Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/445c48-1238-450d-80c4-6b5239779d8a/1/5HrGsXGpXPGTggrYI32PqK2khbw.roa
File: 5HrGsXGpXPGTggrYI32PqK2khbw.roa (raw, json)
Hash identifier: 03NS1LF/7zpFWo7wQubB17sub76Yvqg3XO75dLmad6I=
Subject key identifier: E4:7A:C6:B1:71:A9:5C:F1:93:82:0A:D8:23:7D:8F:A8:AD:A4:85:BC
Certificate issuer: /CN=34223e0da92d6a95c0e5e2b2f9a8da9958a74f36
Certificate serial: 0195D7D3B16583E6764205895DBFF6B17993
Authority key identifier: 34:22:3E:0D:A9:2D:6A:95:C0:E5:E2:B2:F9:A8:DA:99:58:A7:4F:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NCI-DaktapXA5eKy-ajamVinTzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/445c48-1238-450d-80c4-6b5239779d8a/1/5HrGsXGpXPGTggrYI32PqK2khbw.roa
Signing time: Thu 27 Mar 2025 13:38:49 +0000
ROA not before: Thu 27 Mar 2025 13:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211112
IP address blocks: 2a14:d580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/445c48-1238-450d-80c4-6b5239779d8a/1/NCI-DaktapXA5eKy-ajamVinTzY.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/445c48-1238-450d-80c4-6b5239779d8a/1/NCI-DaktapXA5eKy-ajamVinTzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NCI-DaktapXA5eKy-ajamVinTzY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:d3:b1:65:83:e6:76:42:05:89:5d:bf:f6:b1:79:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34223e0da92d6a95c0e5e2b2f9a8da9958a74f36
Validity
Not Before: Mar 27 13:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e47ac6b171a95cf193820ad8237d8fa8ada485bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:20:b0:65:e5:bf:9c:32:f9:9a:7d:02:84:69:
a8:38:ee:9c:8b:a7:6e:7c:2d:2c:26:3a:10:26:7a:
64:c7:b7:ad:00:dc:7f:8e:9a:79:23:28:63:97:bb:
ba:3f:cf:7a:ef:cc:19:c1:9e:60:68:60:fe:8e:6a:
92:fa:cd:39:8f:8c:c0:6c:43:bb:9c:8e:83:ec:e2:
47:85:aa:ce:65:12:cd:d1:93:df:74:ed:f5:c0:60:
94:39:c9:1a:cc:35:3f:d8:e0:57:cc:f9:fc:c3:f8:
16:0f:1c:a1:4c:51:47:86:6d:fb:e5:8c:14:84:d6:
11:52:9d:2f:8d:c2:e6:9b:3f:4a:16:90:29:00:88:
37:3d:0e:89:ff:cf:86:d0:2c:b9:29:51:88:bf:7a:
75:f2:db:3e:7d:be:81:f5:3b:88:14:3a:66:d0:1d:
c4:94:81:05:ba:de:67:cf:7d:4f:32:8d:e6:03:55:
9a:ed:33:b3:a7:cd:7d:b0:e7:14:33:f4:2c:eb:9a:
a3:6b:9b:e2:9c:b6:13:e0:e4:df:57:7b:0a:d8:31:
08:a6:36:15:53:9f:91:19:d4:61:18:77:71:46:65:
f1:12:95:2f:0f:7d:cc:1b:cc:55:a2:11:3a:da:c1:
85:0f:a7:b1:ec:41:7e:0f:4a:5d:43:29:83:93:37:
a2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:7A:C6:B1:71:A9:5C:F1:93:82:0A:D8:23:7D:8F:A8:AD:A4:85:BC
X509v3 Authority Key Identifier:
keyid:34:22:3E:0D:A9:2D:6A:95:C0:E5:E2:B2:F9:A8:DA:99:58:A7:4F:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NCI-DaktapXA5eKy-ajamVinTzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/445c48-1238-450d-80c4-6b5239779d8a/1/5HrGsXGpXPGTggrYI32PqK2khbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/445c48-1238-450d-80c4-6b5239779d8a/1/NCI-DaktapXA5eKy-ajamVinTzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:d580::/32
Signature Algorithm: sha256WithRSAEncryption
5b:a6:8b:b8:10:49:93:c1:d6:b9:db:7c:c4:8d:9f:89:13:40:
4f:79:54:16:dc:4b:cc:a4:58:a2:a5:00:e4:45:e9:29:f0:c6:
69:15:c6:86:7f:7a:4d:ba:86:0b:a1:8c:89:31:fb:cf:8e:28:
9b:9c:f2:24:cb:fc:6f:b3:03:7d:bc:1a:7c:34:a8:9f:f7:71:
c1:53:07:c7:f4:bd:70:b0:9f:85:a7:28:31:47:56:28:99:9f:
91:36:76:af:50:7b:66:12:c2:73:23:35:08:86:d0:57:fe:d2:
57:d1:c2:af:6d:9e:93:30:41:ff:9e:f5:6b:cb:1c:da:f3:61:
a7:72:27:83:10:5d:d6:03:d4:a4:3d:38:93:9f:25:cf:f4:e8:
4a:5c:50:5f:44:68:3d:8b:92:0f:e1:98:45:16:35:0f:17:a1:
b0:1f:2d:33:96:d4:25:df:50:35:eb:b9:16:ef:9e:0d:8d:b1:
bb:a8:da:87:24:df:10:61:08:64:4f:41:a1:92:a4:da:0a:ce:
04:f1:95:2b:3c:9b:ea:1e:08:0b:d8:2b:1e:76:34:8f:0a:7c:
cb:d1:65:5f:8d:c9:c5:f4:11:82:2e:9d:77:aa:e7:8e:dd:94:
2e:fc:ff:51:63:b0:7e:5b:84:f5:38:9c:af:41:9b:16:cf:c9:
50:3a:d8:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXX07Flg+Z2QgWJXb/2sXmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MjIzZTBkYTkyZDZhOTVjMGU1ZTJiMmY5YThkYTk5NThh
NzRmMzYwHhcNMjUwMzI3MTMzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDdhYzZiMTcxYTk1Y2YxOTM4MjBhZDgyMzdkOGZhOGFkYTQ4NWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiCwZeW/nDL5mn0ChGmoOO6ci6du
fC0sJjoQJnpkx7etANx/jpp5Iyhjl7u6P89678wZwZ5gaGD+jmqS+s05j4zAbEO7
nI6D7OJHharOZRLN0ZPfdO31wGCUOckazDU/2OBXzPn8w/gWDxyhTFFHhm375YwU
hNYRUp0vjcLmmz9KFpApAIg3PQ6J/8+G0Cy5KVGIv3p18ts+fb6B9TuIFDpm0B3E
lIEFut5nz31PMo3mA1Wa7TOzp819sOcUM/Qs65qja5vinLYT4OTfV3sK2DEIpjYV
U5+RGdRhGHdxRmXxEpUvD33MG8xVohE62sGFD6ex7EF+D0pdQymDkzeigQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOR6xrFxqVzxk4IK2CN9j6itpIW8MB8GA1UdIwQY
MBaAFDQiPg2pLWqVwOXisvmo2plYp082MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkNJLURha3RhcFhBNWVLeS1hamFtVmluVHpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS80NDVjNDgtMTIzOC00NTBkLTgwYzQt
NmI1MjM5Nzc5ZDhhLzEvNUhyR3NYR3BYUEdUZ2dyWUkzMlBxSzJraGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS80NDVjNDgtMTIzOC00NTBkLTgwYzQtNmI1MjM5Nzc5ZDhh
LzEvTkNJLURha3RhcFhBNWVLeS1hamFtVmluVHpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhTVgDAN
BgkqhkiG9w0BAQsFAAOCAQEAW6aLuBBJk8HWudt8xI2fiRNAT3lUFtxLzKRYoqUA
5EXpKfDGaRXGhn96TbqGC6GMiTH7z44om5zyJMv8b7MDfbwafDSon/dxwVMHx/S9
cLCfhacoMUdWKJmfkTZ2r1B7ZhLCcyM1CIbQV/7SV9HCr22ekzBB/571a8sc2vNh
p3IngxBd1gPUpD04k58lz/ToSlxQX0RoPYuSD+GYRRY1DxehsB8tM5bUJd9QNeu5
Fu+eDY2xu6jahyTfEGEIZE9BoZKk2grOBPGVKzyb6h4IC9grHnY0jwp8y9FlX43J
xfQRgi6dd6rnjt2ULvz/UWOwfluE9Ticr0GbFs/JUDrYXQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:37:53 2025 by rpki-client