Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/u3VJR1_M7JzYx842qLGTM0en5V0.roa
File: u3VJR1_M7JzYx842qLGTM0en5V0.roa (raw, json)
Hash identifier: qbP/xDwKS1NUr1YSZhW1L+ZrVrT39XIk/W4+EAm8kOI=
Subject key identifier: BB:75:49:47:5F:CC:EC:9C:D8:C7:CE:36:A8:B1:93:33:47:A7:E5:5D
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 019427B5D3A9605EC23ECFBBB2385D8532FA
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/u3VJR1_M7JzYx842qLGTM0en5V0.roa
Signing time: Thu 02 Jan 2025 15:50:15 +0000
ROA not before: Thu 02 Jan 2025 15:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213106
IP address blocks: 2001:bf7:1320::/44 maxlen: 48
2001:bf7:1321::/48 maxlen: 48
2001:bf7:1350::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.mft
rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d3:a9:60:5e:c2:3e:cf:bb:b2:38:5d:85:32:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 2 15:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb7549475fccec9cd8c7ce36a8b1933347a7e55d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:2d:90:d9:4a:ed:af:ce:e8:ce:6b:5e:0b:
1a:87:48:d3:69:8b:8d:99:86:04:2c:54:ef:10:1f:
20:c4:a7:9d:15:3e:17:8e:3f:4d:d0:f3:a0:ef:2c:
98:c4:a1:b9:b1:06:0d:73:13:97:9d:76:00:dc:05:
d7:d2:42:2d:aa:ef:29:87:8b:8c:e2:a2:7d:55:4f:
ee:60:81:cc:f3:51:7f:de:f8:3c:d7:0c:23:c0:87:
07:1f:ce:fd:89:fb:1a:0d:50:05:db:c6:80:a5:7c:
1f:ec:4e:e7:b5:29:54:e3:50:e8:ab:d0:92:04:6e:
6c:49:89:ad:37:c6:8f:b5:36:a2:27:45:23:88:ec:
f5:10:1d:c3:f6:db:d1:14:e5:04:b6:14:47:38:13:
37:5f:5c:68:d6:f3:b0:28:2a:a4:7e:52:ca:48:2b:
1b:1d:eb:58:af:f9:49:79:1f:d8:32:65:b1:54:c4:
25:38:48:91:fa:af:da:05:b7:08:42:37:7d:e5:37:
6e:47:20:d0:ab:97:56:5d:17:8c:d8:31:63:9f:c5:
16:06:9e:2c:d5:88:72:f4:9c:d4:d6:d0:a0:be:61:
ba:d7:15:92:01:5a:a6:25:f1:ae:60:bb:d0:71:76:
01:ef:ae:a9:f6:16:0a:0f:d8:9c:66:6c:fe:e7:d8:
c6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:75:49:47:5F:CC:EC:9C:D8:C7:CE:36:A8:B1:93:33:47:A7:E5:5D
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/u3VJR1_M7JzYx842qLGTM0en5V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7:1320::/44
2001:bf7:1350::/44
Signature Algorithm: sha256WithRSAEncryption
71:ab:ec:1e:c8:96:01:9a:b0:42:ab:8e:13:a8:eb:73:21:56:
a5:2a:d5:b4:f6:cc:98:b8:5d:97:8c:fb:5b:21:88:1a:a0:fe:
4c:94:70:74:67:0c:b4:66:3d:3a:98:0c:c7:5f:48:a0:44:79:
e4:c2:b1:1f:0a:47:bb:e3:d4:f7:6f:d1:15:5f:1d:a6:fa:27:
5d:fe:aa:f7:a0:30:10:21:f7:cc:2e:f4:d2:80:5d:d0:63:4e:
6a:4c:b5:61:49:f9:0a:fa:f4:81:e0:6c:6d:60:54:d2:7f:a2:
12:8e:82:4e:b8:d9:1d:b3:d9:6c:f2:85:2c:9b:a2:72:4e:c7:
32:16:59:d3:bb:5d:73:45:0a:1c:4c:ff:20:86:a7:4a:b9:74:
c8:57:4b:67:c1:f5:11:84:80:a6:5c:81:33:72:7e:75:af:42:
0c:1b:22:ba:3d:c9:bb:57:7b:89:7b:fb:94:f8:d5:92:b2:74:
44:ea:af:9c:af:27:22:3b:56:cd:06:8c:a7:9b:50:59:3d:5d:
3a:0a:9c:37:39:9e:a0:26:3c:b2:7c:e3:10:84:ad:f1:d7:25:
a5:87:9a:df:b3:ff:90:a6:d1:01:b7:88:48:a3:37:ca:4b:53:
69:a6:8c:a7:e6:5e:e3:14:b2:46:a6:21:e8:d6:f5:e7:d1:c0:
3f:5f:da:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntdOpYF7CPs+7sjhdhTL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjUwMTAyMTU1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjc1NDk0NzVmY2NlYzljZDhjN2NlMzZhOGIxOTMzMzQ3YTdlNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHItkNlK7a/O6M5rXgsah0jTaYuN
mYYELFTvEB8gxKedFT4Xjj9N0POg7yyYxKG5sQYNcxOXnXYA3AXX0kItqu8ph4uM
4qJ9VU/uYIHM81F/3vg81wwjwIcHH879ifsaDVAF28aApXwf7E7ntSlU41Doq9CS
BG5sSYmtN8aPtTaiJ0UjiOz1EB3D9tvRFOUEthRHOBM3X1xo1vOwKCqkflLKSCsb
HetYr/lJeR/YMmWxVMQlOEiR+q/aBbcIQjd95TduRyDQq5dWXReM2DFjn8UWBp4s
1Yhy9JzU1tCgvmG61xWSAVqmJfGuYLvQcXYB766p9hYKD9icZmz+59jGMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLt1SUdfzOyc2MfONqixkzNHp+VdMB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvdTNWSlIxX003SnpZeDg0MnFMR1RNMGVuNVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEIAEL9xMg
AwcEIAEL9xNQMA0GCSqGSIb3DQEBCwUAA4IBAQBxq+weyJYBmrBCq44TqOtzIVal
KtW09syYuF2XjPtbIYgaoP5MlHB0Zwy0Zj06mAzHX0igRHnkwrEfCke749T3b9EV
Xx2m+idd/qr3oDAQIffMLvTSgF3QY05qTLVhSfkK+vSB4GxtYFTSf6ISjoJOuNkd
s9ls8oUsm6JyTscyFlnTu11zRQocTP8ghqdKuXTIV0tnwfURhICmXIEzcn51r0IM
GyK6Pcm7V3uJe/uU+NWSsnRE6q+cryciO1bNBoynm1BZPV06Cpw3OZ6gJjyyfOMQ
hK3x1yWlh5rfs/+QptEBt4hIozfKS1Nppoyn5l7jFLJGpiHo1vXn0cA/X9qp
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:16:30 2025 by rpki-client