Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/A3kgD4Yh6ZMjOUE4gcsu8drzx2M.roa
File: A3kgD4Yh6ZMjOUE4gcsu8drzx2M.roa (raw, json)
Hash identifier: rSbRVMQTbgAlKJRB8d21HopmvnA8JdFqIMhpnSws1rA=
Subject key identifier: 03:79:20:0F:86:21:E9:93:23:39:41:38:81:CB:2E:F1:DA:F3:C7:63
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C64B243D6CACFF816B0AB8D860677
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/A3kgD4Yh6ZMjOUE4gcsu8drzx2M.roa
Signing time: Wed 01 Jan 2025 01:48:02 +0000
ROA not before: Wed 01 Jan 2025 01:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50512
IP address blocks: 2a02:2698:400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:64:b2:43:d6:ca:cf:f8:16:b0:ab:8d:86:06:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0379200f8621e9932339413881cb2ef1daf3c763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:50:1a:8a:9a:df:6c:cf:a1:16:dc:a2:42:
75:f4:1b:f8:72:23:02:64:2e:51:2d:6a:52:14:30:
8b:46:64:ab:8b:bc:47:85:46:aa:4f:2e:bc:14:05:
94:03:10:ac:78:0c:80:57:61:ea:81:29:54:12:b1:
6e:6d:66:9e:85:91:ce:6a:48:6e:ae:1b:38:dc:67:
b6:33:c2:81:38:ab:4e:f7:ab:9f:5b:3f:32:9d:de:
36:b7:4b:10:96:a6:0d:46:ae:43:47:b6:65:1c:a9:
05:75:29:ab:93:8d:c2:9e:a0:c9:36:a0:4c:06:e6:
fa:55:79:02:43:06:ac:ba:3d:1d:55:7e:79:61:2f:
43:09:95:8b:91:8e:08:bf:a7:18:9a:ea:ad:1f:b5:
6e:6b:8f:6c:eb:22:28:74:5c:15:0b:42:3a:e2:f8:
eb:c2:ac:17:00:73:f3:02:76:f5:2d:3a:40:fe:12:
df:a3:a6:c6:a4:6e:39:ba:f5:5d:50:cb:aa:a0:02:
e4:b7:46:23:2e:2a:8d:c4:3c:1b:ab:41:9f:ce:ff:
25:f4:2d:c6:9b:4d:a9:94:f7:97:a8:26:bb:6b:b2:
1c:4d:06:47:9d:f3:b9:55:01:4d:54:9f:d6:eb:20:
ef:dc:a2:38:ee:e7:c2:65:87:49:48:22:fc:43:e2:
f8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:79:20:0F:86:21:E9:93:23:39:41:38:81:CB:2E:F1:DA:F3:C7:63
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/A3kgD4Yh6ZMjOUE4gcsu8drzx2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:400::/38
Signature Algorithm: sha256WithRSAEncryption
6d:ed:ef:8c:7b:51:ca:ac:93:68:17:9c:6f:93:f2:fa:f4:08:
81:96:42:49:78:a1:f3:63:3d:aa:07:de:7d:bc:cb:1d:0b:d1:
ca:77:e0:ca:cf:7f:e3:a0:35:6f:9e:bf:49:d1:85:5b:05:99:
77:6c:ca:6d:3b:6c:b5:eb:80:8c:9c:1d:cc:d4:28:5b:b6:93:
b4:bf:67:aa:15:c1:b4:90:fe:7c:c2:09:48:94:5d:90:03:8e:
23:ea:f9:04:32:af:a0:03:87:fc:64:f7:e5:12:1c:70:59:5b:
dc:01:29:d1:7b:0b:85:06:a2:8e:b3:46:3e:29:88:1b:33:6c:
61:fc:1e:47:dc:02:5f:a7:f7:23:34:75:d3:87:a5:73:48:41:
20:58:e3:67:eb:97:1c:82:ae:83:33:f3:20:64:76:51:6a:52:
8d:ec:7d:13:eb:93:5d:d4:71:dc:d7:b1:19:c7:f0:8e:9a:0c:
0c:68:13:67:b9:7b:97:3c:87:c4:ed:0d:e6:5e:e9:86:d3:da:
b8:24:1c:a8:e9:2b:fc:8b:88:0a:c9:2c:7e:f3:1a:5c:3b:62:
eb:59:01:b1:ab:ba:92:43:1d:c0:4d:2d:d1:ca:2a:0f:f0:35:
a0:1e:4d:2a:2b:6d:1c:e6:68:64:bc:50:08:27:32:10:d0:48:
f9:a5:e4:01
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjGSyQ9bKz/gWsKuNhgZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzc5MjAwZjg2MjFlOTkzMjMzOTQxMzg4MWNiMmVmMWRhZjNjNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+ZQGoqa32zPoRbcokJ19Bv4ciMC
ZC5RLWpSFDCLRmSri7xHhUaqTy68FAWUAxCseAyAV2HqgSlUErFubWaehZHOakhu
rhs43Ge2M8KBOKtO96ufWz8ynd42t0sQlqYNRq5DR7ZlHKkFdSmrk43CnqDJNqBM
Bub6VXkCQwasuj0dVX55YS9DCZWLkY4Iv6cYmuqtH7Vua49s6yIodFwVC0I64vjr
wqwXAHPzAnb1LTpA/hLfo6bGpG45uvVdUMuqoALkt0YjLiqNxDwbq0Gfzv8l9C3G
m02plPeXqCa7a7IcTQZHnfO5VQFNVJ/W6yDv3KI47ufCZYdJSCL8Q+L45QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAN5IA+GIemTIzlBOIHLLvHa88djMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvQTNrZ0Q0WWg2Wk1qT1VFNGdjc3U4ZHJ6eDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAQw
DQYJKoZIhvcNAQELBQADggEBAG3t74x7Ucqsk2gXnG+T8vr0CIGWQkl4ofNjPaoH
3n28yx0L0cp34MrPf+OgNW+ev0nRhVsFmXdsym07bLXrgIycHczUKFu2k7S/Z6oV
wbSQ/nzCCUiUXZADjiPq+QQyr6ADh/xk9+USHHBZW9wBKdF7C4UGoo6zRj4piBsz
bGH8HkfcAl+n9yM0ddOHpXNIQSBY42frlxyCroMz8yBkdlFqUo3sfRPrk13UcdzX
sRnH8I6aDAxoE2e5e5c8h8TtDeZe6YbT2rgkHKjpK/yLiArJLH7zGlw7YutZAbGr
upJDHcBNLdHKKg/wNaAeTSorbRzmaGS8UAgnMhDQSPml5AE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:59 2025 by rpki-client