Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/D67Rb6mg9O3PKpqhbd7POJZatkA.roa
File: D67Rb6mg9O3PKpqhbd7POJZatkA.roa (raw, json)
Hash identifier: PjiNEw4WYUkLzmgDskdAxp5Z7pXstw0eaPBOzQb+HB0=
Subject key identifier: 0F:AE:D1:6F:A9:A0:F4:ED:CF:2A:9A:A1:6D:DE:CF:38:96:5A:B6:40
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBF9AC1901600E61092B1EEDEB2F4A
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/D67Rb6mg9O3PKpqhbd7POJZatkA.roa
Signing time: Wed 01 Jan 2025 17:48:46 +0000
ROA not before: Wed 01 Jan 2025 17:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215615
IP address blocks: 2a0c:9a40:8000::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f9:ac:19:01:60:0e:61:09:2b:1e:ed:eb:2f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0faed16fa9a0f4edcf2a9aa16ddecf38965ab640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:27:a5:8e:e0:6c:81:cd:31:ef:e5:16:2f:
5e:28:0f:d3:00:5d:c0:87:32:20:0c:08:59:15:56:
e9:34:df:bc:4e:f4:69:db:74:69:9a:62:5b:e9:59:
c3:08:92:73:7a:1c:a4:ec:6b:71:53:71:fd:d1:d8:
d2:0a:8a:db:39:30:cb:b9:19:e2:af:d2:69:cb:dc:
b1:03:88:6c:4d:20:f1:72:2f:fd:9d:a9:21:b3:a0:
79:9d:ef:c1:12:38:dc:c0:f7:0f:95:99:69:dc:3d:
c7:37:13:ae:fd:00:8f:d7:e8:04:6d:2a:5f:55:05:
8b:82:14:ee:6e:fe:71:00:f5:3c:92:1a:f9:af:63:
ec:81:42:4a:83:05:12:b3:a4:44:ef:32:8d:3f:3f:
ad:93:ad:07:d5:de:44:82:e9:d6:5e:bf:35:61:b6:
b5:85:6d:d3:b6:4a:ed:01:45:83:eb:e9:cc:fc:d2:
fd:da:b6:f7:c2:dd:7b:39:18:e5:56:16:86:07:18:
d8:d6:3d:bf:9f:28:c6:94:c9:6b:ff:9a:3c:90:6c:
17:dc:2f:6d:b0:5d:57:4c:40:5a:f2:05:40:4d:c9:
6d:1a:ac:ad:fc:1f:c0:63:5b:d0:e3:df:83:ec:62:
96:ae:98:b7:7d:c3:3d:b8:c4:ee:0c:3c:51:98:1d:
b8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AE:D1:6F:A9:A0:F4:ED:CF:2A:9A:A1:6D:DE:CF:38:96:5A:B6:40
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/D67Rb6mg9O3PKpqhbd7POJZatkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8000::/44
Signature Algorithm: sha256WithRSAEncryption
a7:c9:2f:3b:7e:1b:ad:d1:bf:8b:b1:60:c0:ea:fe:7b:36:f1:
60:9a:52:94:5a:df:5f:4f:81:eb:25:15:52:a5:43:9c:33:be:
c0:29:7e:3d:86:f3:44:5b:75:84:7b:e8:b3:fd:69:07:e1:67:
99:f3:4d:91:ec:6f:0c:b7:89:71:4c:e5:ea:84:dd:33:79:7b:
46:8e:8d:fd:93:6c:b4:46:bf:e1:ee:a0:25:8d:dd:00:66:b7:
54:87:e2:ff:8f:d8:45:62:48:85:77:13:f5:2c:5c:8f:ff:ff:
aa:f1:7a:76:1d:81:cb:b5:b3:f6:6d:8e:df:02:25:28:76:10:
19:f7:c0:0e:1f:bf:1b:69:4d:26:43:3b:ab:08:80:9e:08:27:
96:75:a0:d7:ef:1d:9b:8d:f8:4d:2c:60:5d:1c:7c:f0:66:c1:
76:1d:a1:21:05:3e:93:bc:9e:bd:2c:ac:70:d8:89:e3:f5:55:
2f:7b:17:25:3d:f2:56:00:7a:f5:55:ff:eb:dc:22:51:da:4c:
27:e1:09:9f:0b:7b:c9:e2:32:6b:68:78:40:f1:45:68:36:e8:
cb:2c:ba:5f:57:a7:ea:ae:25:a0:ea:cd:45:84:cc:f0:11:58:
86:2b:a5:ec:27:72:90:42:83:46:2e:e3:9f:1d:53:13:90:02:
08:4f:61:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/msGQFgDmEJKx7t6y9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFlZDE2ZmE5YTBmNGVkY2YyYTlhYTE2ZGRlY2YzODk2NWFiNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQcnpY7gbIHNMe/lFi9eKA/TAF3A
hzIgDAhZFVbpNN+8TvRp23RpmmJb6VnDCJJzehyk7GtxU3H90djSCorbOTDLuRni
r9Jpy9yxA4hsTSDxci/9nakhs6B5ne/BEjjcwPcPlZlp3D3HNxOu/QCP1+gEbSpf
VQWLghTubv5xAPU8khr5r2PsgUJKgwUSs6RE7zKNPz+tk60H1d5EgunWXr81Yba1
hW3TtkrtAUWD6+nM/NL92rb3wt17ORjlVhaGBxjY1j2/nyjGlMlr/5o8kGwX3C9t
sF1XTEBa8gVATcltGqyt/B/AY1vQ49+D7GKWrpi3fcM9uMTuDDxRmB247wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA+u0W+poPTtzyqaoW3ezziWWrZAMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvRDY3UmI2bWc5TzNQS3BxaGJkN1BPSlphdGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCnyS87fhut0b+LsWDA6v57NvFgmlKUWt9fT4Hr
JRVSpUOcM77AKX49hvNEW3WEe+iz/WkH4WeZ802R7G8Mt4lxTOXqhN0zeXtGjo39
k2y0Rr/h7qAljd0AZrdUh+L/j9hFYkiFdxP1LFyP//+q8Xp2HYHLtbP2bY7fAiUo
dhAZ98AOH78baU0mQzurCICeCCeWdaDX7x2bjfhNLGBdHHzwZsF2HaEhBT6TvJ69
LKxw2Inj9VUvexclPfJWAHr1Vf/r3CJR2kwn4QmfC3vJ4jJraHhA8UVoNujLLLpf
V6fqriWg6s1FhMzwEViGK6XsJ3KQQoNGLuOfHVMTkAIIT2G7
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:20:29 2025 by rpki-client