Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/Tbof-4aZ0VQUdZsgIoMBC5FBick.roa
File: Tbof-4aZ0VQUdZsgIoMBC5FBick.roa (raw, json)
Hash identifier: QIa6RV95cu9pHdFNYbOKsVEQPNGhX431Y5yIZA5T6KM=
Subject key identifier: 4D:BA:1F:FB:86:99:D1:54:14:75:9B:20:22:83:01:0B:91:41:89:C9
Certificate issuer: /CN=375a064f301026bc3cf87666d6a820128212a811
Certificate serial: 019421B1FF5675A58BD72C9165A705EAED50
Authority key identifier: 37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/Tbof-4aZ0VQUdZsgIoMBC5FBick.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35819
IP address blocks: 2a03:2887:ff0d::/48 maxlen: 48
2a03:2887:ff0f::/48 maxlen: 48
2a03:2887:ff10::/48 maxlen: 48
2a03:2887:ff11::/48 maxlen: 48
2a03:2887:ff13::/48 maxlen: 48
2a03:2887:ff15::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ff:56:75:a5:8b:d7:2c:91:65:a7:05:ea:ed:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=375a064f301026bc3cf87666d6a820128212a811
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dba1ffb8699d15414759b202283010b914189c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:49:dd:98:93:74:ef:5e:ea:97:33:84:ac:19:
9b:0a:26:be:46:09:27:13:36:a5:43:e9:2e:28:7b:
2f:23:fe:3b:fd:54:8a:15:b8:a4:ea:c1:f0:67:68:
bd:df:40:9d:f7:03:e1:31:fa:77:f8:8a:39:8a:49:
22:e7:a6:89:3c:d4:b7:90:9e:de:0a:4e:6e:9d:c7:
94:54:e9:b4:32:59:a6:d9:76:39:30:27:95:e5:3d:
30:8b:35:13:40:b7:5e:ac:6d:44:92:fd:b5:62:dd:
bf:54:1b:e6:63:1f:4f:7b:6b:84:50:31:ae:cb:ff:
ac:d5:b2:aa:67:59:ed:cd:4c:e6:37:74:74:87:cd:
69:2d:b8:20:19:f5:aa:bc:13:98:58:71:f8:c0:a6:
fd:2d:4a:18:22:72:f3:b3:14:f6:9d:fd:aa:a7:20:
24:75:de:81:1a:09:22:18:49:f8:b6:b2:17:50:38:
da:f6:1f:6f:46:4f:bb:95:28:9d:bd:28:61:41:77:
47:46:d1:96:dc:7f:cb:9a:52:ef:e0:c8:43:10:3b:
68:cc:c0:87:b5:a4:7a:31:38:87:73:02:be:e1:80:
6e:d3:4b:3f:0d:5f:a5:3c:62:1f:bd:66:17:5a:5e:
94:74:64:e8:4a:aa:bd:17:98:38:47:c9:d3:55:fb:
1c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BA:1F:FB:86:99:D1:54:14:75:9B:20:22:83:01:0B:91:41:89:C9
X509v3 Authority Key Identifier:
keyid:37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/Tbof-4aZ0VQUdZsgIoMBC5FBick.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2887:ff0d::/48
2a03:2887:ff0f::-2a03:2887:ff11:ffff:ffff:ffff:ffff:ffff
2a03:2887:ff13::/48
2a03:2887:ff15::/48
Signature Algorithm: sha256WithRSAEncryption
5e:b0:26:62:c9:be:bd:d5:b2:97:3f:0b:9f:31:50:1f:21:58:
f7:2e:d9:f6:8b:e9:cd:20:5c:55:93:4a:b2:b1:e3:8d:f6:e7:
5d:2e:ad:d0:ac:f7:8b:af:24:ee:3f:09:f9:99:59:e6:13:dc:
4d:cc:4f:7c:aa:cd:a8:23:a9:30:59:d9:89:40:6e:d6:44:b4:
1e:be:83:33:77:32:a7:80:89:65:36:51:d5:2a:5c:e5:c9:08:
4f:80:da:39:a7:83:74:91:d3:2e:93:66:ab:19:0e:21:4b:07:
67:8b:4e:eb:a1:d2:46:f0:7d:7a:16:cc:26:3a:ab:c5:09:89:
c7:1c:50:8a:5c:6c:1c:7b:85:b1:c0:62:74:7a:ef:bb:43:37:
2a:05:c6:5f:fe:2b:a5:73:ae:19:68:4a:39:aa:d7:e6:ed:f3:
d7:91:04:07:45:e5:35:c3:69:a4:a0:e5:b9:d1:f1:eb:96:a6:
0f:53:cf:a5:84:bd:b2:a4:b1:b8:9e:8e:f9:63:67:2e:27:19:
20:40:b6:6c:d6:05:07:00:a9:f8:e1:70:0e:52:a8:5c:14:9f:
44:82:51:fc:eb:09:4b:aa:4d:fd:5b:d6:37:a6:8b:75:9b:7e:
f3:55:6c:15:e8:eb:c1:ae:ef:67:b6:2f:ff:d5:0a:da:1b:a3:
87:bd:7a:a7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQhsf9WdaWL1yyRZacF6u1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NWEwNjRmMzAxMDI2YmMzY2Y4NzY2NmQ2YTgyMDEyODIx
MmE4MTEwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJhMWZmYjg2OTlkMTU0MTQ3NTliMjAyMjgzMDEwYjkxNDE4OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50ndmJN0717qlzOErBmbCia+Rgkn
EzalQ+kuKHsvI/47/VSKFbik6sHwZ2i930Cd9wPhMfp3+Io5ikki56aJPNS3kJ7e
Ck5unceUVOm0Mlmm2XY5MCeV5T0wizUTQLderG1Ekv21Yt2/VBvmYx9Pe2uEUDGu
y/+s1bKqZ1ntzUzmN3R0h81pLbggGfWqvBOYWHH4wKb9LUoYInLzsxT2nf2qpyAk
dd6BGgkiGEn4trIXUDja9h9vRk+7lSidvShhQXdHRtGW3H/LmlLv4MhDEDtozMCH
taR6MTiHcwK+4YBu00s/DV+lPGIfvWYXWl6UdGToSqq9F5g4R8nTVfscQwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFE26H/uGmdFUFHWbICKDAQuRQYnJMB8GA1UdIwQY
MBaAFDdaBk8wECa8PPh2ZtaoIBKCEqgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTkt
ZjQ0YTU3Y2VkNzNkLzEvVGJvZi00YVowVlFVZFpzZ0lvTUJDNUZCaWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTktZjQ0YTU3Y2VkNzNk
LzEvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvAwcAKgMoh/8N
MBIDBwAqAyiH/w8DBwEqAyiH/xADBwAqAyiH/xMDBwAqAyiH/xUwDQYJKoZIhvcN
AQELBQADggEBAF6wJmLJvr3Vspc/C58xUB8hWPcu2faL6c0gXFWTSrKx4432510u
rdCs94uvJO4/CfmZWeYT3E3MT3yqzagjqTBZ2YlAbtZEtB6+gzN3MqeAiWU2UdUq
XOXJCE+A2jmng3SR0y6TZqsZDiFLB2eLTuuh0kbwfXoWzCY6q8UJicccUIpcbBx7
hbHAYnR677tDNyoFxl/+K6VzrhloSjmq1+bt89eRBAdF5TXDaaSg5bnR8euWpg9T
z6WEvbKksbiejvljZy4nGSBAtmzWBQcAqfjhcA5SqFwUn0SCUfzrCUuqTf1b1jem
i3WbfvNVbBXo68Gu72e2L//VCtobo4e9eqc=
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:39:29 2025 by rpki-client