Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/rxVj7HxUdpCbEmncDNwlrERybAQ.roa
File: rxVj7HxUdpCbEmncDNwlrERybAQ.roa (raw, json)
Hash identifier: lGsN4Soe7emS1tDACEfDPVW5uJ4WgQ8icgYo5G8FKks=
Subject key identifier: AF:15:63:EC:7C:54:76:90:9B:12:69:DC:0C:DC:25:AC:44:72:6C:04
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01944FBBC2678AC3843995E4AFCB133B7704
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/rxVj7HxUdpCbEmncDNwlrERybAQ.roa
Signing time: Fri 10 Jan 2025 10:21:32 +0000
ROA not before: Fri 10 Jan 2025 10:21:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4f:bb:c2:67:8a:c3:84:39:95:e4:af:cb:13:3b:77:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jan 10 10:21:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af1563ec7c5476909b1269dc0cdc25ac44726c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:df:5f:bf:f6:65:f1:70:73:f3:69:8b:47:47:
5f:79:f0:61:7a:bb:ae:c0:03:0b:9c:a8:e9:63:e1:
ba:e1:42:db:e5:64:8e:aa:e8:95:b2:27:4c:71:1d:
a6:e8:d5:c7:3a:e7:98:8d:8f:78:15:5a:bc:47:d5:
12:11:3f:ce:aa:e9:e5:4e:42:26:2b:74:2d:7d:94:
f9:56:5f:9f:a1:53:70:78:43:8c:cd:cd:53:09:e7:
7a:44:7b:f2:91:a6:36:aa:f2:0d:e1:7e:09:a5:8a:
17:7d:99:b6:e5:58:5c:97:0c:cc:d4:f2:3c:4b:a8:
52:08:c8:0e:a3:25:3f:5d:a7:70:46:09:43:0c:0b:
50:f9:dd:ac:b7:d9:fb:c2:87:b4:7e:85:f0:d8:ad:
9f:15:ce:b0:c2:7e:33:4c:92:ea:88:98:f8:8c:fa:
0a:7f:75:bb:5e:03:56:9d:d1:ac:8c:33:95:69:5e:
d6:e5:fe:ad:76:74:bb:79:be:e7:c2:b4:07:d3:98:
4d:a8:37:72:1f:db:0a:b7:56:42:ea:bc:33:66:de:
a2:bd:b6:5c:f4:da:7f:0c:f9:7a:39:4f:a4:b3:be:
b8:4b:d3:b8:94:bc:fe:b7:eb:44:53:6d:e2:6e:d8:
0a:ba:d3:23:63:7f:c9:99:77:bc:d0:15:e3:54:48:
7d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:15:63:EC:7C:54:76:90:9B:12:69:DC:0C:DC:25:AC:44:72:6C:04
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/rxVj7HxUdpCbEmncDNwlrERybAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1a:a0:65:01:8e:fd:a0:3e:f6:97:f2:7b:4c:77:2a:9f:9b:e3:
10:a1:26:e5:71:e1:99:b6:df:79:7d:2b:ef:c5:9b:fa:90:b1:
86:8c:ed:d2:cf:ee:9a:e5:b9:02:84:f9:4a:4e:e6:ea:3c:c8:
99:91:04:50:ab:fd:5a:ab:ca:24:8c:05:97:91:73:88:d3:0b:
d9:62:a3:08:f7:e4:9c:fa:f2:37:f6:ed:12:c1:d4:2f:d4:84:
1d:f5:19:22:80:42:ed:47:fa:09:c2:6f:df:0a:25:2c:f6:a1:
8c:7b:0a:b6:57:af:48:b7:10:62:87:27:19:39:55:b9:23:74:
a8:78:7c:97:81:ae:15:03:d5:4f:be:cc:4c:78:1c:0b:68:22:
f2:11:f0:19:c4:21:76:c9:11:7e:de:62:f1:36:4f:70:2d:88:
5d:fd:bf:e2:8a:aa:c8:c5:94:1c:06:df:b0:f7:8c:f6:62:d1:
53:1a:33:cc:4a:28:21:de:12:b0:fe:c7:37:26:fb:a5:cb:e0:
96:3e:69:c2:ac:ea:a7:84:0b:59:60:a8:0c:d6:0d:57:32:b7:
e9:cf:cd:39:c0:54:1d:32:b2:1a:c1:fb:03:b7:16:5a:59:0e:
46:2b:66:7c:9f:ee:5a:b6:2f:33:b4:9f:bb:c7:d6:03:af:9c:
76:e7:82:aa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZRPu8JnisOEOZXkr8sTO3cEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwMTEwMTAyMTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE1NjNlYzdjNTQ3NjkwOWIxMjY5ZGMwY2RjMjVhYzQ0NzI2YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN9fv/Zl8XBz82mLR0dfefBheruu
wAMLnKjpY+G64ULb5WSOquiVsidMcR2m6NXHOueYjY94FVq8R9USET/OqunlTkIm
K3QtfZT5Vl+foVNweEOMzc1TCed6RHvykaY2qvIN4X4JpYoXfZm25VhclwzM1PI8
S6hSCMgOoyU/XadwRglDDAtQ+d2st9n7woe0foXw2K2fFc6wwn4zTJLqiJj4jPoK
f3W7XgNWndGsjDOVaV7W5f6tdnS7eb7nwrQH05hNqDdyH9sKt1ZC6rwzZt6ivbZc
9Np/DPl6OU+ks764S9O4lLz+t+tEU23ibtgKutMjY3/JmXe80BXjVEh90QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK8VY+x8VHaQmxJp3AzcJaxEcmwEMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvcnhWajdIeFVkcENiRW1uY0ROd2xyRVJ5YkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQwDQYJKoZIhvcNAQELBQADggEBABqgZQGO/aA+
9pfye0x3Kp+b4xChJuVx4Zm233l9K+/Fm/qQsYaM7dLP7prluQKE+UpO5uo8yJmR
BFCr/VqryiSMBZeRc4jTC9liowj35Jz68jf27RLB1C/UhB31GSKAQu1H+gnCb98K
JSz2oYx7CrZXr0i3EGKHJxk5VbkjdKh4fJeBrhUD1U++zEx4HAtoIvIR8BnEIXbJ
EX7eYvE2T3AtiF39v+KKqsjFlBwG37D3jPZi0VMaM8xKKCHeErD+xzcm+6XL4JY+
acKs6qeEC1lgqAzWDVcyt+nPzTnAVB0yshrB+wO3FlpZDkYrZnyf7lq2LzO0n7vH
1gOvnHbngqo=
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:37:29 2025 by rpki-client