Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/4Gjj4vT-vh5URW4bzUkYHjLyuzw.roa
File: 4Gjj4vT-vh5URW4bzUkYHjLyuzw.roa (raw, json)
Hash identifier: HxASWs91CGr7QHEsOom+lf/Gzup/Ba9MJEMnE5zFBkI=
Subject key identifier: E0:68:E3:E2:F4:FE:BE:1E:54:45:6E:1B:CD:49:18:1E:32:F2:BB:3C
Certificate issuer: /CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Certificate serial: 01959E9A572D7B4B74E655B25E66C8ABC23D
Authority key identifier: 42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/4Gjj4vT-vh5URW4bzUkYHjLyuzw.roa
Signing time: Sun 16 Mar 2025 10:57:49 +0000
ROA not before: Sun 16 Mar 2025 10:57:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35277
IP address blocks: 2a10:c940::/32 maxlen: 32
2a10:c940:100::/48 maxlen: 48
2a10:c940:200::/48 maxlen: 48
2a10:c941::/32 maxlen: 32
2a10:c941:100::/48 maxlen: 48
2a10:c941:200::/48 maxlen: 48
2a10:c942::/32 maxlen: 32
2a10:c942:100::/48 maxlen: 48
2a10:c942:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9e:9a:57:2d:7b:4b:74:e6:55:b2:5e:66:c8:ab:c2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Validity
Not Before: Mar 16 10:57:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e068e3e2f4febe1e54456e1bcd49181e32f2bb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b6:61:fc:ae:78:34:ff:da:49:89:50:46:77:
53:26:a0:7d:1b:b3:72:00:51:0c:00:15:53:34:3d:
0e:a1:37:eb:67:db:9e:22:e1:09:87:ce:eb:cb:6b:
a9:e7:2c:de:33:67:6e:e3:57:14:92:32:17:0c:fc:
16:92:03:c4:81:6d:f1:61:af:8e:2c:d1:0d:52:37:
07:9d:5d:8c:a0:d9:41:85:19:53:2b:54:eb:ad:3a:
4b:78:66:7a:63:0e:b8:06:a7:b7:96:76:6e:f3:fe:
87:ba:e2:fe:a6:16:bd:3c:b5:48:e2:14:81:9b:e0:
b8:de:dd:b4:66:6c:06:4b:8b:a5:af:2b:4d:70:c8:
cc:47:06:5c:b0:f5:ef:da:54:1c:54:6b:29:bd:59:
4d:d3:05:a0:23:32:54:15:6f:35:1e:0e:67:0b:0d:
90:9d:97:72:a6:28:a7:2d:51:07:8a:95:8b:b7:a9:
bb:4e:d4:63:fc:1e:04:af:2c:3a:30:36:4a:b2:b2:
a0:20:db:bd:e2:01:80:db:92:3f:44:fc:0b:9f:96:
f3:73:ef:d6:3f:e6:66:ce:88:c8:2a:85:aa:eb:05:
8d:8e:c4:a7:fd:97:2e:bd:68:5d:4a:bc:f4:9f:9a:
78:9d:13:ab:db:c1:6f:32:42:04:aa:53:09:04:9d:
d7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:68:E3:E2:F4:FE:BE:1E:54:45:6E:1B:CD:49:18:1E:32:F2:BB:3C
X509v3 Authority Key Identifier:
keyid:42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/4Gjj4vT-vh5URW4bzUkYHjLyuzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:c940::-2a10:c942:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:36:8b:2c:c9:6f:89:98:53:56:de:47:7d:da:85:40:d8:39:
6f:60:af:d2:ef:8f:13:72:fe:7b:4e:01:ff:ba:45:4a:a8:f7:
e1:e7:ba:db:4e:b5:5e:7e:51:35:c9:4b:d0:62:f2:bf:61:7c:
b2:ab:e3:4f:e2:01:ed:3c:eb:d4:61:ca:63:85:fd:a3:7b:c4:
d3:37:2b:a4:71:84:58:e9:35:2e:76:d8:07:42:ac:b9:3b:ec:
9a:1c:69:51:ab:ce:87:b5:28:5d:8a:c8:49:9f:7a:04:ea:87:
89:86:2c:d7:5c:44:0e:1b:1a:9c:27:2e:65:8d:be:59:a0:7d:
ae:3b:5d:8e:f2:02:7c:e8:ff:dd:15:f4:a3:6f:b5:2b:07:eb:
99:26:a0:db:3b:4f:c8:12:b3:d9:54:3a:cc:36:f5:df:1b:68:
e7:03:23:f0:da:7b:c2:be:00:cf:d2:2c:3b:3d:fd:53:b1:18:
b5:30:b4:c7:8d:f9:6d:2c:17:75:91:63:fb:bd:d2:a9:16:95:
32:80:a2:d5:1e:8f:a5:4a:4c:fc:b9:1d:74:12:01:aa:e0:4d:
40:5e:75:d6:6c:07:85:cc:47:60:fe:fc:dc:9d:14:fc:29:97:
2a:01:1f:75:91:75:9d:92:2e:d9:9a:80:e4:9c:7a:a5:c3:ae:
94:b2:93:fe
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZWemlcte0t05lWyXmbIq8I9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWNiYTU4OTkyMGJlZWJiMTliYzU3MmFlNmQ1MDFiOGNm
NmJiZjAwHhcNMjUwMzE2MTA1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDY4ZTNlMmY0ZmViZTFlNTQ0NTZlMWJjZDQ5MTgxZTMyZjJiYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbZh/K54NP/aSYlQRndTJqB9G7Ny
AFEMABVTND0OoTfrZ9ueIuEJh87ry2up5yzeM2du41cUkjIXDPwWkgPEgW3xYa+O
LNENUjcHnV2MoNlBhRlTK1TrrTpLeGZ6Yw64Bqe3lnZu8/6HuuL+pha9PLVI4hSB
m+C43t20ZmwGS4ulrytNcMjMRwZcsPXv2lQcVGspvVlN0wWgIzJUFW81Hg5nCw2Q
nZdypiinLVEHipWLt6m7TtRj/B4Eryw6MDZKsrKgINu94gGA25I/RPwLn5bzc+/W
P+ZmzojIKoWq6wWNjsSn/ZcuvWhdSrz0n5p4nROr28FvMkIEqlMJBJ3XPQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFOBo4+L0/r4eVEVuG81JGB4y8rs8MB8GA1UdIwQY
MBaAFEIculiZIL7rsZvFcq5tUBuM9rvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQt
ZWMwMGUxYTI3Y2M4LzEvNEdqajR2VC12aDVVUlc0YnpVa1lIakx5dXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQtZWMwMGUxYTI3Y2M4
LzEvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQYqEMlA
AwUAKhDJQjANBgkqhkiG9w0BAQsFAAOCAQEARTaLLMlviZhTVt5HfdqFQNg5b2Cv
0u+PE3L+e04B/7pFSqj34ee62061Xn5RNclL0GLyv2F8sqvjT+IB7Tzr1GHKY4X9
o3vE0zcrpHGEWOk1LnbYB0KsuTvsmhxpUavOh7UoXYrISZ96BOqHiYYs11xEDhsa
nCcuZY2+WaB9rjtdjvICfOj/3RX0o2+1KwfrmSag2ztPyBKz2VQ6zDb13xto5wMj
8Np7wr4Az9IsOz39U7EYtTC0x435bSwXdZFj+73SqRaVMoCi1R6PpUpM/LkddBIB
quBNQF511mwHhcxHYP783J0U/CmXKgEfdZF1nZIu2ZqA5Jx6pcOulLKT/g==
-----END CERTIFICATE-----
Generated at Sat Apr 12 15:14:17 2025 by rpki-client