Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/n0559nrrxWlTiJJeG18heWs2pIU.roa
File: n0559nrrxWlTiJJeG18heWs2pIU.roa (raw, json)
Hash identifier: MAU9xz4lV/zxBb8iBC0mDqVvEPA9rfYw9hMbacTD5Ec=
Subject key identifier: 9F:4E:79:F6:7A:EB:C5:69:53:88:92:5E:1B:5F:21:79:6B:36:A4:85
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0196C9224C61AA73D0019FF94A9BC70E2154
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/n0559nrrxWlTiJJeG18heWs2pIU.roa
Signing time: Tue 13 May 2025 10:13:10 +0000
ROA not before: Tue 13 May 2025 10:13:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213520
IP address blocks: 2a0d:d940:11::/48 maxlen: 48
2a0d:d940:100::/40 maxlen: 40
2a0d:d940:9002::/48 maxlen: 48
2a0d:d940:9007::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 06:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:22:4c:61:aa:73:d0:01:9f:f9:4a:9b:c7:0e:21:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: May 13 10:13:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f4e79f67aebc5695388925e1b5f21796b36a485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a9:00:d1:f0:f3:a2:d7:4d:bb:6a:ed:c1:44:
22:6a:df:88:97:5a:9d:69:75:e8:cf:97:e0:10:5b:
89:cf:38:4b:43:11:73:80:e2:54:37:86:68:66:dc:
35:29:22:dc:2f:fc:06:2a:c0:1c:60:f4:4d:67:13:
51:d4:5e:0c:f6:b7:5c:d8:05:a2:11:fb:8b:cf:c9:
51:ee:8b:f8:d0:9b:df:62:8d:72:85:71:7c:75:b2:
dd:f2:6b:51:63:d8:2f:32:b8:57:77:5d:f1:e6:54:
0d:77:63:b5:53:8b:d1:46:e1:85:9f:74:5c:3b:7d:
28:0a:c6:c2:d0:d9:e5:50:fd:a2:d4:c9:07:c3:4a:
d7:08:b4:63:35:0f:04:e6:dc:37:0e:db:f6:0a:7c:
63:34:46:3a:70:a3:a5:4c:45:52:ad:79:32:54:3f:
bf:01:d2:d5:47:80:d5:33:e1:ec:99:ba:c6:4e:52:
e6:a8:f4:8d:d8:1d:47:58:c2:67:e3:70:c4:02:9e:
5f:46:75:12:e2:d1:7c:f1:db:fd:de:3d:9f:25:b0:
4a:4b:aa:72:55:f5:8e:2f:97:b5:42:da:ef:f1:ca:
a2:8f:3b:f1:d8:db:87:4d:fd:b4:78:a1:0e:ba:c3:
89:7b:88:cb:84:2c:c5:94:eb:b2:d0:ab:dc:a8:e9:
35:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:4E:79:F6:7A:EB:C5:69:53:88:92:5E:1B:5F:21:79:6B:36:A4:85
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/n0559nrrxWlTiJJeG18heWs2pIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:11::/48
2a0d:d940:100::/40
2a0d:d940:9002::/48
2a0d:d940:9007::/48
Signature Algorithm: sha256WithRSAEncryption
92:b7:fd:19:ba:da:0b:ac:5a:e8:38:38:7d:54:8d:3e:48:37:
5b:34:c7:3c:0a:00:28:69:46:d7:8f:85:99:af:cb:4c:b1:43:
e3:ee:c4:86:a6:7c:e8:cf:84:05:04:cf:30:7f:7e:41:d5:d5:
fb:44:f2:51:d0:6f:09:65:2f:b9:9f:d8:85:09:3f:a5:43:5a:
de:56:ee:80:65:02:89:ac:03:c4:6a:3b:3d:04:ed:07:43:6f:
e2:96:47:46:11:e6:d9:cd:34:16:a6:e5:14:8d:d7:95:b1:11:
59:0b:b2:e4:94:49:56:42:d1:73:04:bf:16:b8:72:6d:94:52:
70:ec:3f:24:9e:d6:89:71:a0:aa:fe:be:00:f7:70:9a:26:f1:
9a:6e:ef:ca:be:ac:bf:a6:b4:0d:b1:0d:cb:e5:b8:fc:b9:e9:
df:10:9b:38:9f:3d:38:65:9c:7e:a6:89:27:06:56:48:4a:94:
47:74:88:a8:c5:f8:a8:6a:d1:67:80:7b:d4:b3:ae:46:0a:20:
a1:ab:25:1f:d0:17:35:25:97:85:92:0a:4b:07:4c:4b:f8:39:
fc:1c:e2:fa:83:5b:81:b6:f9:3e:95:96:ce:e1:5e:1f:64:dc:
b4:11:f2:7f:c6:7a:28:c0:96:8d:e0:a9:3a:12:30:79:3e:e9:
09:bd:1e:67
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZbJIkxhqnPQAZ/5SpvHDiFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNTEzMTAxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjRlNzlmNjdhZWJjNTY5NTM4ODkyNWUxYjVmMjE3OTZiMzZhNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KkA0fDzotdNu2rtwUQiat+Il1qd
aXXoz5fgEFuJzzhLQxFzgOJUN4ZoZtw1KSLcL/wGKsAcYPRNZxNR1F4M9rdc2AWi
EfuLz8lR7ov40JvfYo1yhXF8dbLd8mtRY9gvMrhXd13x5lQNd2O1U4vRRuGFn3Rc
O30oCsbC0NnlUP2i1MkHw0rXCLRjNQ8E5tw3Dtv2CnxjNEY6cKOlTEVSrXkyVD+/
AdLVR4DVM+HsmbrGTlLmqPSN2B1HWMJn43DEAp5fRnUS4tF88dv93j2fJbBKS6py
VfWOL5e1Qtrv8cqijzvx2NuHTf20eKEOusOJe4jLhCzFlOuy0KvcqOk11QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJ9OefZ668VpU4iSXhtfIXlrNqSFMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvbjA1NTlucnJ4V2xUaUpKZUcxOGhlV3MycElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcAKg3ZQAAR
AwYAKg3ZQAEDBwAqDdlAkAIDBwAqDdlAkAcwDQYJKoZIhvcNAQELBQADggEBAJK3
/Rm62gusWug4OH1UjT5IN1s0xzwKAChpRtePhZmvy0yxQ+PuxIamfOjPhAUEzzB/
fkHV1ftE8lHQbwllL7mf2IUJP6VDWt5W7oBlAomsA8RqOz0E7QdDb+KWR0YR5tnN
NBam5RSN15WxEVkLsuSUSVZC0XMEvxa4cm2UUnDsPySe1olxoKr+vgD3cJom8Zpu
78q+rL+mtA2xDcvluPy56d8QmzifPThlnH6miScGVkhKlEd0iKjF+Khq0WeAe9Sz
rkYKIKGrJR/QFzUll4WSCksHTEv4Ofwc4vqDW4G2+T6Vls7hXh9k3LQR8n/GeijA
lo3gqToSMHk+6Qm9Hmc=
-----END CERTIFICATE-----
Generated at Fri Jun 13 15:01:56 2025 by rpki-client