Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/QhSInFK1aIon1BhkEHNijO-f4ik.roa
File: QhSInFK1aIon1BhkEHNijO-f4ik.roa (raw, json)
Hash identifier: awcccSlGjZ1xO51njQcexLk1s7JWly1aPOUdo8QDEfg=
Subject key identifier: 42:14:88:9C:52:B5:68:8A:27:D4:18:64:10:73:62:8C:EF:9F:E2:29
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 019422FC33330C2E5F4D382C7266196B176F
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/QhSInFK1aIon1BhkEHNijO-f4ik.roa
Signing time: Wed 01 Jan 2025 17:49:01 +0000
ROA not before: Wed 01 Jan 2025 17:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56815
IP address blocks: 2a05:a6c7:ffff:ff00::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:33:33:0c:2e:5f:4d:38:2c:72:66:19:6b:17:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4214889c52b5688a27d418641073628cef9fe229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2a:73:60:cf:34:0a:72:4e:5c:aa:3f:c3:d9:
0d:75:cf:41:6f:28:ef:03:dd:ad:12:c9:b1:2c:8a:
88:8d:87:72:70:83:49:54:58:30:49:8a:4d:32:60:
d0:c5:8a:05:51:48:fc:07:de:05:2c:65:a0:d5:5c:
18:3d:e2:f2:bf:f6:cf:b0:03:ea:dc:41:b4:bd:42:
39:5f:42:0e:bd:ad:45:ef:d5:c0:6c:d2:79:4b:1a:
1a:a1:ed:da:af:a4:12:68:22:62:a3:89:bb:e4:3d:
ea:89:66:cf:0c:46:63:f2:4a:6c:88:49:0a:81:40:
d6:03:21:3e:e6:7b:62:0c:4d:f4:96:f7:aa:8d:41:
38:52:3f:cf:b1:9e:be:03:5c:21:fd:d6:28:fb:ae:
6d:af:05:b1:d0:00:00:41:48:24:22:b6:6e:29:c6:
bd:cf:1f:ec:fa:12:e6:49:62:bb:c0:cf:28:e9:cf:
71:84:da:0e:c0:58:e1:af:15:13:6c:ef:e1:84:72:
0e:7a:5c:3c:34:5a:01:76:cf:1b:df:59:de:6e:ca:
15:ed:16:01:ff:c8:b4:23:60:bf:a0:8e:ce:9e:57:
c7:5f:c4:95:1d:b8:2f:af:a5:b9:c8:3f:62:4e:52:
b1:22:df:e3:de:fe:c3:a0:13:f6:2b:dc:d7:79:47:
2e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:14:88:9C:52:B5:68:8A:27:D4:18:64:10:73:62:8C:EF:9F:E2:29
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/QhSInFK1aIon1BhkEHNijO-f4ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:a6c7:ffff:ff00::/56
Signature Algorithm: sha256WithRSAEncryption
22:49:26:6c:ca:20:de:03:88:30:6f:21:0d:2c:46:34:ce:d0:
ed:23:ed:55:4e:da:86:dd:e1:c9:ca:4a:45:11:3f:98:75:9d:
89:d0:92:df:dc:42:ec:43:89:a4:6b:b3:9a:8a:6c:41:c3:d1:
94:f8:98:31:50:bb:bd:1f:a0:e7:42:8b:40:20:cc:d6:45:36:
a3:fe:de:ae:ce:eb:c3:4a:b1:bc:15:f3:c9:27:be:4d:e5:64:
38:05:06:bf:dc:b7:97:9b:1c:f6:fc:c1:a5:a0:1a:31:73:b1:
57:c1:34:55:ae:22:00:a7:e6:49:fd:3d:4a:b6:05:50:4a:c9:
2e:9f:49:2b:eb:13:5e:ae:e3:a1:a7:41:2d:5c:de:5d:a3:82:
28:a0:b1:38:1a:ae:fd:70:53:10:ee:80:53:40:91:75:b4:85:
53:e2:ce:da:c0:f6:d1:0d:6d:38:09:6d:0b:39:ba:14:ea:24:
22:df:e4:98:04:41:fc:45:d6:d7:1c:95:13:7c:29:af:ae:9d:
bf:d4:0e:e5:0a:05:93:a4:25:7d:45:9b:a2:27:1d:51:55:c1:
9e:29:07:44:1c:8f:04:17:e9:97:8b:7a:5f:95:8e:60:05:51:
f3:8e:a4:ea:42:8c:74:48:c1:ac:6b:64:47:6a:fa:36:e1:55:
ac:77:56:88
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQi/DMzDC5fTTgscmYZaxdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE0ODg5YzUyYjU2ODhhMjdkNDE4NjQxMDczNjI4Y2VmOWZlMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSpzYM80CnJOXKo/w9kNdc9Bbyjv
A92tEsmxLIqIjYdycINJVFgwSYpNMmDQxYoFUUj8B94FLGWg1VwYPeLyv/bPsAPq
3EG0vUI5X0IOva1F79XAbNJ5Sxoaoe3ar6QSaCJio4m75D3qiWbPDEZj8kpsiEkK
gUDWAyE+5ntiDE30lveqjUE4Uj/PsZ6+A1wh/dYo+65trwWx0AAAQUgkIrZuKca9
zx/s+hLmSWK7wM8o6c9xhNoOwFjhrxUTbO/hhHIOelw8NFoBds8b31nebsoV7RYB
/8i0I2C/oI7OnlfHX8SVHbgvr6W5yD9iTlKxIt/j3v7DoBP2K9zXeUcuMQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFEIUiJxStWiKJ9QYZBBzYozvn+IpMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvUWhTSW5GSzFhSW9uMUJoa0VITmlqTy1mNGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAAjAKAwgAKgWmx///
/zANBgkqhkiG9w0BAQsFAAOCAQEAIkkmbMog3gOIMG8hDSxGNM7Q7SPtVU7aht3h
ycpKRRE/mHWdidCS39xC7EOJpGuzmopsQcPRlPiYMVC7vR+g50KLQCDM1kU2o/7e
rs7rw0qxvBXzySe+TeVkOAUGv9y3l5sc9vzBpaAaMXOxV8E0Va4iAKfmSf09SrYF
UErJLp9JK+sTXq7joadBLVzeXaOCKKCxOBqu/XBTEO6AU0CRdbSFU+LO2sD20Q1t
OAltCzm6FOokIt/kmARB/EXW1xyVE3wpr66dv9QO5QoFk6QlfUWboicdUVXBnikH
RByPBBfpl4t6X5WOYAVR846k6kKMdEjBrGtkR2r6NuFVrHdWiA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:47:53 2025 by rpki-client