Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/DdIusG0U1VqASbOM3HKBFYk2C7s.roa
File: DdIusG0U1VqASbOM3HKBFYk2C7s.roa (raw, json)
Hash identifier: zyD6lJgHPrVnYGtRGWUUonzOLsaKq4otttUanNE1uj8=
Subject key identifier: 0D:D2:2E:B0:6D:14:D5:5A:80:49:B3:8C:DC:72:81:15:89:36:0B:BB
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBD7C61DAD9BA9816BF113E6AD82F1
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/DdIusG0U1VqASbOM3HKBFYk2C7s.roa
Signing time: Wed 01 Jan 2025 17:48:37 +0000
ROA not before: Wed 01 Jan 2025 17:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200708
IP address blocks: 2a0c:9a40:83f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d7:c6:1d:ad:9b:a9:81:6b:f1:13:e6:ad:82:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dd22eb06d14d55a8049b38cdc72811589360bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:87:10:1f:1c:95:c4:4e:c1:7a:76:9c:ec:f9:
8a:f0:35:7f:79:0c:77:40:42:1a:b6:91:9d:5e:e5:
74:a7:dd:cb:67:45:95:7b:04:1e:6e:e0:dc:26:7f:
13:69:8b:2c:b5:a8:be:80:71:1f:2e:48:f1:82:cc:
1d:d1:ad:22:3f:55:4c:c7:3c:85:9a:1e:e4:64:ba:
bc:e3:a6:c3:c9:35:fd:14:de:fe:8e:df:6c:63:d5:
18:16:48:5a:10:13:42:78:6c:08:19:31:0e:3e:2a:
5d:40:d5:77:7c:76:b0:03:3e:87:71:cb:6e:2e:39:
04:f6:d8:00:f3:2f:bb:62:40:a7:65:de:9a:f5:fa:
00:a1:ce:56:f9:9a:61:c0:08:e9:8b:b1:11:e6:3d:
3f:55:d4:ca:9e:85:8a:67:11:bb:50:f0:b8:75:40:
53:52:d7:d2:12:22:9a:78:62:aa:e0:59:76:22:37:
3b:bb:7e:a5:d0:77:90:61:de:8a:da:09:0d:82:6b:
41:6f:35:d8:bd:8d:af:fc:52:71:d8:15:5d:2d:ca:
ee:bf:ed:a2:01:59:d8:ed:b0:43:66:f7:5c:62:9a:
12:45:cf:b2:0b:9b:fd:01:a5:cd:a9:b8:a0:c7:4e:
5d:4a:97:96:1a:cc:e5:77:5f:68:1f:5e:60:eb:9f:
b4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D2:2E:B0:6D:14:D5:5A:80:49:B3:8C:DC:72:81:15:89:36:0B:BB
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/DdIusG0U1VqASbOM3HKBFYk2C7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:83f0::/48
Signature Algorithm: sha256WithRSAEncryption
2b:e1:13:d0:b6:ce:88:81:cc:79:14:30:b8:5f:43:af:7f:32:
78:95:30:5a:98:a9:4d:32:ee:69:0e:fd:77:58:0b:45:54:bd:
9b:22:7e:66:c8:be:62:66:bc:5d:2c:60:dd:94:9a:37:7b:5f:
58:3b:91:d3:60:41:38:71:5d:4d:4c:b0:53:d2:3c:b0:df:58:
e5:81:67:1c:9a:b5:d1:e5:cc:1b:f7:d0:a3:ca:39:0a:6c:3a:
31:e0:a7:0c:a1:2c:2b:28:5a:6e:c6:f6:8b:63:d6:39:7b:65:
f6:fa:60:83:e9:1a:2a:1f:37:16:00:5d:0b:25:11:2b:30:83:
f5:e9:f1:5c:4b:40:b9:99:63:e0:a5:bf:56:9f:34:7b:21:15:
93:c5:b0:aa:16:c8:24:36:c9:27:ea:19:80:08:24:a1:13:30:
8c:8a:12:f9:05:59:8e:db:cc:45:93:70:e7:c8:e5:38:1c:70:
be:a7:37:f7:29:d6:c4:bb:39:c4:5c:59:63:2b:f7:93:30:7b:
32:8c:11:11:8f:4e:84:bb:81:10:d5:21:7c:90:dd:ff:8d:20:
1a:73:1a:e2:ad:8f:9c:c9:db:fd:d4:68:db:e7:8b:42:ec:ab:
d3:a2:2f:76:85:bb:83:21:2f:1d:cc:fb:ac:96:ef:d0:49:51:
6d:eb:86:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+9fGHa2bqYFr8RPmrYLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQyMmViMDZkMTRkNTVhODA0OWIzOGNkYzcyODExNTg5MzYwYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIcQHxyVxE7Benac7PmK8DV/eQx3
QEIatpGdXuV0p93LZ0WVewQebuDcJn8TaYsstai+gHEfLkjxgswd0a0iP1VMxzyF
mh7kZLq846bDyTX9FN7+jt9sY9UYFkhaEBNCeGwIGTEOPipdQNV3fHawAz6Hcctu
LjkE9tgA8y+7YkCnZd6a9foAoc5W+ZphwAjpi7ER5j0/VdTKnoWKZxG7UPC4dUBT
UtfSEiKaeGKq4Fl2Ijc7u36l0HeQYd6K2gkNgmtBbzXYvY2v/FJx2BVdLcruv+2i
AVnY7bBDZvdcYpoSRc+yC5v9AaXNqbigx05dSpeWGszld19oH15g65+0gwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA3SLrBtFNVagEmzjNxygRWJNgu7MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvRGRJdXNHMFUxVnFBU2JPTTNIS0JGWWsyQzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIPw
MA0GCSqGSIb3DQEBCwUAA4IBAQAr4RPQts6Igcx5FDC4X0OvfzJ4lTBamKlNMu5p
Dv13WAtFVL2bIn5myL5iZrxdLGDdlJo3e19YO5HTYEE4cV1NTLBT0jyw31jlgWcc
mrXR5cwb99CjyjkKbDox4KcMoSwrKFpuxvaLY9Y5e2X2+mCD6RoqHzcWAF0LJREr
MIP16fFcS0C5mWPgpb9WnzR7IRWTxbCqFsgkNskn6hmACCShEzCMihL5BVmO28xF
k3DnyOU4HHC+pzf3KdbEuznEXFljK/eTMHsyjBERj06Eu4EQ1SF8kN3/jSAacxri
rY+cydv91Gjb54tC7KvToi92hbuDIS8dzPuslu/QSVFt64br
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:54:47 2025 by rpki-client