Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/u1VTEMiPk2ELcX0xWc_LWU24E94.roa
File: u1VTEMiPk2ELcX0xWc_LWU24E94.roa (raw, json)
Hash identifier: ET7xQEXPmpEcjmZYbFkLM0v9ZM3aJbp5tqIsaQ1id7o=
Subject key identifier: BB:55:53:10:C8:8F:93:61:0B:71:7D:31:59:CF:CB:59:4D:B8:13:DE
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747F32065572FA924B30F49BAECCA0C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/u1VTEMiPk2ELcX0xWc_LWU24E94.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213029
IP address blocks: 2a0b:b87:ffbc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f3:20:65:57:2f:a9:24:b3:0f:49:ba:ec:ca:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb555310c88f93610b717d3159cfcb594db813de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0a:2c:25:30:54:b8:4c:64:52:37:1a:48:d6:
82:48:e9:b7:be:ec:d7:30:7a:77:46:25:56:3a:77:
52:51:4d:11:70:26:f6:be:d0:b6:10:18:86:8c:d4:
a1:be:a1:f6:4a:57:3b:f1:c8:fb:93:2c:9c:07:43:
95:30:fa:8e:da:e1:dc:bc:07:e5:76:06:2b:d8:5e:
7d:ac:45:08:95:04:33:0e:96:62:43:2f:93:83:ab:
9e:7a:f1:73:d6:7c:01:d1:12:a6:5b:6b:a0:1b:c0:
1a:f7:27:e4:ba:71:f8:a7:77:86:ca:2a:44:fd:3b:
1a:c5:2d:fb:59:09:02:23:2c:af:56:30:6c:d1:c8:
23:c4:44:94:57:2c:3f:23:a1:15:d0:4f:47:49:0e:
90:16:64:45:78:74:c8:8c:52:9d:bd:bc:fe:0b:0e:
71:f9:b8:85:8a:fb:49:fd:17:8a:b0:ce:0d:d6:3e:
1f:f2:26:f7:75:a6:61:e1:c3:1e:f4:2e:1f:be:f9:
a0:3e:fb:b2:61:a5:9f:e6:9b:11:42:db:cd:86:29:
81:1d:ff:64:f0:83:11:d6:92:5c:ad:79:e2:ce:2c:
8d:38:f7:6e:0f:37:8d:bc:ce:4c:4a:bb:ea:b7:f4:
b6:91:b6:c5:9d:db:fc:e9:6e:22:44:da:92:11:2f:
4b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:55:53:10:C8:8F:93:61:0B:71:7D:31:59:CF:CB:59:4D:B8:13:DE
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/u1VTEMiPk2ELcX0xWc_LWU24E94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffbc::/48
Signature Algorithm: sha256WithRSAEncryption
18:68:0c:c3:f5:cc:64:30:4f:31:47:6e:89:aa:97:e7:09:7d:
47:39:46:2d:99:0e:d9:eb:ff:cd:ce:88:f0:59:e0:16:7f:44:
ca:29:5e:19:24:6d:b0:5c:8f:3f:67:12:08:ed:b9:28:e4:dc:
51:da:c9:c4:7a:31:ca:69:31:cb:0e:a2:b1:4d:43:b4:c1:61:
13:38:41:28:b6:1e:eb:a3:83:0b:08:d0:4e:45:af:bd:b5:51:
d7:a5:9c:5b:dc:7f:f9:6d:72:e8:81:f5:f2:7a:bc:8a:d0:0c:
02:4e:26:b1:b2:cd:ca:04:f5:1d:c5:c2:d7:df:dd:f9:52:77:
7a:b4:c1:a0:89:5f:3c:3e:a0:5c:f9:5d:bc:24:c9:10:b2:51:
e9:d5:50:4b:26:b9:54:14:80:da:ab:4f:98:82:9e:4a:44:70:
cc:07:b6:63:ce:64:bf:1a:a5:14:5a:da:f5:3f:e0:47:1d:1b:
b6:df:b0:ab:09:c4:53:c9:46:46:4e:3e:1f:93:f5:31:29:eb:
19:bb:1e:db:ba:92:83:9f:a1:dc:df:3c:1f:b0:fd:e0:27:b0:
a2:24:95:e0:5a:cd:77:53:d9:3c:cc:1e:26:d0:34:35:06:6e:
50:68:a3:56:09:65:e2:a3:da:52:27:5a:4d:24:50:0a:f7:a8:
23:c4:84:92
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR/MgZVcvqSSzD0m67MoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjU1NTMxMGM4OGY5MzYxMGI3MTdkMzE1OWNmY2I1OTRkYjgxM2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQosJTBUuExkUjcaSNaCSOm3vuzX
MHp3RiVWOndSUU0RcCb2vtC2EBiGjNShvqH2Slc78cj7kyycB0OVMPqO2uHcvAfl
dgYr2F59rEUIlQQzDpZiQy+Tg6ueevFz1nwB0RKmW2ugG8Aa9yfkunH4p3eGyipE
/TsaxS37WQkCIyyvVjBs0cgjxESUVyw/I6EV0E9HSQ6QFmRFeHTIjFKdvbz+Cw5x
+biFivtJ/ReKsM4N1j4f8ib3daZh4cMe9C4fvvmgPvuyYaWf5psRQtvNhimBHf9k
8IMR1pJcrXniziyNOPduDzeNvM5MSrvqt/S2kbbFndv86W4iRNqSES9LnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLtVUxDIj5NhC3F9MVnPy1lNuBPeMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdTFWVEVNaVBrMkVMY1gweFdjX0xXVTI0RTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+8
MA0GCSqGSIb3DQEBCwUAA4IBAQAYaAzD9cxkME8xR26JqpfnCX1HOUYtmQ7Z6//N
zojwWeAWf0TKKV4ZJG2wXI8/ZxII7bko5NxR2snEejHKaTHLDqKxTUO0wWETOEEo
th7ro4MLCNBORa+9tVHXpZxb3H/5bXLogfXyeryK0AwCTiaxss3KBPUdxcLX3935
Und6tMGgiV88PqBc+V28JMkQslHp1VBLJrlUFIDaq0+Ygp5KRHDMB7ZjzmS/GqUU
Wtr1P+BHHRu237CrCcRTyUZGTj4fk/UxKesZux7bupKDn6Hc3zwfsP3gJ7CiJJXg
Ws13U9k8zB4m0DQ1Bm5QaKNWCWXio9pSJ1pNJFAK96gjxISS
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:49:37 2025 by rpki-client