Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/D7YtK9tagFT7IWwQO60sHf0LXVU.roa
File: D7YtK9tagFT7IWwQO60sHf0LXVU.roa (raw, json)
Hash identifier: KpdD7VpycfIyh0XPEOdo5BPUraOZTdQeheGBUUoVgG0=
Subject key identifier: 0F:B6:2D:2B:DB:5A:80:54:FB:21:6C:10:3B:AD:2C:1D:FD:0B:5D:55
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258ECE814FB523B2FAC38E7B5946CFDC
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/D7YtK9tagFT7IWwQO60sHf0LXVU.roa
Signing time: Thu 02 Jan 2025 05:48:23 +0000
ROA not before: Thu 02 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198527
IP address blocks: 2a0e:aa07:e0e0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:ce:81:4f:b5:23:b2:fa:c3:8e:7b:59:46:cf:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fb62d2bdb5a8054fb216c103bad2c1dfd0b5d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d6:5b:4d:9c:9e:82:7d:87:ec:bd:c5:9f:bc:
fa:31:07:3e:6d:4c:c3:bb:87:c6:ea:56:d4:72:c6:
7b:6e:44:4d:13:c6:3f:f1:de:77:57:7c:83:48:4a:
9d:7f:cd:50:73:4e:73:bf:d4:4a:b1:16:c1:bb:dc:
7d:cb:3f:d5:9f:0c:75:34:78:b0:7f:5c:fb:1e:e9:
6b:82:7e:9c:fb:85:9e:5b:55:50:8a:75:50:21:e0:
b6:26:a5:f6:68:b7:a4:49:0a:f6:55:97:09:ff:90:
0d:f0:cd:71:a6:ed:86:f2:d7:76:07:b2:93:06:47:
c3:e1:cd:14:74:1d:55:d0:dc:9a:58:d8:32:d4:a5:
91:2e:a8:1e:b4:e2:4c:53:e4:8e:2a:ed:fc:ca:ea:
14:b3:ef:c1:56:d7:a7:8e:5e:a4:b1:72:53:23:47:
66:c3:bc:a2:34:7f:8d:fd:34:27:dc:97:b5:2e:8e:
60:7a:18:7b:57:aa:b3:7a:c7:ad:e1:c2:b5:23:3e:
ef:85:26:bb:ad:dc:3f:f7:d6:8f:6c:c2:b5:32:47:
9e:9d:0c:42:b9:c6:11:ed:32:b2:98:32:42:8b:bb:
62:74:51:be:d0:61:8f:b8:24:97:a5:fd:99:80:13:
e6:f9:a1:ff:94:8a:53:bc:a9:6a:e6:1f:44:dc:85:
a6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B6:2D:2B:DB:5A:80:54:FB:21:6C:10:3B:AD:2C:1D:FD:0B:5D:55
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/D7YtK9tagFT7IWwQO60sHf0LXVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e0e0::/44
Signature Algorithm: sha256WithRSAEncryption
b3:dc:79:8d:18:06:e8:03:19:32:c3:47:ea:9e:b9:6b:a5:f1:
8e:02:75:b3:24:33:64:74:37:a0:05:cd:d5:61:b5:a4:e1:aa:
1b:65:86:43:f9:b4:45:16:9b:7c:d5:92:79:c8:2e:45:25:e8:
22:85:d8:52:53:1d:ae:8a:4e:6d:7d:4e:60:71:a1:b3:c9:68:
02:fb:80:cd:86:72:25:18:44:18:67:6e:81:29:7a:89:90:1f:
a0:c8:4f:7d:e1:e9:3e:ec:ab:a1:c3:2b:ae:ab:3f:d4:24:d3:
1e:bd:49:76:35:2a:ec:77:4b:45:1b:99:ba:be:f2:ed:98:78:
d3:8e:c8:66:89:59:e9:db:58:27:d6:fd:2d:2c:56:c8:f3:07:
db:8f:88:9d:20:25:3c:89:9f:d4:bd:45:3a:4b:cc:e5:8f:2d:
1b:af:8f:3a:ad:00:d4:86:67:9e:6c:fa:48:15:63:8b:6d:3f:
d0:47:4f:1c:fe:b5:22:ac:eb:be:c4:de:ae:88:14:8e:fa:d9:
ff:2d:45:b2:2c:c5:37:66:0d:e5:d2:03:aa:45:cf:d4:eb:15:
a7:e9:a5:fa:76:35:2a:ca:ea:c6:e4:bb:71:be:3c:fc:b8:78:
f4:d5:44:77:69:dc:91:bc:36:7d:c5:18:1a:8a:a9:e3:c2:66:
f5:4a:d0:8d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljs6BT7UjsvrDjntZRs/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmI2MmQyYmRiNWE4MDU0ZmIyMTZjMTAzYmFkMmMxZGZkMGI1ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktZbTZyegn2H7L3Fn7z6MQc+bUzD
u4fG6lbUcsZ7bkRNE8Y/8d53V3yDSEqdf81Qc05zv9RKsRbBu9x9yz/Vnwx1NHiw
f1z7Hulrgn6c+4WeW1VQinVQIeC2JqX2aLekSQr2VZcJ/5AN8M1xpu2G8td2B7KT
BkfD4c0UdB1V0NyaWNgy1KWRLqgetOJMU+SOKu38yuoUs+/BVtenjl6ksXJTI0dm
w7yiNH+N/TQn3Je1Lo5gehh7V6qzeset4cK1Iz7vhSa7rdw/99aPbMK1MkeenQxC
ucYR7TKymDJCi7tidFG+0GGPuCSXpf2ZgBPm+aH/lIpTvKlq5h9E3IWmvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA+2LSvbWoBU+yFsEDutLB39C11VMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvRDdZdEs5dGFnRlQ3SVd3UU82MHNIZjBMWFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+Dg
MA0GCSqGSIb3DQEBCwUAA4IBAQCz3HmNGAboAxkyw0fqnrlrpfGOAnWzJDNkdDeg
Bc3VYbWk4aobZYZD+bRFFpt81ZJ5yC5FJegihdhSUx2uik5tfU5gcaGzyWgC+4DN
hnIlGEQYZ26BKXqJkB+gyE994ek+7Kuhwyuuqz/UJNMevUl2NSrsd0tFG5m6vvLt
mHjTjshmiVnp21gn1v0tLFbI8wfbj4idICU8iZ/UvUU6S8zljy0br486rQDUhmee
bPpIFWOLbT/QR08c/rUirOu+xN6uiBSO+tn/LUWyLMU3Zg3l0gOqRc/U6xWn6aX6
djUqyurG5Ltxvjz8uHj01UR3adyRvDZ9xRgaiqnjwmb1StCN
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:11:54 2025 by rpki-client