Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cfR-hVEEWkEUwMw2M1V8-p4d8xk.roa
File: cfR-hVEEWkEUwMw2M1V8-p4d8xk.roa (raw, json)
Hash identifier: wz/4Xbt1g81a52SFupsdpkNdqPVC6kO1L1AiSoDnAFg=
Subject key identifier: 71:F4:7E:85:51:04:5A:41:14:C0:CC:36:33:55:7C:FA:9E:1D:F3:19
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01942068013BE58608F5254E8DDB52A51624
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cfR-hVEEWkEUwMw2M1V8-p4d8xk.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 2a0c:9e05::/32 maxlen: 32
2a0e:eb41::/32 maxlen: 32
2a0e:eb43::/32 maxlen: 32
2a0e:eb45::/32 maxlen: 32
2a0e:eb46::/32 maxlen: 32
2a0e:eb47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:01:3b:e5:86:08:f5:25:4e:8d:db:52:a5:16:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71f47e8551045a4114c0cc3633557cfa9e1df319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0d:8e:7a:77:e0:0c:0f:36:d0:1a:8a:bf:68:
ec:1e:90:95:b3:53:27:54:d8:b4:63:71:10:41:19:
a8:44:d1:4e:99:0c:56:f5:37:9a:5c:25:2d:89:af:
c8:66:a0:b5:6f:d4:f1:d2:f1:96:b5:68:ee:44:f0:
0b:dc:bf:89:58:98:47:c7:63:3a:c5:01:c9:91:a2:
93:eb:d7:7f:09:75:30:27:80:e6:7f:4d:99:a1:b8:
b3:0f:0e:a5:df:13:2a:89:42:11:80:65:cf:5d:b4:
bc:77:28:a0:33:f8:fc:85:3b:0f:58:d9:01:0b:55:
fe:bb:70:7b:e8:53:61:8d:ad:ec:06:81:9a:ec:35:
67:9b:63:4d:50:4a:64:02:56:14:f6:4e:d2:9d:ef:
a1:09:b9:7b:a8:ab:1d:b3:fd:48:a3:5e:fe:37:f2:
b0:f1:ee:0b:13:2b:bc:0c:f4:4b:a5:54:e4:0d:b1:
4e:df:47:26:5e:91:e5:ca:72:b2:d3:7d:68:ce:d0:
f8:a1:c5:a8:52:f6:67:c1:b9:bf:e1:ca:52:8f:ec:
2a:65:c3:39:7b:7b:b9:8b:8d:f5:09:85:8a:31:00:
2c:0b:3b:3f:6e:62:dd:5e:96:ea:d4:0b:dc:4a:28:
cf:dd:be:fe:f1:27:b8:cd:6e:6d:f1:de:1a:2a:ce:
8f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F4:7E:85:51:04:5A:41:14:C0:CC:36:33:55:7C:FA:9E:1D:F3:19
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/cfR-hVEEWkEUwMw2M1V8-p4d8xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9e05::/32
2a0e:eb41::/32
2a0e:eb43::/32
2a0e:eb45::-2a0e:eb47:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:2f:91:b9:c4:b3:a3:da:a1:ea:d0:36:97:a0:13:16:d4:25:
0a:01:82:f0:46:54:92:ee:0a:c0:a3:34:a6:d0:63:e3:de:6f:
59:9b:14:57:93:5d:78:4f:99:b7:3a:55:ee:22:2f:36:88:25:
1c:c2:e0:39:61:de:f2:4f:78:b5:69:21:c0:f5:d6:5c:ca:af:
f1:c6:02:5e:79:a5:17:3f:ef:4d:ff:e8:cd:17:4a:94:1d:d8:
75:cc:2b:df:e4:6b:c0:f5:87:cf:a9:17:25:08:f0:a2:8c:69:
1f:82:75:15:1d:5e:24:1e:f8:99:03:98:70:7e:e5:ac:1b:14:
b8:20:a4:18:44:18:76:78:ef:bc:c8:ab:92:30:08:70:14:a3:
3d:f4:21:c7:0f:39:c5:f1:0a:2d:4a:0c:e3:28:ec:8b:05:71:
c1:2a:6b:3d:17:88:a0:b8:e5:3b:3c:b7:a2:90:d8:1b:d3:ea:
4b:dc:e1:ef:06:29:e5:d8:99:ee:1b:f9:2a:cb:e0:0a:52:48:
74:31:63:05:ca:11:c4:df:f1:af:42:06:0d:70:bf:6c:e4:5a:
9a:2a:8b:ba:c8:c1:a1:87:77:2c:25:4f:e4:79:70:1b:ad:df:
74:53:60:f5:9f:7a:9c:6a:2e:e4:cf:b6:bf:7c:7a:d1:65:59:
7c:a6:6e:1b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQgaAE75YYI9SVOjdtSpRYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY0N2U4NTUxMDQ1YTQxMTRjMGNjMzYzMzU1N2NmYTllMWRmMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ2OenfgDA820BqKv2jsHpCVs1Mn
VNi0Y3EQQRmoRNFOmQxW9TeaXCUtia/IZqC1b9Tx0vGWtWjuRPAL3L+JWJhHx2M6
xQHJkaKT69d/CXUwJ4Dmf02ZobizDw6l3xMqiUIRgGXPXbS8dyigM/j8hTsPWNkB
C1X+u3B76FNhja3sBoGa7DVnm2NNUEpkAlYU9k7Sne+hCbl7qKsds/1Io17+N/Kw
8e4LEyu8DPRLpVTkDbFO30cmXpHlynKy031oztD4ocWoUvZnwbm/4cpSj+wqZcM5
e3u5i431CYWKMQAsCzs/bmLdXpbq1AvcSijP3b7+8Se4zW5t8d4aKs6PSQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFHH0foVRBFpBFMDMNjNVfPqeHfMZMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvY2ZSLWhWRUVXa0VVd013Mk0xVjgtcDRkOHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAKgyeBQMF
ACoO60EDBQAqDutDMA4DBQAqDutFAwUDKg7rQDANBgkqhkiG9w0BAQsFAAOCAQEA
BS+RucSzo9qh6tA2l6ATFtQlCgGC8EZUku4KwKM0ptBj495vWZsUV5NdeE+ZtzpV
7iIvNoglHMLgOWHe8k94tWkhwPXWXMqv8cYCXnmlFz/vTf/ozRdKlB3Ydcwr3+Rr
wPWHz6kXJQjwooxpH4J1FR1eJB74mQOYcH7lrBsUuCCkGEQYdnjvvMirkjAIcBSj
PfQhxw85xfEKLUoM4yjsiwVxwSprPReIoLjlOzy3opDYG9PqS9zh7wYp5diZ7hv5
KsvgClJIdDFjBcoRxN/xr0IGDXC/bORamiqLusjBoYd3LCVP5HlwG63fdFNg9Z96
nGou5M+2v3x60WVZfKZuGw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:58 2025 by rpki-client