Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b623a9-f4e1-4ec2-be4d-9b559529ad16/1/DLvYR1epD0kUsHEotih2SRcwg4M.roa
File: DLvYR1epD0kUsHEotih2SRcwg4M.roa (raw, json)
Hash identifier: hAXB2W+KwBdgzJrLsjH1zUhzRdV04IFcuB1LFga5vPA=
Subject key identifier: 0C:BB:D8:47:57:A9:0F:49:14:B0:71:28:B6:28:76:49:17:30:83:83
Certificate issuer: /CN=6b2b921d9a6b444ab58e66eb88f7c12398ea04b5
Certificate serial: 019642CBA56E887AC609BEF462D8BB1A6A91
Authority key identifier: 6B:2B:92:1D:9A:6B:44:4A:B5:8E:66:EB:88:F7:C1:23:98:EA:04:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayuSHZprREq1jmbriPfBI5jqBLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b623a9-f4e1-4ec2-be4d-9b559529ad16/1/DLvYR1epD0kUsHEotih2SRcwg4M.roa
Signing time: Thu 17 Apr 2025 08:09:24 +0000
ROA not before: Thu 17 Apr 2025 08:09:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50273
IP address blocks: 2001:67c:dc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/b623a9-f4e1-4ec2-be4d-9b559529ad16/1/ayuSHZprREq1jmbriPfBI5jqBLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/b623a9-f4e1-4ec2-be4d-9b559529ad16/1/ayuSHZprREq1jmbriPfBI5jqBLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayuSHZprREq1jmbriPfBI5jqBLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:42:cb:a5:6e:88:7a:c6:09:be:f4:62:d8:bb:1a:6a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b2b921d9a6b444ab58e66eb88f7c12398ea04b5
Validity
Not Before: Apr 17 08:09:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cbbd84757a90f4914b07128b628764917308383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5d:16:8f:d1:c1:88:ad:21:75:bf:e7:43:ef:
06:e4:af:51:64:41:c7:35:73:79:ef:3f:46:1a:ba:
82:d4:00:a0:49:4f:fa:e0:90:6d:ca:1f:f7:ad:5e:
20:17:96:a6:54:e0:a2:13:c8:52:f1:f0:cf:f3:32:
e1:1d:83:0a:de:3e:2a:8d:97:6e:1d:db:af:18:25:
da:da:40:72:d6:4e:d0:c9:43:b7:e1:b9:31:61:01:
8e:79:26:1a:3e:58:f8:ff:bd:11:67:9e:22:5a:7c:
cc:59:83:f4:51:fa:3a:e8:6e:8b:97:bc:b9:62:19:
79:e5:8f:69:81:4f:d5:f0:da:b3:ee:0d:e6:d5:69:
c3:17:9f:41:a9:a5:1f:b0:da:d1:1a:ce:a5:bf:a0:
41:e1:11:25:7b:a3:36:cd:8e:44:aa:db:b9:f0:e7:
91:58:e2:81:bc:22:77:79:a8:c8:df:7e:ec:f3:9a:
57:fa:c2:ac:3a:ce:3f:4a:aa:9a:bb:ce:3f:a5:c8:
40:5f:de:7b:fd:d1:04:71:f8:ec:7f:fb:6d:cb:7e:
3e:11:3e:1c:fb:4e:c5:64:bb:e4:d8:97:36:9b:d0:
3f:90:92:7b:42:13:87:4e:a0:b7:c2:7c:fa:ad:3d:
1f:ea:8f:c4:90:12:0e:3d:1f:f9:6d:e8:40:04:2f:
b7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:BB:D8:47:57:A9:0F:49:14:B0:71:28:B6:28:76:49:17:30:83:83
X509v3 Authority Key Identifier:
keyid:6B:2B:92:1D:9A:6B:44:4A:B5:8E:66:EB:88:F7:C1:23:98:EA:04:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayuSHZprREq1jmbriPfBI5jqBLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b623a9-f4e1-4ec2-be4d-9b559529ad16/1/DLvYR1epD0kUsHEotih2SRcwg4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b623a9-f4e1-4ec2-be4d-9b559529ad16/1/ayuSHZprREq1jmbriPfBI5jqBLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:dc::/48
Signature Algorithm: sha256WithRSAEncryption
99:26:bf:59:38:4b:f8:03:89:d1:7c:b6:be:a0:27:c7:b1:93:
9e:a2:23:69:7e:e0:40:f0:84:e6:31:84:fa:81:cd:84:65:ed:
6a:84:0b:26:91:4c:4f:04:ee:c0:8e:e1:ce:18:fd:f7:39:15:
ff:a9:f8:1d:9f:ad:03:27:a9:0e:86:55:2e:f8:16:ce:b8:00:
85:cb:1b:4c:07:44:d2:60:d7:22:85:14:80:75:2d:bb:b5:75:
d0:5d:a4:bd:f3:1e:db:f2:92:a5:36:79:98:32:ed:ff:0a:6c:
ab:89:9e:96:2f:26:5c:20:45:25:7d:fc:c7:23:e1:b7:71:72:
b9:72:6c:61:34:eb:38:0f:9e:36:4c:fc:61:96:57:16:91:e4:
da:88:cc:0e:b5:3c:31:cb:4d:24:b5:55:21:1a:f0:a0:09:4c:
66:32:28:42:af:a6:ab:f2:50:6f:f0:84:8b:82:18:cb:0b:2d:
20:26:18:f9:07:1e:b9:2e:df:62:3c:dd:b5:dc:1f:ae:3b:65:
2e:7c:13:79:c8:cf:f7:39:6f:c3:cf:70:6f:91:ba:bf:3d:d3:
67:4b:73:28:95:b1:bb:fe:90:90:1d:67:22:df:05:b4:a9:2d:
03:82:11:92:a9:b8:ac:3c:55:09:63:52:34:fa:4d:3f:03:3b:
f0:b4:91:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZZCy6VuiHrGCb70Yti7GmqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMmI5MjFkOWE2YjQ0NGFiNThlNjZlYjg4ZjdjMTIzOThl
YTA0YjUwHhcNMjUwNDE3MDgwOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2JiZDg0NzU3YTkwZjQ5MTRiMDcxMjhiNjI4NzY0OTE3MzA4MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6F0Wj9HBiK0hdb/nQ+8G5K9RZEHH
NXN57z9GGrqC1ACgSU/64JBtyh/3rV4gF5amVOCiE8hS8fDP8zLhHYMK3j4qjZdu
HduvGCXa2kBy1k7QyUO34bkxYQGOeSYaPlj4/70RZ54iWnzMWYP0Ufo66G6Ll7y5
Yhl55Y9pgU/V8Nqz7g3m1WnDF59BqaUfsNrRGs6lv6BB4REle6M2zY5Eqtu58OeR
WOKBvCJ3eajI337s85pX+sKsOs4/Sqqau84/pchAX957/dEEcfjsf/tty34+ET4c
+07FZLvk2Jc2m9A/kJJ7QhOHTqC3wnz6rT0f6o/EkBIOPR/5behABC+3xwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAy72EdXqQ9JFLBxKLYodkkXMIODMB8GA1UdIwQY
MBaAFGsrkh2aa0RKtY5m64j3wSOY6gS1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXl1U0hacHJSRXExam1icmlQZkJJNWpxQkxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iNjIzYTktZjRlMS00ZWMyLWJlNGQt
OWI1NTk1MjlhZDE2LzEvREx2WVIxZXBEMGtVc0hFb3RpaDJTUmN3ZzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iNjIzYTktZjRlMS00ZWMyLWJlNGQtOWI1NTk1MjlhZDE2
LzEvYXl1U0hacHJSRXExam1icmlQZkJJNWpxQkxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfADc
MA0GCSqGSIb3DQEBCwUAA4IBAQCZJr9ZOEv4A4nRfLa+oCfHsZOeoiNpfuBA8ITm
MYT6gc2EZe1qhAsmkUxPBO7AjuHOGP33ORX/qfgdn60DJ6kOhlUu+BbOuACFyxtM
B0TSYNcihRSAdS27tXXQXaS98x7b8pKlNnmYMu3/CmyriZ6WLyZcIEUlffzHI+G3
cXK5cmxhNOs4D542TPxhllcWkeTaiMwOtTwxy00ktVUhGvCgCUxmMihCr6ar8lBv
8ISLghjLCy0gJhj5Bx65Lt9iPN213B+uO2UufBN5yM/3OW/Dz3Bvkbq/PdNnS3Mo
lbG7/pCQHWci3wW0qS0DghGSqbisPFUJY1I0+k0/AzvwtJFs
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:42:24 2025 by rpki-client