Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P0vdIPYZK7qbo-nZtoIgWGxYETA.roa
File: P0vdIPYZK7qbo-nZtoIgWGxYETA.roa (raw, json)
Hash identifier: aDRFqBzaycESZltDsyAWLt96EY46xd2OkX+pmj6eKV8=
Subject key identifier: 3F:4B:DD:20:F6:19:2B:BA:9B:A3:E9:D9:B6:82:20:58:6C:58:11:30
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBE558CFED48EED2C37A170B34DFE6
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P0vdIPYZK7qbo-nZtoIgWGxYETA.roa
Signing time: Wed 01 Jan 2025 17:48:41 +0000
ROA not before: Wed 01 Jan 2025 17:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210283
IP address blocks: 2a0c:9a40:8190::/48 maxlen: 48
2a0c:9a40:8191::/48 maxlen: 48
2a0c:9a40:8192::/48 maxlen: 48
2a0c:9a40:8193::/48 maxlen: 48
2a0c:9a40:8194::/48 maxlen: 48
2a0c:9a40:8196::/48 maxlen: 48
2a0c:9a40:8197::/48 maxlen: 48
2a0c:9a40:8199::/48 maxlen: 48
2a0c:9a40:819a::/48 maxlen: 48
2a0c:9a40:819b::/48 maxlen: 48
2a0c:9a40:819c::/48 maxlen: 48
2a0c:9a40:819d::/48 maxlen: 48
2a0c:9a40:819e::/48 maxlen: 48
2a0c:9a40:819f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e5:58:cf:ed:48:ee:d2:c3:7a:17:0b:34:df:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f4bdd20f6192bba9ba3e9d9b68220586c581130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:20:ca:26:68:bb:8b:39:e2:b7:c4:90:92:45:
47:33:dc:39:25:8d:27:01:91:6d:88:f3:ca:87:86:
d0:db:23:05:9d:1a:8b:1c:72:00:f2:f8:8c:a5:5d:
22:27:3e:72:9d:fe:93:bf:7b:0c:49:34:98:cb:97:
fa:cf:3a:ff:4f:3d:3c:f7:01:74:f4:75:2c:50:13:
a1:d0:e7:49:2c:eb:e8:f4:86:e8:b8:ad:b3:a9:22:
ff:5d:a6:d3:bb:2b:74:bd:ea:b2:7c:d4:76:cb:44:
da:33:a2:c4:8b:1b:96:d6:59:2d:4e:95:e1:95:24:
77:c7:61:d3:4b:7a:50:c8:31:87:d8:a3:93:09:52:
ee:ce:bc:af:e9:37:91:88:b0:3f:96:ea:64:76:6d:
dd:a2:cb:6f:10:bd:71:36:93:97:b3:d2:2d:fe:ca:
3d:00:1f:10:5b:9f:34:71:80:8a:26:ae:9b:74:01:
cb:1e:b9:3d:d6:0d:7d:61:75:d1:12:d0:88:f8:1e:
3e:6b:16:b4:bf:22:37:e3:87:14:d6:0d:d2:d2:10:
5f:90:8f:d2:c5:a1:20:21:59:dd:97:24:97:8c:9e:
28:bd:15:50:07:8a:f0:58:3d:e5:1f:74:15:83:c5:
5e:09:c6:43:b1:71:f0:50:f0:00:32:bc:bd:fb:94:
50:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4B:DD:20:F6:19:2B:BA:9B:A3:E9:D9:B6:82:20:58:6C:58:11:30
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P0vdIPYZK7qbo-nZtoIgWGxYETA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8190::-2a0c:9a40:8194:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:8196::/47
2a0c:9a40:8199::-2a0c:9a40:819f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
02:c8:86:04:54:8c:22:26:b2:ce:cd:a7:f2:ba:14:7f:7f:de:
e1:53:12:26:31:6b:e5:f3:ce:6a:16:93:e5:7c:78:08:30:5c:
79:3f:be:7f:47:e1:89:2c:9d:1f:49:af:0b:47:25:a2:f8:44:
cb:23:bf:cf:44:b3:a4:31:88:09:de:95:88:2f:89:b7:de:2f:
bd:f9:fc:14:4f:77:6c:34:ee:b4:28:ab:a3:58:40:44:16:76:
78:d7:86:ca:02:d3:32:a1:9a:b8:2f:08:5d:19:6f:62:27:02:
17:bc:cf:39:ba:fb:a3:cb:bb:e6:bc:2d:bd:2d:d0:05:2b:9d:
0e:8a:10:95:09:87:7a:57:df:74:4f:68:8d:1a:11:bc:1f:5d:
ca:fc:cb:1d:15:ef:03:6b:5f:21:01:b8:73:5f:f5:08:f8:c2:
3a:13:a0:58:3c:a7:22:18:95:e2:35:10:a4:82:07:cb:7e:a1:
5b:7c:78:3e:c4:f3:f0:d5:5d:1e:78:16:53:34:a8:33:e7:92:
3f:70:07:73:54:f0:fa:6d:8a:29:7d:af:5c:08:6b:48:64:d4:
38:c6:23:54:e8:85:76:91:d7:e7:0b:fb:42:01:56:af:26:f6:
41:df:e3:17:a8:15:c6:6c:18:05:fb:e4:1c:a6:55:ae:3b:06:
b5:9e:8e:d1
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQi++VYz+1I7tLDehcLNN/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRiZGQyMGY2MTkyYmJhOWJhM2U5ZDliNjgyMjA1ODZjNTgxMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CDKJmi7iznit8SQkkVHM9w5JY0n
AZFtiPPKh4bQ2yMFnRqLHHIA8viMpV0iJz5ynf6Tv3sMSTSYy5f6zzr/Tz089wF0
9HUsUBOh0OdJLOvo9IbouK2zqSL/XabTuyt0veqyfNR2y0TaM6LEixuW1lktTpXh
lSR3x2HTS3pQyDGH2KOTCVLuzryv6TeRiLA/lupkdm3dostvEL1xNpOXs9It/so9
AB8QW580cYCKJq6bdAHLHrk91g19YXXREtCI+B4+axa0vyI344cU1g3S0hBfkI/S
xaEgIVndlySXjJ4ovRVQB4rwWD3lH3QVg8VeCcZDsXHwUPAAMry9+5RQGwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFD9L3SD2GSu6m6Pp2baCIFhsWBEwMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUDB2ZElQWVpLN3Fiby1uWnRvSWdXR3hZRVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxMBIDBwQqDJpA
gZADBwAqDJpAgZQDBwEqDJpAgZYwEgMHACoMmkCBmQMHBSoMmkCBgDANBgkqhkiG
9w0BAQsFAAOCAQEAAsiGBFSMIiayzs2n8roUf3/e4VMSJjFr5fPOahaT5Xx4CDBc
eT++f0fhiSydH0mvC0clovhEyyO/z0SzpDGICd6ViC+Jt94vvfn8FE93bDTutCir
o1hARBZ2eNeGygLTMqGauC8IXRlvYicCF7zPObr7o8u75rwtvS3QBSudDooQlQmH
elffdE9ojRoRvB9dyvzLHRXvA2tfIQG4c1/1CPjCOhOgWDynIhiV4jUQpIIHy36h
W3x4PsTz8NVdHngWUzSoM+eSP3AHc1Tw+m2KKX2vXAhrSGTUOMYjVOiFdpHX5wv7
QgFWryb2Qd/jF6gVxmwYBfvkHKZVrjsGtZ6O0Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:44:55 2025 by rpki-client