Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/CjTW9-CUmuY1lxZ8OqndS2FXSrY.roa
File: CjTW9-CUmuY1lxZ8OqndS2FXSrY.roa (raw, json)
Hash identifier: 9DQ0LnRbHYpMYq+dl7Z0Jfv0Jx2DrmotGXluT5sxbiI=
Subject key identifier: 0A:34:D6:F7:E0:94:9A:E6:35:97:16:7C:3A:A9:DD:4B:61:57:4A:B6
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 0194221FC1985A0CC41FAB56F839F4D6D62B
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/CjTW9-CUmuY1lxZ8OqndS2FXSrY.roa
Signing time: Wed 01 Jan 2025 13:48:14 +0000
ROA not before: Wed 01 Jan 2025 13:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211972
IP address blocks: 2a10:9902:730::/48 maxlen: 48
2a10:9902:731::/48 maxlen: 48
2a10:9902:732::/48 maxlen: 48
2a10:9902:733::/48 maxlen: 48
2a10:9902:73f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c1:98:5a:0c:c4:1f:ab:56:f8:39:f4:d6:d6:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a34d6f7e0949ae63597167c3aa9dd4b61574ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b2:bd:0b:3d:37:dd:bb:6c:06:5c:3c:55:1a:
df:da:a9:7e:0a:05:36:39:b8:40:a2:3c:d1:b8:69:
9e:8f:0a:51:03:5c:d5:b5:c8:84:93:6c:52:ec:93:
c5:86:a4:cf:94:5c:f8:3f:3e:f1:1c:e7:7b:0f:14:
ac:f1:bb:10:6c:8a:b8:c8:bc:b7:1b:71:c8:88:fa:
0b:78:ea:ca:53:53:f3:72:94:1a:54:f0:2b:e7:b6:
42:b1:0c:9f:ce:00:ce:bc:d5:ae:bb:04:c8:7a:1a:
db:c1:6c:75:d9:59:d4:7f:82:b9:8d:c0:73:9c:5b:
95:29:b0:be:68:10:8c:f4:cc:9e:f0:20:03:5e:b9:
0d:f4:a8:82:c7:5f:71:b3:37:f8:c4:60:66:bd:28:
4b:ad:2f:62:60:76:a7:84:d1:a7:94:61:4b:03:9d:
5a:7f:39:7f:d0:69:e3:74:40:8c:7b:d6:07:ed:a2:
f3:d0:dc:c2:1e:4c:52:31:b7:a4:e8:45:73:5c:d4:
b5:9f:4b:09:64:63:9d:4e:64:ef:5b:34:43:15:93:
a6:2e:ac:15:8e:65:14:d8:33:12:11:30:83:b2:6c:
3f:59:e2:1d:9a:d4:af:5c:6c:1b:da:9b:37:85:51:
03:30:73:9e:ed:8b:c8:a2:ba:16:0f:43:fb:ce:02:
31:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:34:D6:F7:E0:94:9A:E6:35:97:16:7C:3A:A9:DD:4B:61:57:4A:B6
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/CjTW9-CUmuY1lxZ8OqndS2FXSrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9902:730::/46
2a10:9902:73f::/48
Signature Algorithm: sha256WithRSAEncryption
22:64:6d:7b:e6:c2:d2:b7:f5:97:8c:84:1f:a4:e0:71:a7:d4:
4a:63:a9:ae:ce:a7:7e:56:29:23:a0:a3:e5:2b:77:55:64:4b:
1d:11:65:7d:b6:a0:63:52:b7:5c:bc:89:d8:c6:fb:5d:c0:0f:
f9:1c:9e:6a:53:fd:4c:13:3d:69:82:38:86:94:58:f8:b0:36:
3e:1a:ed:1d:9b:12:ac:62:4d:74:80:aa:f3:7c:61:7a:4b:f8:
54:4d:10:ff:8d:e3:31:53:66:15:3d:4b:19:4e:d9:61:3d:9c:
31:18:0d:1a:58:d8:89:7f:9b:51:ab:25:15:af:7d:cb:08:76:
df:46:3b:66:72:a9:95:a5:34:20:cd:e7:d5:2d:5d:ad:64:41:
2b:01:f4:de:d4:ab:48:c4:16:bd:c2:45:77:c1:e7:74:98:9f:
69:61:62:b8:b5:ac:ef:48:ba:b0:e9:ce:cc:68:da:c2:62:65:
65:75:c6:f5:c2:0e:f7:e5:85:a5:93:2e:e6:38:7d:4e:e1:5d:
5e:fe:2e:fd:32:59:72:8d:b2:44:8c:6a:b4:b8:16:4b:cc:9f:
f2:f8:f5:f1:71:2f:2c:3e:c1:ac:a8:ca:6c:9e:47:d7:30:4f:
52:8e:e3:c8:40:8b:75:2a:56:b6:be:7a:09:ed:5e:a7:d5:ac:
f9:96:4f:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH8GYWgzEH6tW+Dn01tYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTM0ZDZmN2UwOTQ5YWU2MzU5NzE2N2MzYWE5ZGQ0YjYxNTc0YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbK9Cz033btsBlw8VRrf2ql+CgU2
ObhAojzRuGmejwpRA1zVtciEk2xS7JPFhqTPlFz4Pz7xHOd7DxSs8bsQbIq4yLy3
G3HIiPoLeOrKU1PzcpQaVPAr57ZCsQyfzgDOvNWuuwTIehrbwWx12VnUf4K5jcBz
nFuVKbC+aBCM9Mye8CADXrkN9KiCx19xszf4xGBmvShLrS9iYHanhNGnlGFLA51a
fzl/0GnjdECMe9YH7aLz0NzCHkxSMbek6EVzXNS1n0sJZGOdTmTvWzRDFZOmLqwV
jmUU2DMSETCDsmw/WeIdmtSvXGwb2ps3hVEDMHOe7YvIoroWD0P7zgIxWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAo01vfglJrmNZcWfDqp3UthV0q2MB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvQ2pUVzktQ1VtdVkxbHhaOE9xbmRTMkZYU3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKhCZAgcw
AwcAKhCZAgc/MA0GCSqGSIb3DQEBCwUAA4IBAQAiZG175sLSt/WXjIQfpOBxp9RK
Y6muzqd+VikjoKPlK3dVZEsdEWV9tqBjUrdcvInYxvtdwA/5HJ5qU/1MEz1pgjiG
lFj4sDY+Gu0dmxKsYk10gKrzfGF6S/hUTRD/jeMxU2YVPUsZTtlhPZwxGA0aWNiJ
f5tRqyUVr33LCHbfRjtmcqmVpTQgzefVLV2tZEErAfTe1KtIxBa9wkV3wed0mJ9p
YWK4tazvSLqw6c7MaNrCYmVldcb1wg735YWlky7mOH1O4V1e/i79MllyjbJEjGq0
uBZLzJ/y+PXxcS8sPsGsqMpsnkfXME9SjuPIQIt1Kla2vnoJ7V6n1az5lk9a
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:22:10 2025 by rpki-client