Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/YDVN9qst25wi0owBTDsPrnV6jR4.roa
File: YDVN9qst25wi0owBTDsPrnV6jR4.roa (raw, json)
Hash identifier: DBfwxJ11mWRMuId4xWC9jzfl0GuR1HcA1szY8IBXp8E=
Subject key identifier: 60:35:4D:F6:AB:2D:DB:9C:22:D2:8C:01:4C:3B:0F:AE:75:7A:8D:1E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBF612BECAED470294D1910AD96A16
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/YDVN9qst25wi0owBTDsPrnV6jR4.roa
Signing time: Wed 01 Jan 2025 17:48:45 +0000
ROA not before: Wed 01 Jan 2025 17:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215129
IP address blocks: 2a0c:9a40:8560::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f6:12:be:ca:ed:47:02:94:d1:91:0a:d9:6a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60354df6ab2ddb9c22d28c014c3b0fae757a8d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:90:18:24:4b:91:78:ff:b3:3c:39:a7:8f:cc:
ff:24:2c:f7:f8:c7:29:c7:61:71:60:6b:96:54:93:
05:6f:8f:fc:cd:83:cb:53:71:a5:be:5a:79:29:e0:
da:4b:6f:cc:f3:27:cb:16:f1:19:03:fc:2e:af:3a:
c7:6e:f8:25:d0:4b:fb:0d:82:e0:ee:96:cf:a5:53:
9d:32:e1:39:82:fa:c4:73:84:65:73:c0:4a:4f:32:
e2:85:2a:34:52:ab:4c:4d:56:d8:3a:51:24:cc:01:
46:4b:38:14:bc:3a:cc:7e:19:26:b7:3d:2f:e9:bb:
0c:a7:54:0e:2c:e3:b6:e1:4c:32:a2:83:6c:ef:af:
a6:70:61:5c:24:20:c9:ac:f2:59:6c:1a:ef:f2:e9:
ff:85:91:0f:16:ad:c2:ff:7c:7f:f6:9d:46:99:02:
7f:1c:ee:6b:6c:21:95:87:e0:92:e8:70:df:fc:7e:
f7:a7:97:ee:0c:69:ed:52:c4:22:a5:9e:9b:7e:98:
fc:0c:66:6d:83:96:56:54:76:28:c1:9a:18:d5:81:
2d:37:94:02:a5:8d:a3:a5:0b:2f:f4:44:02:cc:d7:
4a:24:2e:59:0c:9e:4c:bb:68:99:ef:ad:39:98:1e:
65:b7:4d:d2:f7:b8:a1:28:09:1c:6f:b5:35:c4:96:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:35:4D:F6:AB:2D:DB:9C:22:D2:8C:01:4C:3B:0F:AE:75:7A:8D:1E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/YDVN9qst25wi0owBTDsPrnV6jR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8560::/44
Signature Algorithm: sha256WithRSAEncryption
74:34:03:34:e4:3c:de:17:3c:3d:83:c1:e9:3b:36:05:53:49:
87:88:06:2a:58:95:ec:4a:68:44:8f:68:ea:1d:5a:ee:a7:af:
2c:a9:4f:df:aa:21:6f:a3:1b:dc:73:0f:f9:2b:77:87:8e:7b:
4c:07:1e:68:0e:35:0d:14:de:06:37:0f:5a:79:ce:5d:5f:8b:
d5:37:a3:fc:64:eb:c1:e5:9a:53:2c:85:7f:52:54:5d:0d:bd:
17:82:c6:af:7d:77:89:98:0b:af:1e:a3:85:6e:35:13:25:56:
aa:fa:04:d2:24:3b:16:23:54:c9:1c:53:9d:2f:5d:2e:0f:58:
94:1f:73:df:47:29:9c:53:e7:53:70:9e:85:fb:2f:30:23:ef:
79:39:1e:8a:2d:c4:08:6a:60:12:ca:60:e4:7a:9f:53:01:c1:
4d:ea:55:ff:21:c0:4d:b8:ca:c7:b8:07:f0:24:3b:d5:cf:e1:
c6:8c:f5:c9:f9:23:a8:c7:77:99:84:b7:94:3f:59:78:6e:51:
21:a1:70:2c:d7:b1:14:bf:f7:2d:a9:79:f6:a8:8c:50:69:f0:
08:77:d3:e3:8d:49:8d:77:5f:9b:39:f7:55:d2:2d:66:bd:9e:
bb:0d:6e:13:d6:6d:0e:7e:c8:7c:7a:11:4c:a0:b5:45:a1:49:
67:b6:75:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/YSvsrtRwKU0ZEK2WoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDM1NGRmNmFiMmRkYjljMjJkMjhjMDE0YzNiMGZhZTc1N2E4ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJAYJEuReP+zPDmnj8z/JCz3+Mcp
x2FxYGuWVJMFb4/8zYPLU3Glvlp5KeDaS2/M8yfLFvEZA/wurzrHbvgl0Ev7DYLg
7pbPpVOdMuE5gvrEc4Rlc8BKTzLihSo0UqtMTVbYOlEkzAFGSzgUvDrMfhkmtz0v
6bsMp1QOLOO24UwyooNs76+mcGFcJCDJrPJZbBrv8un/hZEPFq3C/3x/9p1GmQJ/
HO5rbCGVh+CS6HDf/H73p5fuDGntUsQipZ6bfpj8DGZtg5ZWVHYowZoY1YEtN5QC
pY2jpQsv9EQCzNdKJC5ZDJ5Mu2iZ7605mB5lt03S97ihKAkcb7U1xJYfbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGA1TfarLducItKMAUw7D651eo0eMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvWURWTjlxc3QyNXdpMG93QlREc1ByblY2alI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIVg
MA0GCSqGSIb3DQEBCwUAA4IBAQB0NAM05DzeFzw9g8HpOzYFU0mHiAYqWJXsSmhE
j2jqHVrup68sqU/fqiFvoxvccw/5K3eHjntMBx5oDjUNFN4GNw9aec5dX4vVN6P8
ZOvB5ZpTLIV/UlRdDb0XgsavfXeJmAuvHqOFbjUTJVaq+gTSJDsWI1TJHFOdL10u
D1iUH3PfRymcU+dTcJ6F+y8wI+95OR6KLcQIamASymDkep9TAcFN6lX/IcBNuMrH
uAfwJDvVz+HGjPXJ+SOox3eZhLeUP1l4blEhoXAs17EUv/ctqXn2qIxQafAId9Pj
jUmNd1+bOfdV0i1mvZ67DW4T1m0Ofsh8ehFMoLVFoUlntnUE
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:28:10 2025 by rpki-client