Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gFl56ZTPRf3acAw49iikwuJQ588.roa
File: gFl56ZTPRf3acAw49iikwuJQ588.roa (raw, json)
Hash identifier: A4BOjpkGeQDoOvGBjy+QymLizrqv3oF8CRNNAkgQMUM=
Subject key identifier: 80:59:79:E9:94:CF:45:FD:DA:70:0C:38:F6:28:A4:C2:E2:50:E7:CF
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBBF6EE53517B5D1D0EECC1F869711
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gFl56ZTPRf3acAw49iikwuJQ588.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2a0c:9a40:8085::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bf:6e:e5:35:17:b5:d1:d0:ee:cc:1f:86:97:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=805979e994cf45fdda700c38f628a4c2e250e7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d8:ed:c7:b3:ac:23:05:44:49:3f:f0:17:21:
2c:f4:59:fa:87:a5:62:88:04:eb:38:18:19:2a:d3:
86:7a:35:63:fa:1d:a8:74:58:eb:26:b6:ef:54:d9:
29:74:6c:a6:7c:a6:ac:14:09:b5:f1:c4:ba:5c:46:
d4:67:7d:65:b2:79:24:e4:27:6a:c9:9b:d3:90:c2:
31:40:f3:30:9c:96:73:5a:39:fb:77:03:54:d9:9e:
eb:d2:4d:e3:4d:c9:05:0f:a3:b7:83:9f:22:ab:b8:
83:65:2f:45:5c:f8:20:e5:07:f7:94:19:bd:33:91:
4a:b0:c1:62:12:14:da:45:3a:5a:5d:66:f9:d2:b9:
2c:70:2c:61:ae:c3:4b:29:48:4f:30:10:b7:d6:d9:
a8:7f:03:c7:71:dd:ba:99:46:10:2f:37:5b:c3:37:
9a:c1:b5:b5:c1:68:a8:a3:dc:b2:95:f9:c6:b7:4d:
97:17:f9:d6:e8:1e:0f:b0:36:56:37:64:1a:09:f2:
06:b4:27:16:33:d1:4c:95:7b:3d:1c:86:f5:7b:f2:
e3:e5:22:b2:30:bf:25:4e:f6:b3:4e:a7:28:e0:b1:
4e:e4:8c:f7:8d:e4:60:09:74:f5:7f:7e:65:57:7f:
31:96:24:81:43:a7:5d:00:4b:e7:af:40:80:60:79:
94:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:59:79:E9:94:CF:45:FD:DA:70:0C:38:F6:28:A4:C2:E2:50:E7:CF
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/gFl56ZTPRf3acAw49iikwuJQ588.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8085::/48
Signature Algorithm: sha256WithRSAEncryption
36:4a:ef:f2:f6:16:ee:63:77:3c:cd:cc:39:39:e4:bc:91:c8:
ec:df:40:00:80:02:d3:fa:11:f2:a0:d1:f4:1c:3c:43:b9:58:
fb:b8:3e:da:10:77:f4:e6:aa:1a:80:e3:1d:f0:3d:52:95:b8:
93:a7:69:f1:9b:19:0c:17:45:49:a7:62:99:80:78:9b:7d:20:
56:bd:db:fd:52:41:0b:79:ac:cd:8d:2d:26:a3:ac:b8:79:fa:
21:a3:d0:32:fc:18:81:ba:70:c4:8e:10:56:97:9b:10:84:c8:
ce:3c:a8:1f:dc:78:02:3d:16:81:ea:55:66:ba:96:69:8e:99:
cf:dd:d0:22:d7:5e:30:6b:84:4f:ab:61:58:a9:3f:fc:aa:ad:
c9:85:79:ce:b5:b2:6a:a9:75:bf:63:de:d7:ed:3c:99:c9:24:
0b:46:51:82:d5:35:9b:48:63:3d:2e:06:6a:aa:29:f6:83:5f:
92:0d:dc:11:9c:cd:2e:e1:58:4c:46:28:d5:df:31:eb:6f:d1:
9a:c1:56:07:43:42:b0:e9:cb:9c:74:d1:1f:dc:86:57:2b:1c:
39:06:9d:9a:66:e2:79:57:8c:a9:ba:c8:d8:f5:2f:ac:c2:52:
2f:9c:ca:79:69:6b:b5:69:16:7f:4b:10:f8:79:ec:5c:f4:85:
18:7a:a3:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+79u5TUXtdHQ7swfhpcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDU5NzllOTk0Y2Y0NWZkZGE3MDBjMzhmNjI4YTRjMmUyNTBlN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59jtx7OsIwVEST/wFyEs9Fn6h6Vi
iATrOBgZKtOGejVj+h2odFjrJrbvVNkpdGymfKasFAm18cS6XEbUZ31lsnkk5Cdq
yZvTkMIxQPMwnJZzWjn7dwNU2Z7r0k3jTckFD6O3g58iq7iDZS9FXPgg5Qf3lBm9
M5FKsMFiEhTaRTpaXWb50rkscCxhrsNLKUhPMBC31tmofwPHcd26mUYQLzdbwzea
wbW1wWioo9yylfnGt02XF/nW6B4PsDZWN2QaCfIGtCcWM9FMlXs9HIb1e/Lj5SKy
ML8lTvazTqco4LFO5Iz3jeRgCXT1f35lV38xliSBQ6ddAEvnr0CAYHmUVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIBZeemUz0X92nAMOPYopMLiUOfPMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZ0ZsNTZaVFBSZjNhY0F3NDlpaWt3dUpRNTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICF
MA0GCSqGSIb3DQEBCwUAA4IBAQA2Su/y9hbuY3c8zcw5OeS8kcjs30AAgALT+hHy
oNH0HDxDuVj7uD7aEHf05qoagOMd8D1SlbiTp2nxmxkMF0VJp2KZgHibfSBWvdv9
UkELeazNjS0mo6y4efoho9Ay/BiBunDEjhBWl5sQhMjOPKgf3HgCPRaB6lVmupZp
jpnP3dAi114wa4RPq2FYqT/8qq3JhXnOtbJqqXW/Y97X7TyZySQLRlGC1TWbSGM9
LgZqqin2g1+SDdwRnM0u4VhMRijV3zHrb9GawVYHQ0Kw6cucdNEf3IZXKxw5Bp2a
ZuJ5V4ypusjY9S+swlIvnMp5aWu1aRZ/SxD4eexc9IUYeqNC
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:40:07 2025 by rpki-client