Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/vCH4OSUsijV7XRSCJEum0FY-H90.roa
File: vCH4OSUsijV7XRSCJEum0FY-H90.roa (raw, json)
Hash identifier: Q2YSrRceXmjNOnLUsaQB8aVHIHKR1y30pSzCFU/lGFc=
Subject key identifier: BC:21:F8:39:25:2C:8A:35:7B:5D:14:82:24:4B:A6:D0:56:3E:1F:DD
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBBEE0D9BF7FDC77F39D36B10B060F
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/vCH4OSUsijV7XRSCJEum0FY-H90.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3280
IP address blocks: 2a0c:9a40:8086::/48 maxlen: 48
2a0c:9a40:9086::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:be:e0:d9:bf:7f:dc:77:f3:9d:36:b1:0b:06:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc21f839252c8a357b5d1482244ba6d0563e1fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e1:9b:e3:4b:52:ef:49:e9:aa:56:ff:9c:6c:
b5:da:ab:f4:22:db:b4:62:9d:de:f9:54:6a:34:00:
9f:be:b8:cb:46:92:df:67:47:5f:ac:e8:66:ac:21:
f5:49:e7:eb:8d:3c:e1:64:fc:2c:06:e9:30:44:7c:
1d:46:21:1c:ea:b5:a3:56:cd:b0:47:57:31:7a:fe:
0a:66:25:b9:d9:2a:43:f0:1d:b2:76:be:16:ac:bb:
9b:e3:c1:d2:b5:b4:db:6e:2b:07:e6:bf:68:cf:c2:
51:37:54:97:4c:42:32:cb:11:fd:85:0b:c0:80:1f:
91:c3:81:c4:df:06:18:b6:3d:64:8b:16:80:af:2d:
29:a6:27:e3:b0:0d:b5:42:2e:ee:0f:2c:47:6c:6a:
a7:e6:bc:1c:f0:47:2b:e7:ff:ef:c7:1d:81:f9:c1:
53:40:b3:a1:92:de:9c:1b:94:5e:27:92:e4:39:e7:
71:c3:89:01:5a:22:f4:aa:d4:7f:4b:cc:6c:c8:6f:
fe:0f:3a:ae:64:4b:9e:9a:34:d2:48:b2:32:3c:15:
c8:91:f6:e9:36:59:71:2d:73:0e:77:60:7c:c7:ff:
2e:b7:fd:bd:6c:9d:c7:88:b6:d0:92:1e:3c:49:93:
c0:e1:cd:0d:23:f9:ac:e7:7e:cf:63:f3:69:0b:a9:
51:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:21:F8:39:25:2C:8A:35:7B:5D:14:82:24:4B:A6:D0:56:3E:1F:DD
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/vCH4OSUsijV7XRSCJEum0FY-H90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8086::/48
2a0c:9a40:9086::/48
Signature Algorithm: sha256WithRSAEncryption
06:ae:c6:e9:87:e9:86:11:46:95:af:b9:67:e3:43:45:44:7e:
7f:3e:64:ad:72:3a:2a:22:fd:c3:da:04:25:4a:f4:68:95:3d:
f4:9c:f4:db:5f:b3:5d:49:9c:3f:34:14:f4:4d:f6:67:a2:10:
dd:12:bb:21:8d:08:ab:20:83:62:9d:7a:fd:2d:36:5b:01:b1:
d6:a5:1a:ba:df:20:33:3f:26:af:46:d9:22:a1:f6:ba:d2:5c:
3f:53:7d:0a:17:2f:d1:ab:fb:86:b0:7f:bd:5b:8c:49:b1:e3:
7d:4b:e5:e1:d9:ba:80:8f:37:ad:dc:aa:ad:21:af:04:bc:4f:
5b:07:1e:9a:c5:89:7d:21:ee:2d:8d:f5:32:98:34:3a:f2:b1:
b7:17:70:f1:97:7b:90:71:67:1a:81:d3:60:81:bd:4d:83:3f:
41:f0:d2:44:48:48:c4:2c:94:1a:70:34:f4:38:dc:b5:2a:fd:
d6:c9:a5:89:37:31:05:84:5e:ef:53:7f:47:ab:20:ad:4c:9a:
c1:7b:c4:ab:cb:ed:f4:1d:ab:c8:d7:69:7c:42:8d:e7:09:5d:
92:37:ec:e7:8f:01:3a:8a:a5:c3:32:0b:1a:c4:08:3c:9b:59:
c9:ce:8f:08:bf:c1:4d:d0:bf:e6:6c:a5:3d:7b:65:83:3e:5c:
1c:86:91:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+77g2b9/3HfznTaxCwYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzIxZjgzOTI1MmM4YTM1N2I1ZDE0ODIyNDRiYTZkMDU2M2UxZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuGb40tS70npqlb/nGy12qv0Itu0
Yp3e+VRqNACfvrjLRpLfZ0dfrOhmrCH1SefrjTzhZPwsBukwRHwdRiEc6rWjVs2w
R1cxev4KZiW52SpD8B2ydr4WrLub48HStbTbbisH5r9oz8JRN1SXTEIyyxH9hQvA
gB+Rw4HE3wYYtj1kixaAry0ppifjsA21Qi7uDyxHbGqn5rwc8Ecr5//vxx2B+cFT
QLOhkt6cG5ReJ5LkOedxw4kBWiL0qtR/S8xsyG/+DzquZEuemjTSSLIyPBXIkfbp
NllxLXMOd2B8x/8ut/29bJ3HiLbQkh48SZPA4c0NI/ms537PY/NpC6lRnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLwh+DklLIo1e10UgiRLptBWPh/dMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvdkNINE9TVXNpalY3WFJTQ0pFdW0wRlktSDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgyaQICG
AwcAKgyaQJCGMA0GCSqGSIb3DQEBCwUAA4IBAQAGrsbph+mGEUaVr7ln40NFRH5/
PmStcjoqIv3D2gQlSvRolT30nPTbX7NdSZw/NBT0TfZnohDdErshjQirIINinXr9
LTZbAbHWpRq63yAzPyavRtkiofa60lw/U30KFy/Rq/uGsH+9W4xJseN9S+Xh2bqA
jzet3KqtIa8EvE9bBx6axYl9Ie4tjfUymDQ68rG3F3Dxl3uQcWcagdNggb1Ngz9B
8NJESEjELJQacDT0ONy1Kv3WyaWJNzEFhF7vU39HqyCtTJrBe8Sry+30HavI12l8
Qo3nCV2SN+znjwE6iqXDMgsaxAg8m1nJzo8Iv8FN0L/mbKU9e2WDPlwchpFm
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:37:01 2025 by rpki-client