Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/5aI5K9V30lUeFfeRHZcrC-07RXo.roa
File: 5aI5K9V30lUeFfeRHZcrC-07RXo.roa (raw, json)
Hash identifier: 1Yp4YpX/ecDEy9Of7q9OnoEx95rooQm5ZZWiBB1TsGo=
Subject key identifier: E5:A2:39:2B:D5:77:D2:55:1E:15:F7:91:1D:97:2B:0B:ED:3B:45:7A
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 01943D37DE653C8C2B96E1679F59DB118BD3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/5aI5K9V30lUeFfeRHZcrC-07RXo.roa
Signing time: Mon 06 Jan 2025 20:04:19 +0000
ROA not before: Mon 06 Jan 2025 20:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213625
IP address blocks: 2a0c:9a40:84e0::/48 maxlen: 48
2a0c:9a46:800::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 19:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3d:37:de:65:3c:8c:2b:96:e1:67:9f:59:db:11:8b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 6 20:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5a2392bd577d2551e15f7911d972b0bed3b457a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:04:10:c4:4a:dc:d6:eb:af:de:59:44:9a:2c:
4b:91:26:9b:41:27:e7:fd:fa:16:21:9b:cf:bb:2e:
c0:19:a0:d6:52:fb:e7:aa:82:bd:92:9c:da:f3:ed:
4a:2e:08:06:3b:85:97:5b:59:b8:4b:36:95:8a:85:
19:41:63:77:ab:20:a1:95:84:51:a0:d6:21:1e:f7:
02:cf:60:7d:64:90:ad:86:02:9b:2d:37:5d:43:53:
b7:d2:51:ca:d7:ca:02:2b:2a:27:55:ca:9d:c8:43:
5d:64:9f:ea:b4:9c:98:61:d9:fd:ce:01:5e:1d:60:
c1:2e:0c:ce:d7:e1:63:86:f0:82:61:94:ca:00:56:
4e:c6:ce:bb:d6:51:9a:62:30:0f:27:3b:17:57:a1:
7b:66:41:fc:f9:7c:8d:b1:4e:2d:bf:27:ab:2b:c7:
ef:56:7c:99:1a:83:8d:b2:2c:10:e8:bf:08:f6:04:
be:02:96:0a:6a:d9:11:e7:7a:3a:f6:15:88:a8:ca:
62:93:70:e0:66:b3:8a:c3:14:c5:a8:85:d8:8e:bd:
d2:e1:b7:8b:7e:3a:4f:e4:dc:1b:d4:71:90:93:85:
11:5e:61:71:c6:b7:f2:7d:c1:dc:f1:7c:2a:0b:1e:
de:1f:32:2d:b0:14:c8:84:a9:11:06:83:db:d2:75:
6e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A2:39:2B:D5:77:D2:55:1E:15:F7:91:1D:97:2B:0B:ED:3B:45:7A
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/5aI5K9V30lUeFfeRHZcrC-07RXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:84e0::/48
2a0c:9a46:800::/40
Signature Algorithm: sha256WithRSAEncryption
1c:20:2f:e7:c3:93:7c:6c:2c:2a:74:22:fe:f1:be:d1:67:9d:
22:56:77:31:06:75:ac:c0:c5:d5:ce:2f:3d:9c:a4:3f:f4:63:
e5:08:e0:21:b9:4f:96:d2:c7:ec:11:08:ee:0a:d4:90:aa:25:
7a:e4:1d:ea:49:c7:29:01:94:76:de:c2:f3:96:ad:57:eb:9d:
79:7a:04:8e:31:44:48:d9:bc:d0:a2:6d:78:78:f0:31:7c:ef:
ac:28:40:b7:ca:46:5a:8e:8b:5e:84:c5:a6:5b:ef:f8:d8:18:
cc:07:d9:de:12:02:29:ae:a8:76:0c:9a:3f:ae:70:9a:81:39:
10:f1:d0:8d:7d:1d:92:c6:fd:1b:46:05:1e:55:75:07:4b:26:
6a:19:59:f7:26:12:ee:8f:02:e1:df:e5:cc:b5:75:03:2d:24:
b9:06:64:b3:9a:d4:54:98:8c:85:f1:0b:32:33:97:18:3a:88:
38:41:18:2d:19:eb:16:2b:fe:39:75:84:6c:9c:04:13:86:50:
10:02:89:55:27:6e:be:aa:93:79:99:cb:2f:93:7f:b1:2f:cd:
08:8e:83:0a:79:25:99:fb:ac:4e:50:23:a4:78:e8:66:2d:4c:
71:e4:41:b7:f6:d7:f6:30:4c:80:1a:7d:8f:b9:27:80:68:d4:
24:af:c3:0e
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQ9N95lPIwrluFnn1nbEYvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTA2MjAwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWEyMzkyYmQ1NzdkMjU1MWUxNWY3OTExZDk3MmIwYmVkM2I0NTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgQQxErc1uuv3llEmixLkSabQSfn
/foWIZvPuy7AGaDWUvvnqoK9kpza8+1KLggGO4WXW1m4SzaVioUZQWN3qyChlYRR
oNYhHvcCz2B9ZJCthgKbLTddQ1O30lHK18oCKyonVcqdyENdZJ/qtJyYYdn9zgFe
HWDBLgzO1+FjhvCCYZTKAFZOxs671lGaYjAPJzsXV6F7ZkH8+XyNsU4tvyerK8fv
VnyZGoONsiwQ6L8I9gS+ApYKatkR53o69hWIqMpik3DgZrOKwxTFqIXYjr3S4beL
fjpP5Nwb1HGQk4URXmFxxrfyfcHc8XwqCx7eHzItsBTIhKkRBoPb0nVu0QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFOWiOSvVd9JVHhX3kR2XKwvtO0V6MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvNWFJNUs5VjMwbFVlRmZlUkhaY3JDLTA3UlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgyaQITg
AwYAKgyaRggwDQYJKoZIhvcNAQELBQADggEBABwgL+fDk3xsLCp0Iv7xvtFnnSJW
dzEGdazAxdXOLz2cpD/0Y+UI4CG5T5bSx+wRCO4K1JCqJXrkHepJxykBlHbewvOW
rVfrnXl6BI4xREjZvNCibXh48DF876woQLfKRlqOi16ExaZb7/jYGMwH2d4SAimu
qHYMmj+ucJqBORDx0I19HZLG/RtGBR5VdQdLJmoZWfcmEu6PAuHf5cy1dQMtJLkG
ZLOa1FSYjIXxCzIzlxg6iDhBGC0Z6xYr/jl1hGycBBOGUBACiVUnbr6qk3mZyy+T
f7EvzQiOgwp5JZn7rE5QI6R46GYtTHHkQbf21/YwTIAafY+5J4Bo1CSvww4=
-----END CERTIFICATE-----
Generated at Sat Feb 22 04:44:09 2025 by rpki-client