Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/0WVAn9YvgOWg_yNJalsG8HWMv_4.roa
File: 0WVAn9YvgOWg_yNJalsG8HWMv_4.roa (raw, json)
Hash identifier: o9Uyp3iYPto8Ogeet4RXU658pKPPwu/4VlXDv2Wj41I=
Subject key identifier: D1:65:40:9F:D6:2F:80:E5:A0:FF:23:49:6A:5B:06:F0:75:8C:BF:FE
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C60DFF9878CA6648B014910147CB2
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/0WVAn9YvgOWg_yNJalsG8HWMv_4.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42683
IP address blocks: 2a02:2698:5800::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:60:df:f9:87:8c:a6:64:8b:01:49:10:14:7c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d165409fd62f80e5a0ff23496a5b06f0758cbffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8a:4a:21:f4:94:10:42:3f:08:82:32:5a:ea:
7b:13:5b:b3:58:9d:c9:a3:b8:5e:6e:c4:d2:a0:1e:
92:6f:f4:9e:af:19:f4:ab:b6:e5:01:9a:95:01:95:
be:9b:d1:11:fb:3d:e2:cd:f2:c1:32:3a:5f:b5:fb:
80:c9:ac:03:df:93:e6:b5:f4:26:b2:44:0c:5a:f5:
bb:0f:42:6e:b7:77:07:ae:35:6c:9b:04:cc:2c:d3:
44:0e:1c:c9:0b:34:d5:fe:c5:0c:69:11:0b:40:9c:
cf:11:55:50:55:35:9e:f9:73:cf:f8:f4:53:ec:6b:
d6:04:5e:07:59:d1:5d:b6:02:de:74:4c:e9:81:53:
b9:39:a0:1a:6a:fb:4e:2b:a4:e7:d7:65:cb:d1:ce:
e9:d7:c2:ea:33:0f:83:ae:47:fa:2b:8e:11:05:f6:
c2:e4:14:9f:a0:90:d7:fa:82:b4:07:e4:1f:9a:bb:
64:52:95:e5:6a:1a:73:c6:bc:1e:53:25:ea:fe:94:
22:0a:80:98:48:55:18:fe:89:70:c9:cc:49:ad:00:
a0:b0:d3:92:38:e6:ea:d1:c1:81:b6:1a:68:38:38:
11:de:ff:98:24:98:42:f1:fa:75:db:56:e2:71:a8:
16:d2:e6:2d:ef:5c:eb:8d:9f:fa:f4:49:58:8f:ea:
b5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:65:40:9F:D6:2F:80:E5:A0:FF:23:49:6A:5B:06:F0:75:8C:BF:FE
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/0WVAn9YvgOWg_yNJalsG8HWMv_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5800::/38
Signature Algorithm: sha256WithRSAEncryption
a6:81:09:78:57:41:7d:fe:16:21:a8:7e:20:10:15:8b:9c:55:
5f:db:82:bb:a1:79:24:7a:15:46:c2:4d:18:6b:09:1f:5c:45:
9f:b2:b9:2a:fe:ef:f4:85:db:6f:5e:c8:4d:35:67:2c:eb:a9:
77:57:d4:74:cf:f7:9e:76:0a:fa:30:d3:e3:fb:4d:61:2c:b9:
8b:e7:50:df:63:e2:53:bd:b6:89:b4:fb:8e:9e:0e:d7:3f:f7:
09:3c:eb:07:16:90:bb:17:d6:ed:49:f5:ee:23:1f:8d:db:9d:
25:af:cd:f5:1b:d0:78:2c:90:ef:ff:df:15:23:ca:6f:92:4a:
bf:f2:46:76:a0:ae:6b:32:51:0e:43:a4:83:07:0d:5d:73:87:
c9:ee:3b:20:a0:1f:0c:9d:05:55:2b:8a:c2:0a:42:0c:6c:d9:
b9:09:20:77:16:69:3b:1b:0a:74:24:43:83:1b:80:e3:60:29:
02:17:e1:c5:6e:79:28:0c:65:22:0a:9a:81:ba:b4:78:a0:b8:
d8:90:3c:9e:61:b6:ae:e2:87:02:2d:93:37:7c:91:b8:47:3c:
ba:04:77:12:07:1b:5f:b0:8e:7e:c2:8a:43:ca:0d:3b:cd:ac:
97:42:39:c0:84:a3:42:f1:fb:17:7f:62:d5:38:f2:ab:4b:85:
8b:fb:b3:fb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjGDf+YeMpmSLAUkQFHyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTY1NDA5ZmQ2MmY4MGU1YTBmZjIzNDk2YTViMDZmMDc1OGNiZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwopKIfSUEEI/CIIyWup7E1uzWJ3J
o7hebsTSoB6Sb/Serxn0q7blAZqVAZW+m9ER+z3izfLBMjpftfuAyawD35PmtfQm
skQMWvW7D0Jut3cHrjVsmwTMLNNEDhzJCzTV/sUMaRELQJzPEVVQVTWe+XPP+PRT
7GvWBF4HWdFdtgLedEzpgVO5OaAaavtOK6Tn12XL0c7p18LqMw+Drkf6K44RBfbC
5BSfoJDX+oK0B+QfmrtkUpXlahpzxrweUyXq/pQiCoCYSFUY/olwycxJrQCgsNOS
OObq0cGBthpoODgR3v+YJJhC8fp121bicagW0uYt71zrjZ/69ElYj+q1+wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNFlQJ/WL4DloP8jSWpbBvB1jL/+MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvMFdWQW45WXZnT1dnX3lOSmFsc0c4SFdNdl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmFgw
DQYJKoZIhvcNAQELBQADggEBAKaBCXhXQX3+FiGofiAQFYucVV/bgruheSR6FUbC
TRhrCR9cRZ+yuSr+7/SF229eyE01ZyzrqXdX1HTP9552Cvow0+P7TWEsuYvnUN9j
4lO9tom0+46eDtc/9wk86wcWkLsX1u1J9e4jH43bnSWvzfUb0HgskO//3xUjym+S
Sr/yRnagrmsyUQ5DpIMHDV1zh8nuOyCgHwydBVUrisIKQgxs2bkJIHcWaTsbCnQk
Q4MbgONgKQIX4cVueSgMZSIKmoG6tHiguNiQPJ5htq7ihwItkzd8kbhHPLoEdxIH
G1+wjn7CikPKDTvNrJdCOcCEo0Lx+xd/YtU48qtLhYv7s/s=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:22 2025 by rpki-client