Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/tYTCXjdd6a-Lr6S2LTPv_OpkXmc.roa
File: tYTCXjdd6a-Lr6S2LTPv_OpkXmc.roa (raw, json)
Hash identifier: GHmsgW330iSp8of0BZELcAg4KzkX+Jd8lu+4iluVCwo=
Subject key identifier: B5:84:C2:5E:37:5D:E9:AF:8B:AF:A4:B6:2D:33:EF:FC:EA:64:5E:67
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA6A9B84781D42663E5706CB6D1A46
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/tYTCXjdd6a-Lr6S2LTPv_OpkXmc.roa
Signing time: Wed 01 Jan 2025 03:48:12 +0000
ROA not before: Wed 01 Jan 2025 03:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206150
IP address blocks: 2a0e:d781::/32 maxlen: 48
2a0e:d782::/32 maxlen: 48
2a0e:d783::/32 maxlen: 48
2a11:f883::/32 maxlen: 48
2a11:f884::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6a:9b:84:78:1d:42:66:3e:57:06:cb:6d:1a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b584c25e375de9af8bafa4b62d33effcea645e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:55:cb:90:ae:2c:14:81:48:dc:b5:63:61:a0:
42:61:32:ea:e6:df:ed:77:c4:76:8a:28:e4:12:e3:
9a:64:fa:eb:67:11:27:47:07:76:c8:2d:46:a5:44:
5b:77:64:1e:05:97:7f:be:89:e8:56:06:1f:70:79:
03:3b:bf:0b:d0:75:2e:27:72:15:ac:43:32:0f:9d:
75:d3:04:67:0e:19:fc:f3:78:cf:90:3b:4f:26:1a:
80:79:aa:00:34:b4:69:44:ab:ff:8e:f3:f0:d0:ec:
da:a3:f4:cd:e7:65:f6:86:e5:3e:d1:03:12:fc:f8:
98:35:3d:71:16:ce:4e:f9:db:0e:a5:9d:f2:15:fb:
31:b7:20:0c:1e:bc:2a:83:06:d3:bc:09:b0:a4:9b:
40:13:fe:16:2e:6e:80:ac:c8:f4:36:01:54:90:92:
c3:77:83:3e:2b:12:be:09:ca:5d:80:8e:25:0f:46:
be:d1:0a:26:18:e6:ea:0d:0e:4f:7d:6a:1e:8f:95:
22:a3:ea:42:e6:a9:af:97:93:48:3b:a8:01:ee:41:
c6:7d:62:e2:3a:14:e9:75:6e:f7:13:0c:92:07:94:
14:7c:c9:0b:7d:32:a8:bd:42:8e:00:03:64:4d:31:
9a:aa:e2:1e:78:c6:41:94:ff:2f:20:bc:75:ea:19:
34:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:84:C2:5E:37:5D:E9:AF:8B:AF:A4:B6:2D:33:EF:FC:EA:64:5E:67
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/tYTCXjdd6a-Lr6S2LTPv_OpkXmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d781::-2a0e:d783:ffff:ffff:ffff:ffff:ffff:ffff
2a11:f883::-2a11:f884:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
20:40:ab:cf:c2:61:b4:1c:b1:46:c3:f0:e7:c2:85:5b:e5:e8:
5a:81:07:4c:e1:85:ed:65:eb:b3:a2:bb:17:96:28:fd:86:2e:
d2:b0:38:34:6a:11:20:a4:89:c0:22:8a:38:a5:59:4a:be:f4:
5b:02:55:1e:3b:ab:13:07:5b:7e:c0:f8:0e:b5:4a:1f:bb:f8:
d5:02:c2:3b:b3:7f:b7:b9:c1:39:f5:c8:91:7f:2e:6b:90:97:
6e:9b:33:e5:f8:df:8e:b6:a8:bd:e7:1b:53:61:70:18:62:2f:
69:9d:77:54:8b:c9:60:f4:9d:a7:4c:05:ed:d7:82:f9:f9:47:
42:44:9a:84:b7:51:16:91:c9:6f:e9:d0:ab:03:ed:65:51:09:
ad:e6:31:61:f3:4d:1e:51:12:3d:bf:f1:54:12:47:e1:f0:71:
85:36:7b:a1:72:93:af:70:61:b5:2c:71:94:ed:94:ba:c0:3b:
5e:3d:60:d7:15:8f:e1:c0:62:89:40:3e:b5:cd:13:c8:e7:40:
1d:3f:7d:4d:7d:f6:2d:a7:86:9b:21:14:38:cc:4c:f0:ce:53:
b4:8d:03:53:c1:17:f8:0b:38:14:b0:a1:6d:6d:43:0f:5c:9f:
b1:84:21:3b:29:92:fd:eb:cd:c9:c2:87:fc:5c:0b:47:b9:35:
df:ce:2d:df
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQf+mqbhHgdQmY+VwbLbRpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg0YzI1ZTM3NWRlOWFmOGJhZmE0YjYyZDMzZWZmY2VhNjQ1ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lXLkK4sFIFI3LVjYaBCYTLq5t/t
d8R2iijkEuOaZPrrZxEnRwd2yC1GpURbd2QeBZd/vonoVgYfcHkDO78L0HUuJ3IV
rEMyD5110wRnDhn883jPkDtPJhqAeaoANLRpRKv/jvPw0Ozao/TN52X2huU+0QMS
/PiYNT1xFs5O+dsOpZ3yFfsxtyAMHrwqgwbTvAmwpJtAE/4WLm6ArMj0NgFUkJLD
d4M+KxK+CcpdgI4lD0a+0QomGObqDQ5PfWoej5Uio+pC5qmvl5NIO6gB7kHGfWLi
OhTpdW73EwySB5QUfMkLfTKovUKOAANkTTGaquIeeMZBlP8vILx16hk0QwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLWEwl43Xemvi6+kti0z7/zqZF5nMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvdFlUQ1hqZGQ2YS1McjZTMkxUUHZfT3BrWG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgMA4DBQAqDteB
AwUCKg7XgDAOAwUAKhH4gwMFACoR+IQwDQYJKoZIhvcNAQELBQADggEBACBAq8/C
YbQcsUbD8OfChVvl6FqBB0zhhe1l67OiuxeWKP2GLtKwODRqESCkicAiijilWUq+
9FsCVR47qxMHW37A+A61Sh+7+NUCwjuzf7e5wTn1yJF/LmuQl26bM+X43462qL3n
G1NhcBhiL2mdd1SLyWD0nadMBe3Xgvn5R0JEmoS3URaRyW/p0KsD7WVRCa3mMWHz
TR5REj2/8VQSR+HwcYU2e6Fyk69wYbUscZTtlLrAO149YNcVj+HAYolAPrXNE8jn
QB0/fU199i2nhpshFDjMTPDOU7SNA1PBF/gLOBSwoW1tQw9cn7GEITspkv3rzcnC
h/xcC0e5Nd/OLd8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:06:39 2025 by rpki-client