Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/gkfVq5pqris09sYZ6oxV9_B3k7k.roa
File: gkfVq5pqris09sYZ6oxV9_B3k7k.roa (raw, json)
Hash identifier: txlMX2TP/JiHw0qHy7bbrrf1DRw3ThhHjdL7DQDHFqs=
Subject key identifier: 82:47:D5:AB:9A:6A:AE:2B:34:F6:C6:19:EA:8C:55:F7:F0:77:93:B9
Certificate issuer: /CN=d515f2e9149ce1b428c8f1edfc009215e2847f55
Certificate serial: 01941F8C9FF39C9B5D5F4BB1A00E4E0E14A8
Authority key identifier: D5:15:F2:E9:14:9C:E1:B4:28:C8:F1:ED:FC:00:92:15:E2:84:7F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/gkfVq5pqris09sYZ6oxV9_B3k7k.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a01:ea00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9f:f3:9c:9b:5d:5f:4b:b1:a0:0e:4e:0e:14:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d515f2e9149ce1b428c8f1edfc009215e2847f55
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8247d5ab9a6aae2b34f6c619ea8c55f7f07793b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5e:3b:e1:38:59:81:d5:67:20:00:8c:89:34:
fa:e4:b8:81:7e:bc:ce:a4:1d:7a:f6:f2:61:d3:46:
93:db:5e:31:01:f6:9d:14:f3:16:e9:4c:94:bb:2d:
14:b0:09:d6:56:d9:df:ab:85:df:88:43:2b:6f:d2:
c0:fe:8c:b5:d3:b3:12:44:2c:f6:ab:9e:35:e4:e5:
68:0a:38:ee:29:5c:24:dc:f6:f4:07:ea:fa:65:0a:
92:fb:78:51:71:3d:c6:59:46:01:02:75:05:4a:d5:
f2:be:93:5d:29:a8:62:54:fa:2b:d0:ec:5a:cc:c0:
67:99:dd:24:0d:ae:3e:3b:24:6f:6c:cf:29:02:88:
5e:94:da:0f:d5:bc:ba:0c:ea:0a:60:11:71:4b:22:
0a:b8:f2:e4:19:22:ea:7f:ed:77:22:6a:ce:1f:d7:
a9:1b:af:48:2b:e2:d9:45:c3:69:a9:c4:0d:03:0a:
30:5f:94:40:ab:5e:be:3b:53:38:ff:8e:89:03:21:
c3:64:9d:98:fa:ef:67:da:bc:8b:a3:20:ea:bf:46:
9d:98:85:e2:6a:5f:8f:30:f2:04:d8:85:36:74:b5:
cb:3d:3f:30:18:a9:32:bd:ce:65:0e:1c:2f:77:13:
1d:92:85:60:52:a7:2c:12:ab:5a:b9:0a:28:70:d5:
23:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:47:D5:AB:9A:6A:AE:2B:34:F6:C6:19:EA:8C:55:F7:F0:77:93:B9
X509v3 Authority Key Identifier:
keyid:D5:15:F2:E9:14:9C:E1:B4:28:C8:F1:ED:FC:00:92:15:E2:84:7F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/gkfVq5pqris09sYZ6oxV9_B3k7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ea00:1::/48
Signature Algorithm: sha256WithRSAEncryption
34:0f:c7:3e:34:bc:58:6e:62:8f:6e:7f:3d:71:23:40:ed:e3:
4c:92:16:65:f5:22:b9:90:5e:dc:3a:06:e8:5b:71:de:b0:be:
5f:a3:81:10:45:b1:f6:61:bd:8c:dc:9c:4d:55:a6:0e:89:6a:
63:57:68:37:29:4a:ab:fd:3a:13:d4:e8:25:e1:9d:54:17:4b:
e2:37:49:b0:2a:75:1b:c0:a5:0e:7f:9c:f9:15:e5:0e:6b:df:
af:84:c5:bc:ac:e6:91:c1:87:58:14:35:bb:9e:3f:dd:56:8a:
e0:5b:ea:5f:b9:e3:fc:2a:79:73:e0:31:09:68:c9:a7:cb:e3:
27:6f:d1:aa:17:52:78:c4:4a:7a:4b:41:69:ba:b6:f7:a8:05:
71:ae:b3:b9:a7:93:4e:a7:59:fe:4c:96:4b:77:03:b8:67:90:
b9:08:30:b8:96:82:6a:09:5a:59:40:7f:ec:00:45:2c:9b:89:
ba:ca:55:aa:27:a6:de:fc:25:e4:bf:a3:b7:bd:9a:f1:61:3e:
82:a7:1a:55:6a:ee:ca:2a:d5:b9:77:3f:f8:37:73:ce:0c:5f:
cf:b3:f0:f1:b3:0e:c2:68:6c:e8:7c:59:26:6a:29:3f:45:6b:
eb:f3:48:e3:b9:51:d4:e6:60:ca:bf:3e:69:f1:c1:2f:2b:ed:
f9:85:8f:b1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjJ/znJtdX0uxoA5ODhSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTVmMmU5MTQ5Y2UxYjQyOGM4ZjFlZGZjMDA5MjE1ZTI4
NDdmNTUwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ3ZDVhYjlhNmFhZTJiMzRmNmM2MTllYThjNTVmN2YwNzc5M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl474ThZgdVnIACMiTT65LiBfrzO
pB169vJh00aT214xAfadFPMW6UyUuy0UsAnWVtnfq4XfiEMrb9LA/oy107MSRCz2
q5415OVoCjjuKVwk3Pb0B+r6ZQqS+3hRcT3GWUYBAnUFStXyvpNdKahiVPor0Oxa
zMBnmd0kDa4+OyRvbM8pAohelNoP1by6DOoKYBFxSyIKuPLkGSLqf+13ImrOH9ep
G69IK+LZRcNpqcQNAwowX5RAq16+O1M4/46JAyHDZJ2Y+u9n2ryLoyDqv0admIXi
al+PMPIE2IU2dLXLPT8wGKkyvc5lDhwvdxMdkoVgUqcsEqtauQoocNUjmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIJH1auaaq4rNPbGGeqMVffwd5O5MB8GA1UdIwQY
MBaAFNUV8ukUnOG0KMjx7fwAkhXihH9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJYeTZSU2M0YlFveVBIdF9BQ1NGZUtFZjFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84MzY2YWUtNTc1ZC00ZmRlLThlOTIt
MDA4OTk0NDk4MGNhLzEvZ2tmVnE1cHFyaXMwOXNZWjZveFY5X0IzazdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84MzY2YWUtNTc1ZC00ZmRlLThlOTItMDA4OTk0NDk4MGNh
LzEvMVJYeTZSU2M0YlFveVBIdF9BQ1NGZUtFZjFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgHqAAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQA0D8c+NLxYbmKPbn89cSNA7eNMkhZl9SK5kF7c
OgboW3HesL5fo4EQRbH2Yb2M3JxNVaYOiWpjV2g3KUqr/ToT1Ogl4Z1UF0viN0mw
KnUbwKUOf5z5FeUOa9+vhMW8rOaRwYdYFDW7nj/dVorgW+pfueP8Knlz4DEJaMmn
y+Mnb9GqF1J4xEp6S0Fpurb3qAVxrrO5p5NOp1n+TJZLdwO4Z5C5CDC4loJqCVpZ
QH/sAEUsm4m6ylWqJ6be/CXkv6O3vZrxYT6CpxpVau7KKtW5dz/4N3PODF/Ps/Dx
sw7CaGzofFkmaik/RWvr80jjuVHU5mDKvz5p8cEvK+35hY+x
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:18:57 2025 by rpki-client