Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/OO8l-5f2KIASeQaCCtzj9OodMu8.roa
File: OO8l-5f2KIASeQaCCtzj9OodMu8.roa (raw, json)
Hash identifier: 4WUwhvm+xR9jyg+ZUAOpnMkPPHdoXhkYYKLfdNvRCmY=
Subject key identifier: 38:EF:25:FB:97:F6:28:80:12:79:06:82:0A:DC:E3:F4:EA:1D:32:EF
Certificate issuer: /CN=ab9b9d6e6ac282e8c10000cc3dbc4adf3fe01fe2
Certificate serial: 019424B2CB1ACB6B6783B41316A8FCF96FC9
Authority key identifier: AB:9B:9D:6E:6A:C2:82:E8:C1:00:00:CC:3D:BC:4A:DF:3F:E0:1F:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5udbmrCgujBAADMPbxK3z_gH-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/OO8l-5f2KIASeQaCCtzj9OodMu8.roa
Signing time: Thu 02 Jan 2025 01:48:04 +0000
ROA not before: Thu 02 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207278
IP address blocks: 2001:678:cd0::/48 maxlen: 49
2001:678:cd4::/48 maxlen: 49
2001:678:cd8::/48 maxlen: 49
2001:67c:15c0::/48 maxlen: 49
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/q5udbmrCgujBAADMPbxK3z_gH-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/q5udbmrCgujBAADMPbxK3z_gH-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5udbmrCgujBAADMPbxK3z_gH-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:cb:1a:cb:6b:67:83:b4:13:16:a8:fc:f9:6f:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9b9d6e6ac282e8c10000cc3dbc4adf3fe01fe2
Validity
Not Before: Jan 2 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38ef25fb97f62880127906820adce3f4ea1d32ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ed:e5:18:2d:d1:aa:e2:f3:88:e0:61:b4:2f:
f9:3b:13:8d:4d:fe:6b:03:9c:18:e5:72:0d:02:cf:
52:b9:bd:bf:aa:ad:7a:1e:2a:9e:38:47:87:96:eb:
38:bc:2e:fc:36:e0:dc:99:d3:71:ad:1d:7f:f9:7a:
0b:c4:89:50:da:f7:99:f5:bc:e8:11:70:c8:b7:b6:
7c:69:1c:f8:ef:0d:f4:3e:44:ab:31:33:b4:72:06:
d9:41:f8:34:13:b7:5f:5c:53:06:a8:b2:7d:b9:47:
65:1d:98:be:fc:b3:72:1b:28:6c:53:71:d1:4f:65:
eb:ba:7b:20:14:7d:5f:44:ce:6f:c9:17:ca:76:d8:
20:6f:5e:39:5b:69:2c:c4:b5:31:bf:6c:01:a9:a6:
db:f0:42:c8:81:39:8a:2f:54:49:23:a9:09:c9:a6:
a1:1f:d4:9c:27:67:8a:66:97:87:8b:fb:2b:7d:fa:
1b:51:ff:7e:49:4a:34:bb:e3:72:24:1c:ae:04:41:
36:f7:62:15:52:d9:04:b7:b4:b8:77:ed:b5:48:47:
8f:27:24:5a:d0:18:3b:a9:f3:28:d2:cf:14:88:f0:
bc:2b:55:64:db:11:dc:54:b8:fa:71:0d:78:02:e2:
a6:90:fb:f0:4e:7f:85:85:e6:e8:25:be:7f:5c:5d:
a2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EF:25:FB:97:F6:28:80:12:79:06:82:0A:DC:E3:F4:EA:1D:32:EF
X509v3 Authority Key Identifier:
keyid:AB:9B:9D:6E:6A:C2:82:E8:C1:00:00:CC:3D:BC:4A:DF:3F:E0:1F:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5udbmrCgujBAADMPbxK3z_gH-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/OO8l-5f2KIASeQaCCtzj9OodMu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/87f491-95c9-4f41-b48e-1cec1a0ee98b/1/q5udbmrCgujBAADMPbxK3z_gH-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:cd0::/48
2001:678:cd4::/48
2001:678:cd8::/48
2001:67c:15c0::/48
Signature Algorithm: sha256WithRSAEncryption
07:c9:3b:10:99:a4:08:a1:a5:80:97:49:e0:fa:c1:59:77:ff:
c3:1c:c1:5c:22:f0:f7:ed:3f:c2:69:20:88:07:78:5a:c7:55:
e8:da:58:11:f1:18:bc:b9:ba:79:aa:eb:4d:88:af:92:e8:6c:
e1:3e:fe:e7:24:82:0e:25:f5:83:72:f1:21:91:4a:e8:fe:a9:
0f:94:dc:f8:b2:ab:e0:4b:9e:cd:a8:9a:f6:3a:bb:27:33:a0:
24:99:48:53:62:7f:6e:5d:0d:7c:19:73:e1:d5:7e:d7:36:81:
74:9f:2a:57:32:43:1c:fc:91:24:8a:e7:e4:92:0e:cc:8e:0a:
27:79:50:57:8e:15:4a:28:72:aa:f5:a9:87:97:32:23:12:00:
c5:b3:1d:fa:a7:15:af:69:9a:dd:a2:b9:6f:85:0e:0b:07:6a:
b1:1b:82:d1:c0:90:44:7e:42:ac:dd:ca:6e:00:b6:82:65:2a:
0e:f7:e9:14:16:be:5b:f8:78:e9:97:2c:ef:6c:d7:5d:55:57:
66:b7:b3:0a:bf:23:61:4c:43:3b:09:c7:ce:98:41:02:a1:9d:
bf:f6:67:0f:56:80:1b:84:5c:b9:86:c2:45:5e:46:d9:88:c3:
a8:57:66:7e:35:84:af:17:42:d5:f9:3a:00:e2:a1:72:62:db:
bc:2e:a2:6e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQksssay2tng7QTFqj8+W/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWI5ZDZlNmFjMjgyZThjMTAwMDBjYzNkYmM0YWRmM2Zl
MDFmZTIwHhcNMjUwMTAyMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGVmMjVmYjk3ZjYyODgwMTI3OTA2ODIwYWRjZTNmNGVhMWQzMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu3lGC3RquLziOBhtC/5OxONTf5r
A5wY5XINAs9Sub2/qq16HiqeOEeHlus4vC78NuDcmdNxrR1/+XoLxIlQ2veZ9bzo
EXDIt7Z8aRz47w30PkSrMTO0cgbZQfg0E7dfXFMGqLJ9uUdlHZi+/LNyGyhsU3HR
T2XrunsgFH1fRM5vyRfKdtggb145W2ksxLUxv2wBqabb8ELIgTmKL1RJI6kJyaah
H9ScJ2eKZpeHi/srffobUf9+SUo0u+NyJByuBEE292IVUtkEt7S4d+21SEePJyRa
0Bg7qfMo0s8UiPC8K1Vk2xHcVLj6cQ14AuKmkPvwTn+FheboJb5/XF2iWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDjvJfuX9iiAEnkGggrc4/TqHTLvMB8GA1UdIwQY
MBaAFKubnW5qwoLowQAAzD28St8/4B/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTV1ZGJtckNndWpCQUFETVBieEszel9nSC1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS84N2Y0OTEtOTVjOS00ZjQxLWI0OGUt
MWNlYzFhMGVlOThiLzEvT084bC01ZjJLSUFTZVFhQ0N0emo5T29kTXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS84N2Y0OTEtOTVjOS00ZjQxLWI0OGUtMWNlYzFhMGVlOThi
LzEvcTV1ZGJtckNndWpCQUFETVBieEszel9nSC1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAzQ
AwcAIAEGeAzUAwcAIAEGeAzYAwcAIAEGfBXAMA0GCSqGSIb3DQEBCwUAA4IBAQAH
yTsQmaQIoaWAl0ng+sFZd//DHMFcIvD37T/CaSCIB3hax1Xo2lgR8Ri8ubp5qutN
iK+S6GzhPv7nJIIOJfWDcvEhkUro/qkPlNz4sqvgS57NqJr2OrsnM6AkmUhTYn9u
XQ18GXPh1X7XNoF0nypXMkMc/JEkiufkkg7MjgoneVBXjhVKKHKq9amHlzIjEgDF
sx36pxWvaZrdorlvhQ4LB2qxG4LRwJBEfkKs3cpuALaCZSoO9+kUFr5b+Hjplyzv
bNddVVdmt7MKvyNhTEM7CcfOmEECoZ2/9mcPVoAbhFy5hsJFXkbZiMOoV2Z+NYSv
F0LV+ToA4qFyYtu8LqJu
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:37:16 2025 by rpki-client