Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/f3c5d8-5ea5-482e-931f-29c023f94781/1/AHKOzgYDCyvjAkh-ui4tIs6DkuE.roa
File: AHKOzgYDCyvjAkh-ui4tIs6DkuE.roa (raw, json)
Hash identifier: 4hfOmwMTypbmuLmMH8Qfr5/pQbm/yaKEh2rP/ouR/uE=
Subject key identifier: 00:72:8E:CE:06:03:0B:2B:E3:02:48:7E:BA:2E:2D:22:CE:83:92:E1
Certificate issuer: /CN=ba8dad2c4a0e117a6868c8d67be10308a64974ad
Certificate serial: 0194258F725807222EAE68414BFBA6B8D1B3
Authority key identifier: BA:8D:AD:2C:4A:0E:11:7A:68:68:C8:D6:7B:E1:03:08:A6:49:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uo2tLEoOEXpoaMjWe-EDCKZJdK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/f3c5d8-5ea5-482e-931f-29c023f94781/1/AHKOzgYDCyvjAkh-ui4tIs6DkuE.roa
Signing time: Thu 02 Jan 2025 05:49:05 +0000
ROA not before: Thu 02 Jan 2025 05:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214840
IP address blocks: 2001:67c:2eb0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/f3c5d8-5ea5-482e-931f-29c023f94781/1/uo2tLEoOEXpoaMjWe-EDCKZJdK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/f3c5d8-5ea5-482e-931f-29c023f94781/1/uo2tLEoOEXpoaMjWe-EDCKZJdK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/uo2tLEoOEXpoaMjWe-EDCKZJdK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:72:58:07:22:2e:ae:68:41:4b:fb:a6:b8:d1:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba8dad2c4a0e117a6868c8d67be10308a64974ad
Validity
Not Before: Jan 2 05:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00728ece06030b2be302487eba2e2d22ce8392e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5b:62:3a:33:09:7f:c0:c9:49:c6:80:d5:25:
50:54:2e:97:11:e8:dc:40:b2:41:f8:d9:49:58:e7:
03:49:79:a3:25:8a:eb:e5:70:b1:5b:b3:b0:29:33:
b8:cf:8c:c6:78:2a:7d:25:79:4c:ac:d7:b0:6e:cb:
ad:50:d4:3b:44:ec:65:06:b5:5a:7d:8c:01:13:52:
0b:1d:38:97:04:1d:0e:3a:2e:69:15:57:1c:e1:5d:
d6:26:bd:93:e5:5f:9a:34:5a:86:63:d4:ff:b8:7e:
fd:58:1c:9a:21:5b:b6:4c:a1:52:1c:83:9c:0d:0e:
07:55:b2:9e:d5:25:7e:a5:5a:a0:e6:f9:e1:a4:ef:
88:82:9d:d9:3b:d5:8c:06:2e:3a:d5:61:34:99:73:
24:20:cb:d3:d7:37:85:ba:3b:0a:da:67:2b:9f:14:
5b:45:9b:2d:c4:ed:d9:25:af:ee:df:68:eb:0d:07:
25:92:44:9f:03:dd:8e:f6:2a:b0:e5:37:32:65:be:
7d:6e:9b:af:97:14:e6:72:b3:b0:de:b7:1c:e3:b0:
8b:83:79:02:f2:8c:d9:ec:88:80:2b:71:71:88:cf:
50:3d:cf:39:84:80:42:3a:3f:82:40:c1:e4:fd:24:
76:51:16:4f:be:f5:89:ff:0a:b2:43:88:78:8e:c3:
8f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:72:8E:CE:06:03:0B:2B:E3:02:48:7E:BA:2E:2D:22:CE:83:92:E1
X509v3 Authority Key Identifier:
keyid:BA:8D:AD:2C:4A:0E:11:7A:68:68:C8:D6:7B:E1:03:08:A6:49:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uo2tLEoOEXpoaMjWe-EDCKZJdK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/f3c5d8-5ea5-482e-931f-29c023f94781/1/AHKOzgYDCyvjAkh-ui4tIs6DkuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/f3c5d8-5ea5-482e-931f-29c023f94781/1/uo2tLEoOEXpoaMjWe-EDCKZJdK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2eb0::/48
Signature Algorithm: sha256WithRSAEncryption
28:37:44:9c:5f:88:08:a2:8b:3e:da:ed:fd:83:f6:e9:c2:1a:
50:24:4a:fa:68:4b:d6:3b:22:a7:ed:79:81:c7:3e:91:71:72:
08:36:56:2d:77:7a:24:b8:bb:30:d6:d7:57:b8:78:d5:15:e0:
75:7d:cd:4c:c5:05:f8:36:17:ac:d3:6d:23:00:4a:61:b5:ef:
29:65:09:6e:c7:65:cf:0e:f3:fd:f1:a7:51:f0:89:7d:07:c2:
cc:1d:52:84:e1:d9:32:c3:ac:d2:d0:da:dd:ae:1c:62:19:ba:
7a:08:81:7c:f8:fb:44:9b:5e:ab:de:cc:67:4c:47:21:73:48:
56:e0:ac:ce:b4:d7:54:00:11:98:13:ae:ee:c0:0d:5b:b9:af:
5e:68:c4:16:de:42:cf:18:bd:e9:76:f4:9e:0d:04:b5:e0:fc:
9b:0d:fd:86:79:81:29:9e:a9:3d:20:cc:37:a5:9a:af:2f:ea:
7a:5c:ed:45:50:34:08:f3:3b:ec:d7:75:e8:1d:a5:0f:1e:b2:
e7:00:82:cd:84:c9:44:e2:0a:5c:30:9c:e6:55:93:99:6c:4c:
8b:3e:20:ec:c5:31:59:14:11:a3:b5:a3:e8:af:d2:ac:11:34:
33:b3:8e:4c:68:bc:fd:0f:41:da:66:ea:13:2c:2f:bd:a4:99:
46:90:c4:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlj3JYByIurmhBS/umuNGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOGRhZDJjNGEwZTExN2E2ODY4YzhkNjdiZTEwMzA4YTY0
OTc0YWQwHhcNMjUwMTAyMDU0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDcyOGVjZTA2MDMwYjJiZTMwMjQ4N2ViYTJlMmQyMmNlODM5MmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1tiOjMJf8DJScaA1SVQVC6XEejc
QLJB+NlJWOcDSXmjJYrr5XCxW7OwKTO4z4zGeCp9JXlMrNewbsutUNQ7ROxlBrVa
fYwBE1ILHTiXBB0OOi5pFVcc4V3WJr2T5V+aNFqGY9T/uH79WByaIVu2TKFSHIOc
DQ4HVbKe1SV+pVqg5vnhpO+Igp3ZO9WMBi461WE0mXMkIMvT1zeFujsK2mcrnxRb
RZstxO3ZJa/u32jrDQclkkSfA92O9iqw5TcyZb59bpuvlxTmcrOw3rcc47CLg3kC
8ozZ7IiAK3FxiM9QPc85hIBCOj+CQMHk/SR2URZPvvWJ/wqyQ4h4jsOPxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAByjs4GAwsr4wJIfrouLSLOg5LhMB8GA1UdIwQY
MBaAFLqNrSxKDhF6aGjI1nvhAwimSXStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW8ydExFb09FWHBvYU1qV2UtRURDS1pKZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9mM2M1ZDgtNWVhNS00ODJlLTkzMWYt
MjljMDIzZjk0NzgxLzEvQUhLT3pnWURDeXZqQWtoLXVpNHRJczZEa3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9mM2M1ZDgtNWVhNS00ODJlLTkzMWYtMjljMDIzZjk0Nzgx
LzEvdW8ydExFb09FWHBvYU1qV2UtRURDS1pKZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC6w
MA0GCSqGSIb3DQEBCwUAA4IBAQAoN0ScX4gIoos+2u39g/bpwhpQJEr6aEvWOyKn
7XmBxz6RcXIINlYtd3okuLsw1tdXuHjVFeB1fc1MxQX4Nhes020jAEphte8pZQlu
x2XPDvP98adR8Il9B8LMHVKE4dkyw6zS0NrdrhxiGbp6CIF8+PtEm16r3sxnTEch
c0hW4KzOtNdUABGYE67uwA1bua9eaMQW3kLPGL3pdvSeDQS14PybDf2GeYEpnqk9
IMw3pZqvL+p6XO1FUDQI8zvs13XoHaUPHrLnAILNhMlE4gpcMJzmVZOZbEyLPiDs
xTFZFBGjtaPor9KsETQzs45MaLz9D0HaZuoTLC+9pJlGkMRf
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:19 2025 by rpki-client