Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/EPKGanMdv3tknwdux-foBsMg4Nw.roa
File: EPKGanMdv3tknwdux-foBsMg4Nw.roa (raw, json)
Hash identifier: rDnMXMZb92i3ZNaq7NjyKzc9ctc8eYDVuzCYwml/Z8Q=
Subject key identifier: 10:F2:86:6A:73:1D:BF:7B:64:9F:07:6E:C7:E7:E8:06:C3:20:E0:DC
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBCBD7A647500C16DE3F453CDA3696
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/EPKGanMdv3tknwdux-foBsMg4Nw.roa
Signing time: Wed 01 Jan 2025 17:48:34 +0000
ROA not before: Wed 01 Jan 2025 17:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137490
IP address blocks: 2a0e:7d46::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:cb:d7:a6:47:50:0c:16:de:3f:45:3c:da:36:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10f2866a731dbf7b649f076ec7e7e806c320e0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d7:58:3b:d8:fa:54:35:50:dc:c6:2f:a4:76:
02:cf:47:79:a4:12:e5:fd:4e:27:5f:2c:00:e1:61:
12:46:e1:a5:96:71:5e:15:ed:65:8c:5a:16:68:1b:
c0:91:f6:84:f0:84:ab:b5:58:bf:29:3f:08:d2:3c:
a9:01:16:17:b1:40:c3:1d:d9:48:91:9e:b7:38:f1:
76:63:70:a3:83:32:d1:36:de:9e:58:64:cb:58:31:
c0:f6:45:f5:dd:19:9d:22:6f:b1:49:b0:8b:54:56:
04:95:e0:42:76:71:96:70:67:8f:4a:7d:65:34:59:
89:13:4e:60:a1:50:7e:3f:27:b7:0f:66:ba:90:84:
0c:1e:9a:0f:97:89:07:cd:3e:d9:78:8a:ed:12:c6:
fe:b2:05:78:e4:1b:5b:e0:63:46:d8:b4:61:8f:38:
71:66:3e:26:06:85:dc:81:c8:6b:1b:16:f1:7f:08:
53:97:4f:fc:e9:72:28:13:d5:df:dd:8d:0a:b0:8b:
cc:c5:e8:bc:5e:c5:b3:a3:0d:34:49:46:e8:e5:39:
aa:d9:e9:6c:cc:62:1f:7c:db:61:7f:9f:dc:f4:3a:
e5:85:59:7b:ed:32:1f:65:ad:4e:0b:4a:c8:c3:34:
88:2c:a8:8a:e5:c5:bc:b5:14:c4:8a:66:ff:f8:a4:
ec:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:F2:86:6A:73:1D:BF:7B:64:9F:07:6E:C7:E7:E8:06:C3:20:E0:DC
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/EPKGanMdv3tknwdux-foBsMg4Nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7d46::/32
Signature Algorithm: sha256WithRSAEncryption
ab:c6:2f:aa:a2:78:6d:7e:52:30:c8:89:ae:9a:2a:f2:0b:ad:
e1:97:0d:58:cf:9e:f9:0f:f3:5e:59:fb:0a:b4:25:56:8e:5d:
be:c5:e3:82:fc:4c:22:43:b9:16:de:22:be:9a:fc:30:1a:33:
bd:30:bc:0a:ba:9a:7f:dc:1c:84:84:d0:68:66:12:72:ce:d8:
cb:a9:d7:4a:a6:ee:66:46:71:48:4a:8e:9b:0c:a7:1a:50:6e:
0d:a0:7c:7e:0b:11:26:93:a9:17:90:d4:37:da:78:f5:77:b0:
0b:fa:45:c0:ad:e5:29:23:74:03:46:bb:b5:0c:a1:97:1c:8f:
3e:72:f2:75:c3:2b:f2:34:31:95:d0:a1:f1:a9:38:55:dd:e8:
c2:10:ac:99:bf:62:7b:da:85:7d:00:21:69:0c:e9:25:03:c5:
ac:9c:71:cd:91:b8:86:89:b8:e1:15:9d:93:aa:70:e0:57:02:
7a:33:ea:e8:b1:6d:ac:06:c4:53:4e:bd:f0:ec:e1:42:07:c3:
59:cf:61:53:92:a7:9e:1c:5c:7a:50:39:9a:d7:b4:f2:f8:11:
83:c5:b3:ae:55:2d:a5:2a:cb:58:f9:5a:95:0c:d0:b1:e5:f4:
4e:00:b8:fa:2b:b1:4a:c2:56:8b:66:aa:fb:87:67:26:08:ba:
bc:f6:f6:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+8vXpkdQDBbeP0U82jaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGYyODY2YTczMWRiZjdiNjQ5ZjA3NmVjN2U3ZTgwNmMzMjBlMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NdYO9j6VDVQ3MYvpHYCz0d5pBLl
/U4nXywA4WESRuGllnFeFe1ljFoWaBvAkfaE8ISrtVi/KT8I0jypARYXsUDDHdlI
kZ63OPF2Y3CjgzLRNt6eWGTLWDHA9kX13RmdIm+xSbCLVFYEleBCdnGWcGePSn1l
NFmJE05goVB+Pye3D2a6kIQMHpoPl4kHzT7ZeIrtEsb+sgV45Btb4GNG2LRhjzhx
Zj4mBoXcgchrGxbxfwhTl0/86XIoE9Xf3Y0KsIvMxei8XsWzow00SUbo5Tmq2els
zGIffNthf5/c9DrlhVl77TIfZa1OC0rIwzSILKiK5cW8tRTEimb/+KTsywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBDyhmpzHb97ZJ8Hbsfn6AbDIODcMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvRVBLR2FuTWR2M3RrbndkdXgtZm9Cc01nNE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg59RjAN
BgkqhkiG9w0BAQsFAAOCAQEAq8YvqqJ4bX5SMMiJrpoq8gut4ZcNWM+e+Q/zXln7
CrQlVo5dvsXjgvxMIkO5Ft4ivpr8MBozvTC8Crqaf9wchITQaGYScs7Yy6nXSqbu
ZkZxSEqOmwynGlBuDaB8fgsRJpOpF5DUN9p49XewC/pFwK3lKSN0A0a7tQyhlxyP
PnLydcMr8jQxldCh8ak4Vd3owhCsmb9ie9qFfQAhaQzpJQPFrJxxzZG4hom44RWd
k6pw4FcCejPq6LFtrAbEU0698OzhQgfDWc9hU5KnnhxcelA5mte08vgRg8WzrlUt
pSrLWPlalQzQseX0TgC4+iuxSsJWi2aq+4dnJgi6vPb2bg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:39:13 2025 by rpki-client