Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1-inRbHvYnuK-O4aLRTy9sMWaNo0.roa
File: 1-inRbHvYnuK-O4aLRTy9sMWaNo0.roa (raw, json)
Hash identifier: RQGYU6OJn9mBtaZAMgoFL8JMbLXHvaQ3kI4e1KKnSzI=
Subject key identifier: FA:29:D1:6C:7B:D8:9E:E2:BE:3B:86:8B:45:3C:BD:B0:C5:9A:36:8D
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258EC22E34401081B93581F7D4A35C2D
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1-inRbHvYnuK-O4aLRTy9sMWaNo0.roa
Signing time: Thu 02 Jan 2025 05:48:20 +0000
ROA not before: Thu 02 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:aa02::/40 maxlen: 40
2a0e:aa06:502::/48 maxlen: 48
2a0e:aa06:503::/48 maxlen: 48
2a0e:aa06:52a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:c2:2e:34:40:10:81:b9:35:81:f7:d4:a3:5c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa29d16c7bd89ee2be3b868b453cbdb0c59a368d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:81:0c:83:f8:b8:bb:24:e4:7f:7a:51:0f:4d:
c3:ea:06:ba:98:ce:0a:14:b1:05:ab:3c:2c:e9:75:
cd:44:84:95:0c:8b:3d:a0:11:e0:8b:10:24:d9:36:
7b:f7:73:2c:e3:2e:26:bf:f9:e6:9a:7a:c3:9c:1f:
c1:8b:71:f0:a0:b5:09:13:44:90:52:47:a1:e0:cc:
2f:d0:e7:ed:a6:65:d3:59:1c:04:7a:8e:22:8c:e0:
6d:d9:e0:89:65:51:f4:c7:cc:c3:0f:0a:05:a3:64:
ec:24:5b:1d:68:cb:11:5b:25:15:49:f8:fa:93:5b:
4b:b2:96:3e:fa:9f:ac:92:26:d3:6d:3b:57:35:ba:
13:fc:4a:a3:9d:04:6c:a6:18:d8:4e:7a:9c:34:52:
c0:19:d7:74:e9:10:2a:05:a9:39:32:6b:98:22:e9:
b5:de:d8:4c:01:ee:12:bd:0c:e0:9e:b8:2e:0f:1c:
fc:66:f9:02:98:cb:a3:68:a2:d6:27:30:15:3e:f8:
29:ae:a3:41:5d:a2:d0:e8:e3:f0:f4:0e:bd:66:20:
32:fa:2d:d2:7d:b6:23:be:11:78:91:39:be:a0:08:
e3:7c:e3:33:58:7d:ac:5e:a2:e8:c1:90:3c:6e:ca:
ce:c5:fe:af:37:dc:0b:fb:c7:b1:1a:7a:0f:76:a0:
82:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:29:D1:6C:7B:D8:9E:E2:BE:3B:86:8B:45:3C:BD:B0:C5:9A:36:8D
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/1-inRbHvYnuK-O4aLRTy9sMWaNo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa02::/40
2a0e:aa06:502::/47
2a0e:aa06:52a::/48
Signature Algorithm: sha256WithRSAEncryption
c7:e0:18:d5:62:1d:c9:c7:aa:24:29:b1:16:99:44:4f:30:0f:
ff:de:04:09:d2:d8:4d:52:fe:52:eb:47:5a:47:8d:7c:2a:c8:
9b:60:a8:4b:e2:d1:69:4c:c9:b5:b6:a6:66:ac:23:1f:d8:86:
0e:34:d8:ce:c3:68:bc:02:d5:93:df:96:43:08:41:f2:20:c9:
83:b9:c6:19:6f:f6:65:3b:b3:52:94:96:e4:14:f2:7a:56:ae:
55:dc:9c:9a:bd:ef:48:72:e1:a3:d4:a1:bf:3c:f6:c3:a5:05:
94:39:1e:1e:0b:52:a6:e1:1b:aa:d6:d6:de:9c:2a:74:ce:e5:
86:72:9a:79:02:a8:57:55:36:df:6d:1b:d9:f0:79:80:da:92:
7b:93:9e:bb:ca:50:56:d6:be:70:81:3d:c0:07:1e:d4:fa:10:
eb:90:50:fd:25:32:d7:0d:38:1d:0e:3b:fa:fa:15:22:a9:67:
65:fc:a2:5d:58:ac:4a:b7:92:2b:86:ab:30:77:9d:9e:50:b6:
e3:af:9a:6e:67:44:ab:64:38:95:fa:ff:97:7a:bc:e0:0d:b1:
c6:4e:f6:47:35:53:e8:85:2b:70:66:c1:f5:8a:2d:83:57:4b:
86:75:8c:5a:06:f7:c6:87:a7:8b:a6:4b:b9:82:05:62:28:83:
d1:47:7a:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQljsIuNEAQgbk1gffUo1wtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTI5ZDE2YzdiZDg5ZWUyYmUzYjg2OGI0NTNjYmRiMGM1OWEzNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24EMg/i4uyTkf3pRD03D6ga6mM4K
FLEFqzws6XXNRISVDIs9oBHgixAk2TZ793Ms4y4mv/nmmnrDnB/Bi3HwoLUJE0SQ
Ukeh4Mwv0OftpmXTWRwEeo4ijOBt2eCJZVH0x8zDDwoFo2TsJFsdaMsRWyUVSfj6
k1tLspY++p+skibTbTtXNboT/EqjnQRsphjYTnqcNFLAGdd06RAqBak5MmuYIum1
3thMAe4SvQzgnrguDxz8ZvkCmMujaKLWJzAVPvgprqNBXaLQ6OPw9A69ZiAy+i3S
fbYjvhF4kTm+oAjjfOMzWH2sXqLowZA8bsrOxf6vN9wL+8exGnoPdqCCQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPop0Wx72J7ivjuGi0U8vbDFmjaNMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvMS1pblJiSHZZbnVLLU80YUxSVHk5c01XYU5vMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2YvNzJiZjJmLThlMzQtNDhhMi04NDlhLWE1NDFkMWJjZWUx
OS8xL2syRzF6V2xvSmJkUHpMcDlsOFBRb25KTzg2by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAIwGgMGACoOqgIA
AwcBKg6qBgUCAwcAKg6qBgUqMA0GCSqGSIb3DQEBCwUAA4IBAQDH4BjVYh3Jx6ok
KbEWmURPMA//3gQJ0thNUv5S60daR418KsibYKhL4tFpTMm1tqZmrCMf2IYONNjO
w2i8AtWT35ZDCEHyIMmDucYZb/ZlO7NSlJbkFPJ6Vq5V3Jyave9IcuGj1KG/PPbD
pQWUOR4eC1Km4Ruq1tbenCp0zuWGcpp5AqhXVTbfbRvZ8HmA2pJ7k567ylBW1r5w
gT3ABx7U+hDrkFD9JTLXDTgdDjv6+hUiqWdl/KJdWKxKt5Irhqswd52eULbjr5pu
Z0SrZDiV+v+XerzgDbHGTvZHNVPohStwZsH1ii2DV0uGdYxaBvfGh6eLpku5ggVi
KIPRR3pF
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:18:29 2025 by rpki-client