Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/4hXhK1Vi8jfwfXkQIpzUbFQW90M.roa
File: 4hXhK1Vi8jfwfXkQIpzUbFQW90M.roa (raw, json)
Hash identifier: 7bSHaQB4ZUqaU3KDwNJaL4XBqnPLAHDek88ypVcG5v4=
Subject key identifier: E2:15:E1:2B:55:62:F2:37:F0:7D:79:10:22:9C:D4:6C:54:16:F7:43
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBCE093628F273BC600E43B3CB7DF5
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/4hXhK1Vi8jfwfXkQIpzUbFQW90M.roa
Signing time: Wed 01 Jan 2025 17:48:35 +0000
ROA not before: Wed 01 Jan 2025 17:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149476
IP address blocks: 2a0c:9a40:9c00::/40 maxlen: 48
2a10:a507:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ce:09:36:28:f2:73:bc:60:0e:43:b3:cb:7d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e215e12b5562f237f07d7910229cd46c5416f743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:54:33:87:f2:3f:b5:2f:3b:43:95:93:cc:62:
66:56:5c:a4:eb:7c:8d:d7:41:c5:a1:0d:8c:2e:71:
9c:ee:7b:3b:5e:bc:f3:89:1b:fd:5b:18:4d:61:44:
38:98:b2:9e:56:37:37:c5:56:e6:e1:45:39:d3:bf:
97:e4:39:a5:5d:e4:f4:59:ae:34:dc:d0:36:7f:77:
be:20:1a:d6:4f:e1:f7:84:9f:95:b8:ca:3a:6b:0c:
86:65:5d:52:35:a6:f4:2c:88:f4:63:f5:30:93:b6:
3e:ed:83:ac:0d:76:a9:b2:3b:eb:ac:68:70:f5:7e:
45:32:7c:50:ea:10:52:96:15:de:8f:12:b7:58:ef:
4a:ee:3b:ee:bb:81:f3:11:b9:fd:7e:b7:bb:55:9f:
d4:e5:7e:2d:9f:f1:53:2a:b3:f9:67:d2:30:67:64:
09:7b:fb:ee:c5:8d:d7:cb:05:50:77:e5:84:3d:1e:
61:0d:71:d4:e1:12:2c:dd:54:96:b6:13:90:46:1f:
b8:08:ae:c1:04:7c:54:11:f1:cf:b6:f6:77:74:8a:
64:e6:37:58:69:dc:47:ca:41:cb:b7:ef:0f:0e:d5:
2b:74:3f:ed:35:37:cd:05:27:5a:94:b2:41:94:06:
78:ac:42:38:e0:fb:4c:ff:85:0f:f4:5e:f2:55:15:
a5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:15:E1:2B:55:62:F2:37:F0:7D:79:10:22:9C:D4:6C:54:16:F7:43
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/4hXhK1Vi8jfwfXkQIpzUbFQW90M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9c00::/40
2a10:a507:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
22:4c:26:b3:bb:49:e5:56:71:02:95:0d:2f:c8:0f:12:4a:5a:
ed:bd:47:2d:55:f5:06:d1:a4:35:c4:ad:ce:ca:b8:6a:de:0b:
f0:cc:4c:06:80:cc:23:c2:47:bb:1a:9e:0f:5d:b3:b9:d5:57:
ce:2f:1f:d1:50:19:9b:45:69:f9:3c:d7:37:94:70:6b:16:37:
bf:6b:26:bb:15:ae:28:0f:1c:c1:78:52:02:86:6d:71:37:19:
2d:15:ce:a2:fc:90:7b:3c:37:e0:c0:e0:ca:71:2a:fc:57:38:
f3:5f:97:a5:1c:a6:35:f8:36:9e:f6:c9:70:8e:a0:47:e2:a2:
fe:da:72:09:d4:d5:47:a6:bd:dc:7e:26:b9:91:06:d9:9d:98:
b6:0d:b6:26:3f:c6:b8:a6:c0:1f:fe:27:dd:80:01:6d:2e:74:
38:2e:ba:bf:53:9e:b9:6d:dc:98:4c:63:90:5a:fd:56:60:ac:
5c:aa:98:e1:ac:60:b1:e0:ab:67:9c:6a:3a:f2:80:a0:dc:ab:
fd:b4:2b:db:3f:c2:5b:27:ab:41:f8:a5:6f:f4:94:31:ee:7b:
c6:96:66:26:60:fe:83:2b:52:04:5c:4a:91:71:48:6c:4b:6e:
81:f4:4f:6d:65:98:5c:11:8a:d3:4c:f2:2a:af:86:8e:49:e5:
8a:84:3b:b0
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQi+84JNijyc7xgDkOzy331MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjE1ZTEyYjU1NjJmMjM3ZjA3ZDc5MTAyMjljZDQ2YzU0MTZmNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1Qzh/I/tS87Q5WTzGJmVlyk63yN
10HFoQ2MLnGc7ns7XrzziRv9WxhNYUQ4mLKeVjc3xVbm4UU507+X5DmlXeT0Wa40
3NA2f3e+IBrWT+H3hJ+VuMo6awyGZV1SNab0LIj0Y/Uwk7Y+7YOsDXapsjvrrGhw
9X5FMnxQ6hBSlhXejxK3WO9K7jvuu4HzEbn9fre7VZ/U5X4tn/FTKrP5Z9IwZ2QJ
e/vuxY3XywVQd+WEPR5hDXHU4RIs3VSWthOQRh+4CK7BBHxUEfHPtvZ3dIpk5jdY
adxHykHLt+8PDtUrdD/tNTfNBSdalLJBlAZ4rEI44PtM/4UP9F7yVRWl+wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFOIV4StVYvI38H15ECKc1GxUFvdDMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvNGhYaEsxVmk4amZ3ZlhrUUlwelViRlFXOTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKgyaQJwD
BwAqEKUHsAswDQYJKoZIhvcNAQELBQADggEBACJMJrO7SeVWcQKVDS/IDxJKWu29
Ry1V9QbRpDXErc7KuGreC/DMTAaAzCPCR7sang9ds7nVV84vH9FQGZtFafk81zeU
cGsWN79rJrsVrigPHMF4UgKGbXE3GS0VzqL8kHs8N+DA4MpxKvxXOPNfl6UcpjX4
Np72yXCOoEfiov7acgnU1Uemvdx+JrmRBtmdmLYNtiY/xrimwB/+J92AAW0udDgu
ur9Tnrlt3JhMY5Ba/VZgrFyqmOGsYLHgq2ecajrygKDcq/20K9s/wlsnq0H4pW/0
lDHue8aWZiZg/oMrUgRcSpFxSGxLboH0T21lmFwRitNM8iqvho5J5YqEO7A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:01:59 2025 by rpki-client