Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/xVpekrjNm2Ym4WMpRSG3_hwYsv4.roa
File: xVpekrjNm2Ym4WMpRSG3_hwYsv4.roa (raw, json)
Hash identifier: sahJiwW9mBR8LlyaT8TmE2NDfFoKYM4WzqhrscZG6Os=
Subject key identifier: C5:5A:5E:92:B8:CD:9B:66:26:E1:63:29:45:21:B7:FE:1C:18:B2:FE
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C5A57BF45AA3D64820CEBDC7FEB70
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/xVpekrjNm2Ym4WMpRSG3_hwYsv4.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39028
IP address blocks: 2a02:2698:8400::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5a:57:bf:45:aa:3d:64:82:0c:eb:dc:7f:eb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c55a5e92b8cd9b6626e163294521b7fe1c18b2fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:f2:cc:00:20:6f:ec:a8:b8:cc:91:6a:1a:
1f:8d:b8:50:1e:86:15:4a:bb:0a:92:fb:b2:6c:67:
a6:52:7a:f7:b9:28:93:29:ff:d4:59:74:a2:03:ab:
81:ad:d1:63:e1:e6:42:6f:eb:0b:2e:9f:99:27:31:
84:28:3e:3c:59:d1:e0:4b:88:eb:08:5f:8c:43:15:
f4:cc:74:96:c8:f4:05:b2:ce:3f:a3:13:88:92:1d:
bd:eb:8b:53:a9:54:40:fa:37:24:b5:31:d7:82:e5:
f1:24:0c:06:62:35:68:a6:0f:3d:3e:cc:74:cb:70:
8f:9e:4c:db:cf:fd:18:79:aa:d6:e9:82:71:49:fe:
80:68:fc:1f:05:d5:cf:e3:08:4a:6e:6b:62:0c:95:
30:48:29:80:3d:39:b9:55:32:f5:bb:b7:35:4d:c2:
3c:34:3d:81:05:0f:95:65:24:03:db:62:5f:4e:b7:
39:00:78:29:18:32:06:9c:f1:c3:77:4f:48:c1:86:
6f:62:fa:87:18:83:bf:64:9c:90:7a:a1:7a:5e:f2:
69:00:41:b8:6d:75:ec:19:35:a3:5a:0e:50:af:49:
a7:18:d1:bd:bb:f7:25:ff:b2:71:e0:d9:0f:a0:bc:
90:0c:f3:04:de:46:ec:62:52:02:4f:9d:3f:79:2b:
0b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5A:5E:92:B8:CD:9B:66:26:E1:63:29:45:21:B7:FE:1C:18:B2:FE
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/xVpekrjNm2Ym4WMpRSG3_hwYsv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8400::/38
Signature Algorithm: sha256WithRSAEncryption
d3:03:70:69:85:19:e9:00:e1:ff:8a:b9:5d:6f:3d:95:c8:b3:
4d:48:e7:21:8c:9b:24:81:f7:67:7b:0f:bc:10:1b:9a:1d:cf:
62:ff:85:cc:3b:12:de:a0:33:46:7a:fe:22:ff:9b:b3:1a:60:
ac:8b:0b:0e:98:31:d6:19:10:72:9f:7d:8f:ad:ce:fb:d6:55:
81:55:73:30:80:1a:c0:66:49:2d:8c:d0:19:88:57:ff:4b:b8:
fb:48:03:4d:8e:97:2e:d2:5a:a6:ed:b3:b9:b6:1d:70:14:4d:
3d:c6:73:19:ff:67:d4:59:e0:31:1a:fb:ff:82:c9:c9:4c:f3:
01:62:79:ea:fc:69:70:b7:34:2d:8e:5f:2e:b9:24:79:4f:81:
aa:b9:5a:ab:c7:8f:7c:c6:23:eb:69:fb:24:58:de:93:6c:63:
10:d2:c7:6b:b0:b0:47:eb:d3:70:8f:60:af:e0:d2:9b:d5:00:
92:3b:9b:66:30:57:8e:38:3c:9c:21:e6:b0:a2:7e:62:17:46:
74:33:ea:bf:71:3e:ce:f9:a1:73:b4:3d:c6:4b:02:f8:82:e4:
6c:b7:2e:78:52:8b:6f:91:1a:28:b2:32:90:2c:78:ba:d9:ea:
98:14:82:1b:58:2a:4c:23:d6:74:5a:c6:50:47:95:f7:60:92:
22:6f:1d:c2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjFpXv0WqPWSCDOvcf+twMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVhNWU5MmI4Y2Q5YjY2MjZlMTYzMjk0NTIxYjdmZTFjMThiMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWnyzAAgb+youMyRahofjbhQHoYV
SrsKkvuybGemUnr3uSiTKf/UWXSiA6uBrdFj4eZCb+sLLp+ZJzGEKD48WdHgS4jr
CF+MQxX0zHSWyPQFss4/oxOIkh2964tTqVRA+jcktTHXguXxJAwGYjVopg89Psx0
y3CPnkzbz/0YearW6YJxSf6AaPwfBdXP4whKbmtiDJUwSCmAPTm5VTL1u7c1TcI8
ND2BBQ+VZSQD22JfTrc5AHgpGDIGnPHDd09IwYZvYvqHGIO/ZJyQeqF6XvJpAEG4
bXXsGTWjWg5Qr0mnGNG9u/cl/7Jx4NkPoLyQDPME3kbsYlICT50/eSsLuwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMVaXpK4zZtmJuFjKUUht/4cGLL+MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEveFZwZWtyak5tMlltNFdNcFJTRzNfaHdZc3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmIQw
DQYJKoZIhvcNAQELBQADggEBANMDcGmFGekA4f+KuV1vPZXIs01I5yGMmySB92d7
D7wQG5odz2L/hcw7Et6gM0Z6/iL/m7MaYKyLCw6YMdYZEHKffY+tzvvWVYFVczCA
GsBmSS2M0BmIV/9LuPtIA02Oly7SWqbts7m2HXAUTT3Gcxn/Z9RZ4DEa+/+CyclM
8wFieer8aXC3NC2OXy65JHlPgaq5WqvHj3zGI+tp+yRY3pNsYxDSx2uwsEfr03CP
YK/g0pvVAJI7m2YwV444PJwh5rCifmIXRnQz6r9xPs75oXO0PcZLAviC5Gy3LnhS
i2+RGiiyMpAseLrZ6pgUghtYKkwj1nRaxlBHlfdgkiJvHcI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:50 2025 by rpki-client