32
2a0c:ab07:2000::/36 maxlen: 36
2a0c:ab07:3000::/36 maxlen: 36
2a0c:ab07:5000::/36 maxlen: 36
2a0c:ab07:c000::/36 maxlen: 36
2a0c:ab07:d000::/36 maxlen: 36
2a0c:ab07:e000::/36 maxlen: 36
2a0c:ab07:f000::/36 maxlen: 36
2a10:2ec1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 08:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:65:3e:ca:7a:10:3e:78:e1:7e:8f:16:51:dd:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 17:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3c89d91e59b1b9d93b48a71f54ea903173b0dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f4:b2:43:ac:22:9f:c4:29:9f:b8:f8:75:fa:
f1:9e:0e:14:38:88:db:5b:30:eb:41:bf:91:ba:e6:
03:ee:48:32:06:d5:01:11:75:c0:74:31:ad:d6:b1:
25:29:1a:b8:88:97:0e:16:6c:3e:0c:8c:57:dd:8b:
da:cd:ef:ad:29:ce:01:b6:6c:11:9d:90:bc:26:90:
90:27:50:d9:74:f2:c6:00:e8:21:a3:53:5f:6a:d4:
bd:a0:3f:2f:85:0d:c9:37:f3:c1:ba:2e:c2:28:19:
a7:c1:d9:1a:fe:9f:da:b5:ac:ea:72:29:f1:bc:2d:
b8:97:0c:de:0e:81:f1:c1:b3:02:6a:67:0d:4d:cc:
7f:e3:05:4c:06:61:5f:a5:ba:01:7b:31:bf:a9:ab:
c7:22:9c:d0:2c:e1:6e:e0:0f:67:81:ab:c1:5c:21:
34:38:17:95:8c:a1:2d:a0:ea:f7:c4:d1:dd:4b:ae:
64:8c:44:64:47:8a:0c:07:73:5c:20:4a:82:35:95:
68:2c:ef:82:73:e6:c8:f6:56:fa:35:1d:98:50:7f:
65:7c:10:87:72:77:33:08:11:a1:10:f1:33:89:e0:
d9:a8:c0:1a:95:d2:ee:a7:96:09:3b:56:cd:9a:ff:
05:37:b5:e3:2e:53:ac:ee:13:cd:49:6c:3a:1e:95:
8a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C8:9D:91:E5:9B:1B:9D:93:B4:8A:71:F5:4E:A9:03:17:3B:0D:FF
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/w8idkeWbG52TtIpx9U6pAxc7Df8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:ab03::/32
2a0c:ab05::-2a0c:ab06:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:ab07:2000::/35
2a0c:ab07:5000::/36
2a0c:ab07:c000::/34
2a10:2ec1::/32
Signature Algorithm: sha256WithRSAEncryption
01:18:de:c0:f3:a9:fd:48:2d:40:27:69:82:48:02:37:35:41:
8f:c7:31:1e:a6:a7:a8:7b:ed:d3:e5:07:b9:ee:a9:1d:45:5b:
cf:2a:b8:6c:59:bb:14:8e:bc:eb:eb:f4:0a:ad:79:60:87:00:
72:02:a0:77:73:3e:75:bc:76:13:ff:ca:ca:03:f6:54:46:a4:
10:9a:4b:85:81:a6:fd:86:5c:cf:d8:ea:29:2d:b4:72:a5:86:
4a:a8:d2:82:d2:53:67:de:95:e0:dc:70:3f:e3:24:15:fd:6c:
c6:98:ad:ee:25:8b:75:e0:d5:0b:65:11:b5:65:7c:e2:e9:32:
63:08:6a:0d:e6:b1:d7:7c:51:1d:89:39:96:32:76:2a:e7:7b:
30:20:74:c4:4f:69:0f:f3:db:f0:92:d3:35:23:c8:39:e6:d7:
e6:32:9a:42:db:49:20:5e:49:20:06:9c:f9:62:a4:01:d9:04:
d2:ed:7b:26:80:39:c3:28:8a:7e:b9:3c:f3:d6:03:d2:48:1c:
4f:49:07:e3:fe:cc:5e:27:99:4e:c6:9d:89:7e:5c:bd:c5:4c:
b1:41:bc:8f:81:84:20:6a:a4:1f:83:27:4e:b8:e4:7e:62:2f:
c7:e7:7e:f3:0d:ac:42:00:a9:05:45:ba:c7:2b:e8:0b:83:e8:
ee:81:3e:c5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQi+2U+ynoQPnjhfo8WUd1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwMTAxMTc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2M4OWQ5MWU1OWIxYjlkOTNiNDhhNzFmNTRlYTkwMzE3M2IwZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofSyQ6win8Qpn7j4dfrxng4UOIjb
WzDrQb+RuuYD7kgyBtUBEXXAdDGt1rElKRq4iJcOFmw+DIxX3Yvaze+tKc4BtmwR
nZC8JpCQJ1DZdPLGAOgho1NfatS9oD8vhQ3JN/PBui7CKBmnwdka/p/atazqcinx
vC24lwzeDoHxwbMCamcNTcx/4wVMBmFfpboBezG/qavHIpzQLOFu4A9ngavBXCE0
OBeVjKEtoOr3xNHdS65kjERkR4oMB3NcIEqCNZVoLO+Cc+bI9lb6NR2YUH9lfBCH
cnczCBGhEPEzieDZqMAaldLup5YJO1bNmv8FN7XjLlOs7hPNSWw6HpWKMwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMPInZHlmxudk7SKcfVOqQMXOw3/MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvdzhpZGtlV2JHNTJUdElweDlVNnBBeGM3RGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwUAKgyrAzAO
AwUAKgyrBQMFACoMqwYDBgUqDKsHIAMGBCoMqwdQAwYGKgyrB8ADBQAqEC7BMA0G
CSqGSIb3DQEBCwUAA4IBAQABGN7A86n9SC1AJ2mCSAI3NUGPxzEepqeoe+3T5Qe5
7qkdRVvPKrhsWbsUjrzr6/QKrXlghwByAqB3cz51vHYT/8rKA/ZURqQQmkuFgab9
hlzP2OopLbRypYZKqNKC0lNn3pXg3HA/4yQV/WzGmK3uJYt14NULZRG1ZXzi6TJj
CGoN5rHXfFEdiTmWMnYq53swIHTET2kP89vwktM1I8g55tfmMppC20kgXkkgBpz5
YqQB2QTS7XsmgDnDKIp+uTzz1gPSSBxPSQfj/sxeJ5lOxp2Jfly9xUyxQbyPgYQg
aqQfgydOuOR+Yi/H537zDaxCAKkFRbrHK+gLg+jugT7F
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:30:20 2025 by rpki-client