Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/QZoa2FVMFT1UIn9TjIdCJB0KRm0.roa
File: QZoa2FVMFT1UIn9TjIdCJB0KRm0.roa (raw, json)
Hash identifier: Ms+peXedl4VTyfxLJJp1x3zUfnRF0n3j5fmzunIlaVk=
Subject key identifier: 41:9A:1A:D8:55:4C:15:3D:54:22:7F:53:8C:87:42:24:1D:0A:46:6D
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 01951994950ACBFF97A47D2B36D2B80EBD44
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/QZoa2FVMFT1UIn9TjIdCJB0KRm0.roa
Signing time: Tue 18 Feb 2025 15:02:02 +0000
ROA not before: Tue 18 Feb 2025 15:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39598
IP address blocks: 2a00:11d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:94:95:0a:cb:ff:97:a4:7d:2b:36:d2:b8:0e:bd:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Feb 18 15:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=419a1ad8554c153d54227f538c8742241d0a466d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:ce:40:0b:f2:03:4e:60:c4:5e:19:69:54:
7a:7a:9c:94:b7:a5:2a:f8:54:7e:94:63:00:68:58:
9e:fe:fc:d7:b1:f3:b8:15:ab:fb:ab:e2:54:3a:26:
2f:5e:95:65:0d:45:b9:21:5d:ef:f6:45:92:17:7c:
1f:77:2f:1e:10:a0:bf:f7:5f:82:d2:57:29:5e:e2:
b8:1c:38:01:3d:6c:6d:40:c1:a3:ea:70:83:84:d7:
fc:71:b0:83:cc:bf:9a:8c:7b:cd:cd:40:a6:2f:28:
36:9b:12:53:e2:b4:0c:08:be:6a:70:5b:12:76:00:
c9:b9:8b:1f:69:ed:4b:79:d1:4e:ce:48:9f:e5:0f:
ab:49:8a:9b:00:e8:09:69:c4:68:de:ac:ff:44:fc:
e9:19:14:9c:37:05:db:0c:ef:53:72:41:7c:14:c0:
71:c5:f5:ed:40:9a:ba:7b:5a:a3:26:a8:3b:b8:4b:
fa:a8:3f:68:e0:7b:a7:4a:ea:68:f7:52:6f:5d:f1:
16:0e:87:24:67:aa:f3:6d:70:bb:67:87:b7:0a:5a:
a1:17:74:71:b8:b7:e5:fb:25:84:a4:ac:03:03:24:
c3:87:b6:8a:c3:50:cb:54:ed:a5:dd:d4:fc:2d:0a:
d3:67:9a:1d:ea:5e:58:55:ec:2a:9a:b9:56:15:1b:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9A:1A:D8:55:4C:15:3D:54:22:7F:53:8C:87:42:24:1D:0A:46:6D
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/QZoa2FVMFT1UIn9TjIdCJB0KRm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
67:96:d2:df:05:70:43:51:f4:22:21:ab:62:81:03:03:be:e8:
4c:cd:48:b3:7b:c2:4a:39:a5:46:91:77:ea:2a:3c:00:17:ca:
e5:08:a2:ce:05:d9:69:bd:09:87:7e:43:dd:83:b0:ba:7d:47:
4c:d6:21:b6:3d:cc:40:22:53:4c:8a:4d:42:a5:76:ff:ff:ba:
58:87:4d:64:9d:1a:ea:c5:f1:9d:62:ee:b9:ca:06:8a:ee:35:
75:7c:74:22:84:30:d8:87:15:88:de:c2:45:38:77:2a:f4:0f:
7e:80:6f:4e:0e:dd:0a:06:ba:4c:7e:2d:d8:4b:16:d1:ba:96:
b8:fd:7b:b3:05:aa:25:fa:81:18:fe:cf:3a:22:da:ee:7e:42:
92:fa:34:fb:a2:e9:99:53:c7:27:0d:55:43:46:e9:78:42:b4:
f2:7c:91:98:b1:58:76:5a:2c:ea:32:24:09:bc:f8:a1:d5:e3:
b0:14:93:b3:3a:ef:61:70:aa:b3:71:6c:bc:6e:57:40:bb:93:
5b:60:23:0e:59:59:6d:2e:85:6a:9f:f1:90:68:e7:1e:11:0c:
8a:b8:21:dd:ab:1a:5d:ea:78:60:2e:6a:04:fa:3a:63:b7:7a:
29:ea:6a:da:38:0a:ee:63:a8:06:d5:99:33:d3:54:75:a6:d2:
66:98:c3:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUZlJUKy/+XpH0rNtK4Dr1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwMjE4MTUwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTlhMWFkODU1NGMxNTNkNTQyMjdmNTM4Yzg3NDIyNDFkMGE0NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCTOQAvyA05gxF4ZaVR6epyUt6Uq
+FR+lGMAaFie/vzXsfO4Fav7q+JUOiYvXpVlDUW5IV3v9kWSF3wfdy8eEKC/91+C
0lcpXuK4HDgBPWxtQMGj6nCDhNf8cbCDzL+ajHvNzUCmLyg2mxJT4rQMCL5qcFsS
dgDJuYsfae1LedFOzkif5Q+rSYqbAOgJacRo3qz/RPzpGRScNwXbDO9TckF8FMBx
xfXtQJq6e1qjJqg7uEv6qD9o4HunSupo91JvXfEWDockZ6rzbXC7Z4e3ClqhF3Rx
uLfl+yWEpKwDAyTDh7aKw1DLVO2l3dT8LQrTZ5od6l5YVewqmrlWFRulawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEGaGthVTBU9VCJ/U4yHQiQdCkZtMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvUVpvYTJGVk1GVDFVSW45VGpJZENKQjBLUm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAR2DAN
BgkqhkiG9w0BAQsFAAOCAQEAZ5bS3wVwQ1H0IiGrYoEDA77oTM1Is3vCSjmlRpF3
6io8ABfK5QiizgXZab0Jh35D3YOwun1HTNYhtj3MQCJTTIpNQqV2//+6WIdNZJ0a
6sXxnWLuucoGiu41dXx0IoQw2IcViN7CRTh3KvQPfoBvTg7dCga6TH4t2EsW0bqW
uP17swWqJfqBGP7POiLa7n5Ckvo0+6LpmVPHJw1VQ0bpeEK08nyRmLFYdlos6jIk
Cbz4odXjsBSTszrvYXCqs3FsvG5XQLuTW2AjDllZbS6Fap/xkGjnHhEMirgh3asa
Xep4YC5qBPo6Y7d6Kepq2jgK7mOoBtWZM9NUdabSZpjDZw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:10:21 2025 by rpki-client