Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/pwFLoSIf9VUbET6QAXvLZY5rPr0.roa
File: pwFLoSIf9VUbET6QAXvLZY5rPr0.roa (raw, json)
Hash identifier: va4qzagh1XVOL80SDuYlOL0AHUwEGtmHAcyNr2+1pWE=
Subject key identifier: A7:01:4B:A1:22:1F:F5:55:1B:11:3E:90:01:7B:CB:65:8E:6B:3E:BD
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 01963EB98FB6772D8A3ED9D3C18321DBF5A0
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/pwFLoSIf9VUbET6QAXvLZY5rPr0.roa
Signing time: Wed 16 Apr 2025 13:11:10 +0000
ROA not before: Wed 16 Apr 2025 13:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 2a13:7505:4::/48 maxlen: 48
2a13:7506:9004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:b9:8f:b6:77:2d:8a:3e:d9:d3:c1:83:21:db:f5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Apr 16 13:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7014ba1221ff5551b113e90017bcb658e6b3ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a0:a5:b9:66:e0:49:9d:b0:95:c7:3b:63:34:
03:ee:d7:d6:cd:c0:48:1c:44:a3:13:ff:f8:2c:ea:
a2:c6:bc:ef:df:99:17:bc:d6:e0:22:b4:7f:7c:42:
ab:c4:f9:ca:e8:46:0a:60:f8:42:94:28:8e:76:3d:
df:07:64:2f:6b:2d:70:ed:73:4f:08:b5:8c:41:4e:
cf:1a:c7:88:31:64:13:92:04:de:b8:7b:8e:eb:81:
25:7e:54:0e:3d:4c:57:9f:e0:ba:69:43:a0:12:a1:
f9:79:c2:78:df:48:9e:05:67:ff:ff:1b:b0:e5:ef:
23:8d:94:a4:a5:c9:13:ac:a1:0b:f7:1b:66:a7:7d:
7f:65:7d:f7:b6:0b:5d:14:d6:c4:e2:51:24:4a:84:
c5:e5:4d:90:e8:5b:6f:c6:c8:fc:14:e9:12:84:84:
9a:8d:75:03:1a:5d:08:ff:11:7b:3f:91:97:8c:f1:
0e:53:49:ef:bc:20:8c:1b:2c:3a:29:ec:c5:a6:ce:
44:44:36:6e:c0:00:56:85:36:f3:02:8c:a8:cf:e4:
6e:60:dc:6f:15:c4:7d:94:d1:8b:16:4e:84:c8:b1:
ec:1e:7a:cb:26:8c:18:1b:32:1a:c8:82:96:e3:cd:
9b:bb:74:36:84:b4:8f:57:0b:ed:d5:46:06:f4:0a:
4e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:01:4B:A1:22:1F:F5:55:1B:11:3E:90:01:7B:CB:65:8E:6B:3E:BD
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/pwFLoSIf9VUbET6QAXvLZY5rPr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7505:4::/48
2a13:7506:9004::/48
Signature Algorithm: sha256WithRSAEncryption
88:45:b6:99:56:74:26:79:c8:be:b8:47:5c:7f:20:cf:14:9e:
0b:0b:56:02:4e:6d:2f:60:5d:35:a4:7e:56:0a:59:1d:6e:4f:
77:85:fc:f3:5a:36:e7:da:cd:74:c9:0f:f0:45:7b:c6:27:31:
26:60:6f:6d:0a:0a:ec:f2:3f:cb:01:b2:32:c7:a9:c7:62:61:
a8:54:fc:c8:8b:7c:96:d1:c2:22:48:90:2b:f0:0d:9c:f9:5c:
1a:3f:40:2c:dc:e9:b7:37:1a:70:21:1f:e0:7b:57:70:ef:60:
ab:e1:e8:40:de:0a:66:ec:e5:d9:04:fd:02:ea:68:d7:eb:49:
44:f5:61:ee:fd:b9:49:e0:d6:66:29:1f:33:2c:a5:5a:eb:22:
ad:08:bb:e5:f9:c2:79:8f:03:76:2e:9a:33:e9:5b:e0:c7:51:
12:3c:e7:71:76:25:3b:07:1f:93:cb:ac:1a:c2:10:a1:e9:88:
8b:fa:be:91:5b:cf:b3:12:33:fd:fb:45:08:9d:82:66:68:9b:
f9:f1:fe:aa:69:63:55:f9:cd:b7:04:f4:4b:cc:53:61:77:92:
3e:83:35:45:cb:cc:8d:56:68:e0:b7:ea:66:72:d3:71:2c:8e:
97:a7:97:b2:3b:e5:0c:1e:db:9c:88:a6:30:e5:b5:0f:16:29:
53:ec:1a:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZY+uY+2dy2KPtnTwYMh2/WgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjUwNDE2MTMxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzAxNGJhMTIyMWZmNTU1MWIxMTNlOTAwMTdiY2I2NThlNmIzZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqCluWbgSZ2wlcc7YzQD7tfWzcBI
HESjE//4LOqixrzv35kXvNbgIrR/fEKrxPnK6EYKYPhClCiOdj3fB2Qvay1w7XNP
CLWMQU7PGseIMWQTkgTeuHuO64ElflQOPUxXn+C6aUOgEqH5ecJ430ieBWf//xuw
5e8jjZSkpckTrKEL9xtmp31/ZX33tgtdFNbE4lEkSoTF5U2Q6Ftvxsj8FOkShISa
jXUDGl0I/xF7P5GXjPEOU0nvvCCMGyw6KezFps5ERDZuwABWhTbzAoyoz+RuYNxv
FcR9lNGLFk6EyLHsHnrLJowYGzIayIKW482bu3Q2hLSPVwvt1UYG9ApO0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKcBS6EiH/VVGxE+kAF7y2WOaz69MB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvcHdGTG9TSWY5VlViRVQ2UUFYdkxaWTVyUHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhN1BQAE
AwcAKhN1BpAEMA0GCSqGSIb3DQEBCwUAA4IBAQCIRbaZVnQmeci+uEdcfyDPFJ4L
C1YCTm0vYF01pH5WClkdbk93hfzzWjbn2s10yQ/wRXvGJzEmYG9tCgrs8j/LAbIy
x6nHYmGoVPzIi3yW0cIiSJAr8A2c+VwaP0As3Om3NxpwIR/ge1dw72Cr4ehA3gpm
7OXZBP0C6mjX60lE9WHu/blJ4NZmKR8zLKVa6yKtCLvl+cJ5jwN2Lpoz6Vvgx1ES
POdxdiU7Bx+Ty6wawhCh6YiL+r6RW8+zEjP9+0UInYJmaJv58f6qaWNV+c23BPRL
zFNhd5I+gzVFy8yNVmjgt+pmctNxLI6Xp5eyO+UMHtuciKYw5bUPFilT7Bpg
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:43:29 2025 by rpki-client