Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ErVmIdYGvUYaO7i48dgJPaU7Bhk.roa
File: ErVmIdYGvUYaO7i48dgJPaU7Bhk.roa (raw, json)
Hash identifier: FFxOn5yvPbRW8rmbtjQN3SQJx74u6+C+0S6EWnmVRcc=
Subject key identifier: 12:B5:66:21:D6:06:BD:46:1A:3B:B8:B8:F1:D8:09:3D:A5:3B:06:19
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBF0888A9DD652819E82367975647F
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ErVmIdYGvUYaO7i48dgJPaU7Bhk.roa
Signing time: Wed 01 Jan 2025 17:48:43 +0000
ROA not before: Wed 01 Jan 2025 17:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214242
IP address blocks: 2a0c:9a46:300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f0:88:8a:9d:d6:52:81:9e:82:36:79:75:64:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12b56621d606bd461a3bb8b8f1d8093da53b0619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:eb:92:1c:c4:6b:0e:67:c1:f5:b9:d1:23:e2:
f9:52:71:11:1b:b6:1c:9b:5e:c2:7d:a8:26:96:9f:
79:4b:8d:68:1a:ec:48:5d:ed:e7:2a:e4:41:1f:26:
4a:43:f7:28:86:f7:72:64:72:7d:1c:86:69:1e:33:
fc:9f:b3:cd:a5:b1:35:a4:18:3e:3a:d3:cb:d4:b2:
d8:0f:d9:0a:e7:be:04:f1:8a:6e:e0:4e:23:43:04:
07:9c:0c:70:ad:d9:56:d8:91:41:1c:9a:03:da:6f:
de:f9:95:26:27:a3:14:36:80:5b:65:a8:5e:84:81:
ef:a5:28:7f:80:bc:56:74:8c:f1:e3:ae:cf:f4:1f:
d6:38:6e:1a:c1:b6:69:30:63:b9:a5:5e:18:12:f4:
6e:49:d9:e1:1e:38:d5:7f:d4:09:d3:be:c3:22:c3:
12:b0:ce:11:59:21:89:ab:52:00:4d:36:ca:36:46:
e1:b1:32:2e:67:7d:db:ae:9d:95:75:73:97:41:88:
3c:d8:c7:4c:01:08:21:d3:d6:d7:ad:19:d4:7c:43:
84:9b:dd:31:4b:31:9e:3c:59:99:ca:73:e4:d4:fc:
c0:c4:0d:b2:4f:8c:ba:8d:5a:ee:ff:28:f2:62:8c:
95:27:89:3b:c1:a8:23:ee:2b:db:b8:87:ab:a5:91:
fb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B5:66:21:D6:06:BD:46:1A:3B:B8:B8:F1:D8:09:3D:A5:3B:06:19
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ErVmIdYGvUYaO7i48dgJPaU7Bhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a46:300::/40
Signature Algorithm: sha256WithRSAEncryption
a3:9c:4a:76:30:38:18:eb:fd:29:19:46:ce:de:db:4b:92:54:
4c:ff:53:38:f6:10:55:fc:e4:f4:3b:db:0a:e3:72:db:e5:3f:
c9:5e:c7:9a:53:46:30:bd:37:aa:5f:60:10:3e:98:d7:89:d4:
43:dc:69:dc:19:ed:c1:f2:59:35:64:50:ed:4d:ef:41:f6:8d:
d9:42:80:7c:69:fb:9f:79:fb:8e:da:8f:55:a1:7b:98:ba:06:
91:dc:1e:af:fc:9b:5a:5b:c6:1a:cf:1a:18:3c:ed:72:18:8c:
ca:d4:6e:92:cf:c7:87:22:7c:96:5a:b1:b5:2e:1f:91:5e:82:
39:11:49:2e:ec:95:a0:2d:b8:1e:f0:e5:f9:29:06:2d:f7:f6:
a4:40:55:cf:58:1e:22:31:97:ff:69:7c:bd:0f:52:6e:5a:99:
a5:5c:91:6a:3b:c9:89:ba:9f:ef:62:ee:df:a1:b1:0d:b2:7e:
61:8b:11:65:37:3a:82:e2:f9:e5:27:7b:00:63:6e:76:e8:d3:
22:8e:dc:e0:3b:6f:d3:18:a0:04:ab:b2:18:de:6b:4e:9e:30:
aa:99:ea:95:c6:83:a6:76:29:04:af:cc:6f:04:a5:d0:74:a3:
e7:0e:1b:74:a0:c3:ce:05:ab:71:79:05:a0:66:f4:67:98:4e:
f5:a5:83:e2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQi+/CIip3WUoGegjZ5dWR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmI1NjYyMWQ2MDZiZDQ2MWEzYmI4YjhmMWQ4MDkzZGE1M2IwNjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+uSHMRrDmfB9bnRI+L5UnERG7Yc
m17Cfagmlp95S41oGuxIXe3nKuRBHyZKQ/cohvdyZHJ9HIZpHjP8n7PNpbE1pBg+
OtPL1LLYD9kK574E8Ypu4E4jQwQHnAxwrdlW2JFBHJoD2m/e+ZUmJ6MUNoBbZahe
hIHvpSh/gLxWdIzx467P9B/WOG4awbZpMGO5pV4YEvRuSdnhHjjVf9QJ077DIsMS
sM4RWSGJq1IATTbKNkbhsTIuZ33brp2VdXOXQYg82MdMAQgh09bXrRnUfEOEm90x
SzGePFmZynPk1PzAxA2yT4y6jVru/yjyYoyVJ4k7wagj7ivbuIerpZH7LwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBK1ZiHWBr1GGju4uPHYCT2lOwYZMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvRXJWbUlkWUd2VVlhTzdpNDhkZ0pQYVU3QmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaRgMw
DQYJKoZIhvcNAQELBQADggEBAKOcSnYwOBjr/SkZRs7e20uSVEz/Uzj2EFX85PQ7
2wrjctvlP8lex5pTRjC9N6pfYBA+mNeJ1EPcadwZ7cHyWTVkUO1N70H2jdlCgHxp
+595+47aj1Whe5i6BpHcHq/8m1pbxhrPGhg87XIYjMrUbpLPx4cifJZasbUuH5Fe
gjkRSS7slaAtuB7w5fkpBi339qRAVc9YHiIxl/9pfL0PUm5amaVckWo7yYm6n+9i
7t+hsQ2yfmGLEWU3OoLi+eUnewBjbnbo0yKO3OA7b9MYoASrshjea06eMKqZ6pXG
g6Z2KQSvzG8EpdB0o+cOG3Sgw84Fq3F5BaBm9GeYTvWlg+I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:03:34 2025 by rpki-client