Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/wF16Isbo0PTlUouJULLf9fQs6Jw.roa
File: wF16Isbo0PTlUouJULLf9fQs6Jw.roa (raw, json)
Hash identifier: ujnMHiwDZPQLz7IHlGLCJr2Hydzywx1acJmP/oG/nU8=
Subject key identifier: C0:5D:7A:22:C6:E8:D0:F4:E5:52:8B:89:50:B2:DF:F5:F4:2C:E8:9C
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 0194221FA1B60AC3F09620AC4CD6407C78E1
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/wF16Isbo0PTlUouJULLf9fQs6Jw.roa
Signing time: Wed 01 Jan 2025 13:48:05 +0000
ROA not before: Wed 01 Jan 2025 13:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60262
IP address blocks: 2a11:cc0::/29 maxlen: 29
2a11:1900::/29 maxlen: 29
2a11:23c0::/29 maxlen: 29
2a11:3ac0::/29 maxlen: 29
2a11:4f40::/29 maxlen: 29
2a11:79c0::/29 maxlen: 29
2a11:8dc0::/29 maxlen: 29
2a11:9500::/29 maxlen: 29
2a11:9b80::/29 maxlen: 29
2a11:a200::/29 maxlen: 29
2a11:b7c0::/29 maxlen: 29
2a11:b800::/29 maxlen: 29
2a11:c400::/29 maxlen: 29
2a11:e500::/29 maxlen: 29
2a11:f5c0::/29 maxlen: 29
2a12:2a00::/29 maxlen: 29
2a12:3100::/29 maxlen: 29
2a12:5180::/29 maxlen: 29
2a12:7a00::/29 maxlen: 29
2a12:9a80::/29 maxlen: 29
2a12:cb00::/29 maxlen: 29
2a12:da80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a1:b6:0a:c3:f0:96:20:ac:4c:d6:40:7c:78:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jan 1 13:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c05d7a22c6e8d0f4e5528b8950b2dff5f42ce89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:93:2a:77:9e:e5:92:bb:5b:e1:ab:82:51:
42:51:b8:96:43:f8:a7:45:26:dd:d0:1d:9b:48:82:
eb:82:ad:89:9b:b9:36:e7:f0:ab:05:85:76:a6:0a:
b6:3f:d7:ef:90:a5:19:49:cf:c7:26:f0:d4:52:56:
fd:c2:d1:d9:12:5c:70:a5:17:01:e9:06:05:0c:58:
d4:f3:e3:8c:6e:1d:67:04:2e:7f:0f:df:18:4c:1d:
0b:22:86:1a:16:d4:d8:aa:6d:1e:03:32:e9:d6:2b:
80:48:11:c5:74:35:75:27:57:35:fb:ff:78:6e:f2:
06:9d:54:57:c3:f0:44:57:2d:0e:52:12:25:7c:78:
8f:ad:8e:cc:a3:06:52:42:af:fe:af:17:a6:f0:79:
21:e5:e2:af:5f:2d:c7:4f:d2:dd:1a:d8:be:25:6e:
5f:fb:6f:a4:d3:ee:89:6a:e8:a6:6d:22:95:b7:7c:
ca:28:32:82:75:5e:e4:4b:19:9b:87:03:99:26:c6:
4c:33:c3:10:ff:57:b8:ba:c0:b2:21:6a:5b:5a:18:
b4:66:d3:fb:0f:8c:4e:a2:80:c9:b8:a4:85:52:69:
6b:4a:6c:fb:e5:ab:5c:d8:64:d9:2f:e2:3e:7f:ff:
36:18:87:d2:92:95:4e:c7:02:7c:83:b4:78:a0:69:
32:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5D:7A:22:C6:E8:D0:F4:E5:52:8B:89:50:B2:DF:F5:F4:2C:E8:9C
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/wF16Isbo0PTlUouJULLf9fQs6Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:cc0::/29
2a11:1900::/29
2a11:23c0::/29
2a11:3ac0::/29
2a11:4f40::/29
2a11:79c0::/29
2a11:8dc0::/29
2a11:9500::/29
2a11:9b80::/29
2a11:a200::/29
2a11:b7c0::/29
2a11:b800::/29
2a11:c400::/29
2a11:e500::/29
2a11:f5c0::/29
2a12:2a00::/29
2a12:3100::/29
2a12:5180::/29
2a12:7a00::/29
2a12:9a80::/29
2a12:cb00::/29
2a12:da80::/29
Signature Algorithm: sha256WithRSAEncryption
3f:ce:9e:bf:be:ac:27:e7:36:f6:96:d3:1b:09:63:14:68:40:
06:de:11:aa:09:2e:85:e9:a9:f8:f6:07:3a:47:8a:09:c9:2a:
a1:ad:88:00:4d:c9:35:c6:7c:2e:5d:86:1d:89:bb:f7:fd:18:
87:5e:ea:fc:ea:a6:72:15:fb:51:40:c0:17:dd:ba:c9:03:87:
dd:9d:36:47:ef:a4:65:7d:86:66:d6:aa:0a:5a:16:64:e8:16:
ae:9c:17:d3:58:a5:8b:9f:95:04:0d:d8:b7:58:53:7d:88:c8:
5d:73:0b:d6:44:bb:f3:03:4f:81:c8:93:b4:17:53:e2:23:50:
bd:f8:76:7a:99:c9:17:34:0f:b9:29:d1:b6:0f:e3:cc:d2:e2:
3b:89:cd:c3:d5:e7:9a:43:6c:6d:3e:34:b9:03:f8:12:b2:18:
88:2a:c8:7f:27:ab:d5:a9:1c:6a:ca:ef:77:33:70:ae:de:7d:
fe:7f:44:a7:cf:78:8b:57:99:b4:a1:1b:54:b9:43:74:a0:70:
9e:76:16:d0:66:c2:35:b7:d3:19:ee:5f:59:2e:a3:af:0c:75:
e4:bc:3f:73:92:10:2a:e2:27:12:5c:07:0e:4c:b3:61:ec:ff:
b0:a6:bc:22:99:67:f0:db:6c:cd:07:0b:29:ab:37:9d:d9:ca:
5e:45:cd:32
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZQiH6G2CsPwliCsTNZAfHjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjUwMTAxMTM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDVkN2EyMmM2ZThkMGY0ZTU1MjhiODk1MGIyZGZmNWY0MmNlODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWeTKnee5ZK7W+GrglFCUbiWQ/in
RSbd0B2bSILrgq2Jm7k25/CrBYV2pgq2P9fvkKUZSc/HJvDUUlb9wtHZElxwpRcB
6QYFDFjU8+OMbh1nBC5/D98YTB0LIoYaFtTYqm0eAzLp1iuASBHFdDV1J1c1+/94
bvIGnVRXw/BEVy0OUhIlfHiPrY7MowZSQq/+rxem8Hkh5eKvXy3HT9LdGti+JW5f
+2+k0+6JauimbSKVt3zKKDKCdV7kSxmbhwOZJsZMM8MQ/1e4usCyIWpbWhi0ZtP7
D4xOooDJuKSFUmlrSmz75atc2GTZL+I+f/82GIfSkpVOxwJ8g7R4oGkyCQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFMBdeiLG6ND05VKLiVCy3/X0LOicMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvd0YxNklzYm8wUFRsVW91SlVMTGY5ZlFzNkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAIwgZoDBQMq
EQzAAwUDKhEZAAMFAyoRI8ADBQMqETrAAwUDKhFPQAMFAyoRecADBQMqEY3AAwUD
KhGVAAMFAyoRm4ADBQMqEaIAAwUDKhG3wAMFAyoRuAADBQMqEcQAAwUDKhHlAAMF
AyoR9cADBQMqEioAAwUDKhIxAAMFAyoSUYADBQMqEnoAAwUDKhKagAMFAyoSywAD
BQMqEtqAMA0GCSqGSIb3DQEBCwUAA4IBAQA/zp6/vqwn5zb2ltMbCWMUaEAG3hGq
CS6F6an49gc6R4oJySqhrYgATck1xnwuXYYdibv3/RiHXur86qZyFftRQMAX3brJ
A4fdnTZH76RlfYZm1qoKWhZk6BaunBfTWKWLn5UEDdi3WFN9iMhdcwvWRLvzA0+B
yJO0F1PiI1C9+HZ6mckXNA+5KdG2D+PM0uI7ic3D1eeaQ2xtPjS5A/gSshiIKsh/
J6vVqRxqyu93M3Cu3n3+f0Snz3iLV5m0oRtUuUN0oHCedhbQZsI1t9MZ7l9ZLqOv
DHXkvD9zkhAq4icSXAcOTLNh7P+wprwimWfw22zNBwspqzed2cpeRc0y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:25 2025 by rpki-client