Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/TiJ8h1qlcilwepecSwvXjw5DbUQ.roa
File: TiJ8h1qlcilwepecSwvXjw5DbUQ.roa (raw, json)
Hash identifier: i3FrVocCPmFO/RIdZF92/i/Jo2J9RsAjOqfHgmiRxmw=
Subject key identifier: 4E:22:7C:87:5A:A5:72:29:70:7A:97:9C:4B:0B:D7:8F:0E:43:6D:44
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01945FEEC77D5ED4F778CE11E221CE6EB308
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/TiJ8h1qlcilwepecSwvXjw5DbUQ.roa
Signing time: Mon 13 Jan 2025 13:51:11 +0000
ROA not before: Mon 13 Jan 2025 13:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42577
IP address blocks: 2a06:1301:4220::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 19:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:ee:c7:7d:5e:d4:f7:78:ce:11:e2:21:ce:6e:b3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 13 13:51:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e227c875aa57229707a979c4b0bd78f0e436d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:24:11:8b:93:21:4a:ba:76:82:7c:79:a8:30:
7a:33:f6:d2:1b:15:3e:16:ce:d2:5c:3c:2e:e7:88:
9c:03:c3:b0:66:d6:99:18:aa:40:cb:2b:cc:84:e7:
7a:de:d5:5e:22:f9:77:7c:39:02:81:49:ea:b5:4d:
ea:3f:1b:8f:f8:6c:80:dd:d5:b8:17:75:e2:3c:14:
39:06:7b:42:49:32:7e:12:9c:0e:ef:83:62:56:2b:
ec:8b:1b:a5:66:20:57:df:42:ff:0c:75:ed:40:3a:
d5:45:49:f8:86:68:13:fd:da:98:86:ab:73:f2:2a:
ab:45:79:8c:b1:62:d3:b5:ec:f6:d7:9f:3c:53:49:
12:91:14:9b:ed:e9:30:24:24:20:f4:94:08:09:78:
df:bb:1b:89:ca:02:e6:b3:e9:45:9d:e1:14:7a:df:
d6:2a:86:de:be:26:13:dc:98:92:5a:6c:0a:7f:44:
b3:2f:0f:23:fe:cf:41:a6:83:dc:a5:8c:2a:d1:b0:
17:b0:3b:41:08:6d:8b:d3:44:c7:5c:c4:f5:79:52:
ca:5b:a0:04:07:12:c4:96:77:6a:c6:4e:6a:d8:98:
a4:91:c7:d4:d9:96:a7:bf:ea:2c:9c:d2:c5:b7:64:
fb:0e:45:fb:da:2d:23:e3:9d:37:1c:22:a3:46:c5:
68:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:22:7C:87:5A:A5:72:29:70:7A:97:9C:4B:0B:D7:8F:0E:43:6D:44
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/TiJ8h1qlcilwepecSwvXjw5DbUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1301:4220::/48
Signature Algorithm: sha256WithRSAEncryption
cb:75:e5:80:cf:c0:7b:95:c9:1e:4a:7a:f8:e6:f1:dd:53:d0:
cf:d5:c1:11:46:78:ea:df:6c:e6:01:c1:92:86:bc:df:84:b5:
59:63:ab:6a:b9:40:a6:fd:b2:e9:f6:96:b0:68:9b:4b:aa:39:
74:f0:4c:61:11:41:68:00:68:40:9c:63:31:2b:40:d3:c9:5b:
d5:54:7e:96:7d:45:3d:dc:c7:43:98:56:82:ef:76:02:46:fd:
fe:91:4a:eb:fd:7e:02:ae:a5:61:7b:9e:ad:bb:b6:1b:e6:46:
43:1b:6c:f5:fc:05:da:fa:15:9a:93:a2:71:46:c0:e6:fd:bc:
e9:9a:cf:ca:0a:90:00:6a:f9:8e:70:b5:43:b4:96:a5:f1:b4:
a0:1c:4c:7f:91:b4:22:dd:ca:5a:a8:51:36:95:89:f5:f7:54:
e9:4d:8d:d8:ef:27:91:f0:ab:e2:3f:fc:f9:bb:bd:49:d3:a8:
72:32:e2:6e:10:d6:da:f6:64:d5:83:0a:5c:4a:17:d8:23:ac:
1c:90:df:61:5b:a6:9b:2d:4d:0b:18:6a:ff:80:9c:02:95:d2:
c5:e8:a4:37:51:5b:a1:29:f5:ca:be:9a:52:91:0a:5e:0f:4e:
18:4e:a1:f1:eb:8b:9e:95:e5:ba:86:73:2e:f5:99:47:4c:e4:
41:ea:5e:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZRf7sd9XtT3eM4R4iHObrMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMTEzMTM1MTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTIyN2M4NzVhYTU3MjI5NzA3YTk3OWM0YjBiZDc4ZjBlNDM2ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSQRi5MhSrp2gnx5qDB6M/bSGxU+
Fs7SXDwu54icA8OwZtaZGKpAyyvMhOd63tVeIvl3fDkCgUnqtU3qPxuP+GyA3dW4
F3XiPBQ5BntCSTJ+EpwO74NiVivsixulZiBX30L/DHXtQDrVRUn4hmgT/dqYhqtz
8iqrRXmMsWLTtez21588U0kSkRSb7ekwJCQg9JQICXjfuxuJygLms+lFneEUet/W
KobeviYT3JiSWmwKf0SzLw8j/s9BpoPcpYwq0bAXsDtBCG2L00THXMT1eVLKW6AE
BxLElndqxk5q2JikkcfU2Zanv+osnNLFt2T7DkX72i0j4503HCKjRsVoFQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE4ifIdapXIpcHqXnEsL148OQ21EMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvVGlKOGgxcWxjaWx3ZXBlY1N3dlhqdzVEYlVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgYTAUIg
MA0GCSqGSIb3DQEBCwUAA4IBAQDLdeWAz8B7lckeSnr45vHdU9DP1cERRnjq32zm
AcGShrzfhLVZY6tquUCm/bLp9pawaJtLqjl08ExhEUFoAGhAnGMxK0DTyVvVVH6W
fUU93MdDmFaC73YCRv3+kUrr/X4CrqVhe56tu7Yb5kZDG2z1/AXa+hWak6JxRsDm
/bzpms/KCpAAavmOcLVDtJal8bSgHEx/kbQi3cpaqFE2lYn191TpTY3Y7yeR8Kvi
P/z5u71J06hyMuJuENba9mTVgwpcShfYI6wckN9hW6abLU0LGGr/gJwCldLF6KQ3
UVuhKfXKvppSkQpeD04YTqHx64ueleW6hnMu9ZlHTORB6l75
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:33:19 2025 by rpki-client