Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QLi9Dcqo2yvnZBZHUHjnnhtHIpU.roa
File: QLi9Dcqo2yvnZBZHUHjnnhtHIpU.roa (raw, json)
Hash identifier: czpTzQicduDRAa/Q7ay/n1SUinPz6zizC1IF6nSfthk=
Subject key identifier: 40:B8:BD:0D:CA:A8:DB:2B:E7:64:16:47:50:78:E7:9E:1B:47:22:95
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBC459970BB0F5BFDFB1F15C59693B
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QLi9Dcqo2yvnZBZHUHjnnhtHIpU.roa
Signing time: Wed 01 Jan 2025 17:48:32 +0000
ROA not before: Wed 01 Jan 2025 17:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43927
IP address blocks: 2a0c:9a40:8088::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c4:59:97:0b:b0:f5:bf:df:b1:f1:5c:59:69:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40b8bd0dcaa8db2be76416475078e79e1b472295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:77:28:cd:cf:60:ab:5a:bc:3a:a7:70:b6:e0:
0c:1c:cf:c3:d6:85:3c:cf:d6:f4:c7:35:27:75:80:
a8:c4:7a:ec:35:55:4d:3c:ab:97:9b:16:77:8a:bd:
54:3a:5c:20:10:0f:7b:4b:67:82:ac:42:3c:9b:d8:
d0:5a:9d:02:f0:24:3e:af:87:5e:d1:d6:04:10:c8:
20:a7:50:63:01:f2:51:39:0e:b1:da:82:8e:61:80:
ec:67:1a:55:43:a6:ae:61:9e:09:ef:05:e4:22:32:
b4:e7:c6:dc:19:8e:5f:9b:e4:18:72:9b:80:5c:1c:
38:c3:5c:23:0c:3f:29:5f:89:ab:7f:2c:d4:a9:dc:
c5:10:d3:07:4e:ed:a4:6c:31:9f:1b:be:85:d2:ab:
e8:69:09:cf:7e:93:e6:1f:c6:85:02:e6:76:6e:3c:
c2:d5:e5:80:ca:51:99:49:b7:a0:80:29:d2:0e:a0:
9e:6f:ac:18:32:8f:66:53:bd:dd:68:87:23:0d:a8:
32:1e:b9:ea:a9:0e:30:f3:1c:b6:39:54:62:80:b4:
a5:de:16:c8:b7:5d:eb:2e:96:59:48:40:cd:bf:d3:
9f:98:41:89:2f:e2:ea:92:99:0a:df:8d:7e:64:d3:
10:94:33:3f:99:52:d2:fa:2e:db:db:9c:cf:3f:48:
88:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B8:BD:0D:CA:A8:DB:2B:E7:64:16:47:50:78:E7:9E:1B:47:22:95
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/QLi9Dcqo2yvnZBZHUHjnnhtHIpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8088::/48
Signature Algorithm: sha256WithRSAEncryption
30:50:91:38:e1:35:84:39:0f:24:3e:6e:79:38:aa:84:44:f8:
2e:fd:0e:54:d9:49:96:66:1e:39:22:cc:5d:72:c9:4d:1c:f0:
b1:56:dd:87:e8:6d:1b:f0:ea:ef:54:20:ba:f4:da:1d:9f:63:
11:79:31:95:01:a8:2a:fd:ed:91:f6:1b:ad:58:ca:0c:04:ff:
a0:18:93:db:60:1b:3d:44:64:ab:d2:3c:e1:6f:f1:f8:c5:90:
20:b9:d4:4f:04:8f:d7:d0:dd:23:34:90:2e:f1:38:09:50:8f:
36:ad:c3:34:8f:0a:1e:db:bd:fc:98:77:0f:87:76:5b:51:a7:
e5:1a:26:96:d9:8e:99:0b:9c:8e:34:74:5b:49:7e:dd:53:00:
77:de:8c:55:7a:5e:fe:b1:5b:f1:7c:2e:d6:1c:f2:02:84:d6:
80:84:fb:87:ca:c0:ac:5c:bb:8b:5b:75:cc:92:f6:12:4b:2f:
f0:6d:13:67:e0:a7:77:b8:df:d0:c6:f9:ff:b0:db:b2:e2:9d:
06:24:15:6e:59:0e:19:f1:1e:06:a6:d3:f6:23:ee:d8:90:59:
e4:98:b7:7c:08:ec:2c:ee:56:1a:be:53:44:0f:3e:55:10:3c:
7a:ca:3a:e4:fb:ec:0c:3c:80:5d:62:79:da:6c:d3:3b:61:74:
12:26:fd:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+8RZlwuw9b/fsfFcWWk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI4YmQwZGNhYThkYjJiZTc2NDE2NDc1MDc4ZTc5ZTFiNDcyMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3cozc9gq1q8OqdwtuAMHM/D1oU8
z9b0xzUndYCoxHrsNVVNPKuXmxZ3ir1UOlwgEA97S2eCrEI8m9jQWp0C8CQ+r4de
0dYEEMggp1BjAfJROQ6x2oKOYYDsZxpVQ6auYZ4J7wXkIjK058bcGY5fm+QYcpuA
XBw4w1wjDD8pX4mrfyzUqdzFENMHTu2kbDGfG76F0qvoaQnPfpPmH8aFAuZ2bjzC
1eWAylGZSbeggCnSDqCeb6wYMo9mU73daIcjDagyHrnqqQ4w8xy2OVRigLSl3hbI
t13rLpZZSEDNv9OfmEGJL+LqkpkK341+ZNMQlDM/mVLS+i7b25zPP0iIBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEC4vQ3KqNsr52QWR1B4554bRyKVMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUUxpOURjcW8yeXZuWkJaSFVIam5uaHRISXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICI
MA0GCSqGSIb3DQEBCwUAA4IBAQAwUJE44TWEOQ8kPm55OKqERPgu/Q5U2UmWZh45
IsxdcslNHPCxVt2H6G0b8OrvVCC69Nodn2MReTGVAagq/e2R9hutWMoMBP+gGJPb
YBs9RGSr0jzhb/H4xZAgudRPBI/X0N0jNJAu8TgJUI82rcM0jwoe2738mHcPh3Zb
UaflGiaW2Y6ZC5yONHRbSX7dUwB33oxVel7+sVvxfC7WHPIChNaAhPuHysCsXLuL
W3XMkvYSSy/wbRNn4Kd3uN/Qxvn/sNuy4p0GJBVuWQ4Z8R4GptP2I+7YkFnkmLd8
COws7lYavlNEDz5VEDx6yjrk++wMPIBdYnnabNM7YXQSJv3v
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:57:28 2025 by rpki-client