Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/uprewwcTXCcmQN0Ey7EpJWORj44.roa
File: uprewwcTXCcmQN0Ey7EpJWORj44.roa (raw, json)
Hash identifier: QV157YO0Y71rObCzvJ0bY8O5Oh3zS2lhjp5uOHkyL5o=
Subject key identifier: BA:9A:DE:C3:07:13:5C:27:26:40:DD:04:CB:B1:29:25:63:91:8F:8E
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C5E003F4023C9F6714E232C9C98A6
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/uprewwcTXCcmQN0Ey7EpJWORj44.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41786
IP address blocks: 2a02:2698:2400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5e:00:3f:40:23:c9:f6:71:4e:23:2c:9c:98:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba9adec307135c272640dd04cbb1292563918f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1d:6a:ed:90:27:f1:e6:a3:04:7b:71:93:2f:
e0:52:e9:1f:77:9a:5b:cc:42:c2:81:d5:c5:0f:b4:
88:7a:f2:ba:d0:91:f9:3a:d9:75:17:00:62:d2:44:
24:62:e8:f8:d1:de:2e:96:9a:bd:8d:63:68:0d:93:
bc:0b:58:bc:ad:17:20:7c:28:81:76:19:5f:07:f4:
ec:58:ab:e8:d3:aa:34:83:19:6e:4d:15:46:fd:71:
6a:ad:bf:8c:2b:53:06:aa:23:a0:0c:27:d5:f1:96:
b3:62:a4:29:1f:68:b7:6c:09:71:76:7e:bc:f1:80:
c6:84:e9:6c:2d:9e:5f:71:42:fc:48:cb:1a:ff:d2:
1b:f3:38:38:df:10:c1:33:f0:5b:59:52:0b:62:ae:
84:3f:fb:8d:84:cb:42:c4:ae:78:76:67:a7:4b:9a:
97:f6:d7:48:26:c5:9d:54:8f:3b:90:dc:f5:ed:b4:
c8:05:07:7a:0f:bb:44:78:3a:83:7b:65:1e:3f:17:
2a:e8:52:83:fb:c6:75:74:d2:a4:83:86:14:a1:73:
3e:ad:99:63:b5:9a:a2:1b:e6:1d:3f:69:29:78:d3:
af:02:9a:c2:fd:19:77:15:6c:41:c7:bc:a6:1c:52:
e7:fe:16:84:cf:cf:65:5a:a4:2d:ca:85:b5:b9:b0:
de:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9A:DE:C3:07:13:5C:27:26:40:DD:04:CB:B1:29:25:63:91:8F:8E
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/uprewwcTXCcmQN0Ey7EpJWORj44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:2400::/38
Signature Algorithm: sha256WithRSAEncryption
80:06:e7:16:39:5a:f1:ec:ed:68:a2:25:42:8c:94:b4:ea:e4:
c2:cc:52:ab:a9:c6:26:a4:31:c8:83:bd:c9:00:b9:b2:82:27:
ae:76:4c:18:d3:64:1a:34:96:eb:fe:63:1f:6e:fe:0f:8d:3e:
c7:c3:82:8a:0f:28:bd:4f:bb:cb:c8:b0:63:19:e3:87:b5:0a:
51:56:18:31:cc:2e:f2:9d:b7:77:3f:45:92:0e:cb:0a:7e:f0:
30:ac:cb:06:95:b8:ab:8a:2a:a9:d9:ce:59:d3:e0:dc:63:7a:
e7:b7:5d:3e:9f:90:2f:2c:1b:a2:a8:b0:70:a3:c7:1a:98:aa:
ae:4d:97:8f:a6:41:d8:b3:e0:b7:87:22:b1:b5:1f:6f:d9:45:
ea:17:1b:58:36:8d:de:8c:98:db:f3:4c:26:bd:3e:ee:9f:39:
b0:8d:65:cb:a0:48:87:e0:1b:03:b8:25:64:78:8e:7d:42:84:
79:29:7f:cc:13:74:54:9e:79:87:70:e7:bd:0a:7f:00:30:d0:
fd:b5:63:58:95:44:45:cc:21:eb:4e:b9:a9:fb:c9:bc:b6:59:
4f:3f:6f:69:cd:d5:8e:65:fd:21:b7:e5:67:ab:f1:4b:fe:b1:
79:8b:89:a7:73:c9:b5:aa:f9:9f:d2:3f:ab:e0:0a:59:ce:c6:
7a:ec:dd:30
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjF4AP0AjyfZxTiMsnJimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTlhZGVjMzA3MTM1YzI3MjY0MGRkMDRjYmIxMjkyNTYzOTE4ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh1q7ZAn8eajBHtxky/gUukfd5pb
zELCgdXFD7SIevK60JH5Otl1FwBi0kQkYuj40d4ulpq9jWNoDZO8C1i8rRcgfCiB
dhlfB/TsWKvo06o0gxluTRVG/XFqrb+MK1MGqiOgDCfV8ZazYqQpH2i3bAlxdn68
8YDGhOlsLZ5fcUL8SMsa/9Ib8zg43xDBM/BbWVILYq6EP/uNhMtCxK54dmenS5qX
9tdIJsWdVI87kNz17bTIBQd6D7tEeDqDe2UePxcq6FKD+8Z1dNKkg4YUoXM+rZlj
tZqiG+YdP2kpeNOvAprC/Rl3FWxBx7ymHFLn/haEz89lWqQtyoW1ubDeZwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLqa3sMHE1wnJkDdBMuxKSVjkY+OMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvdXByZXd3Y1RYQ2NtUU4wRXk3RXBKV09SajQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmCQw
DQYJKoZIhvcNAQELBQADggEBAIAG5xY5WvHs7WiiJUKMlLTq5MLMUqupxiakMciD
vckAubKCJ652TBjTZBo0luv+Yx9u/g+NPsfDgooPKL1Pu8vIsGMZ44e1ClFWGDHM
LvKdt3c/RZIOywp+8DCsywaVuKuKKqnZzlnT4Nxjeue3XT6fkC8sG6KosHCjxxqY
qq5Nl4+mQdiz4LeHIrG1H2/ZReoXG1g2jd6MmNvzTCa9Pu6fObCNZcugSIfgGwO4
JWR4jn1ChHkpf8wTdFSeeYdw570KfwAw0P21Y1iVREXMIetOuan7yby2WU8/b2nN
1Y5l/SG35Wer8Uv+sXmLiadzybWq+Z/SP6vgClnOxnrs3TA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:19 2025 by rpki-client