Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/oGavUwYGf9k8hmqppcV6OhAR0l8.roa
File: oGavUwYGf9k8hmqppcV6OhAR0l8.roa (raw, json)
Hash identifier: xxSUypsCBzVEfCKjWpeRgbmsfcja4p6HlyrSFwzu1Eo=
Subject key identifier: A0:66:AF:53:06:06:7F:D9:3C:86:6A:A9:A5:C5:7A:3A:10:11:D2:5F
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 019424B263856C34429A6B6D1276F95E04A5
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/oGavUwYGf9k8hmqppcV6OhAR0l8.roa
Signing time: Thu 02 Jan 2025 01:47:38 +0000
ROA not before: Thu 02 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201086
IP address blocks: 2a0c:f340::/32 maxlen: 32
2a0e:9c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:63:85:6c:34:42:9a:6b:6d:12:76:f9:5e:04:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Jan 2 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a066af5306067fd93c866aa9a5c57a3a1011d25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e1:a0:59:74:d5:af:40:5e:9f:4a:d5:a4:87:
ac:90:0d:fa:11:cc:f5:78:ed:2b:17:1a:01:2c:53:
eb:a0:3f:b2:ae:12:26:1c:ed:9e:83:96:1b:9a:52:
34:33:31:78:56:d1:38:47:0a:2e:cb:b0:05:70:21:
e5:98:e0:a6:35:ad:b6:42:53:20:47:c1:da:cf:37:
51:9b:d1:cf:44:c4:de:84:ce:f6:5a:6c:f3:92:64:
07:2f:c1:a2:4b:03:fa:2b:cc:b5:4c:7a:7c:62:9b:
e7:76:c4:8d:ac:1b:ee:9f:30:0d:3c:10:41:73:16:
94:ea:c4:c3:94:ce:d1:97:17:9f:e0:78:1e:1c:31:
0c:81:fa:93:ed:f5:af:a6:87:fb:a6:26:59:e2:74:
66:fd:9d:42:3f:25:10:b5:cd:2a:08:72:8e:d3:fb:
f0:65:4a:00:54:57:c4:c6:16:e1:7c:f8:02:43:b5:
07:5e:aa:2e:71:4f:9e:23:25:30:e4:a2:89:fc:4f:
34:ff:5d:f7:58:c4:46:3e:8d:df:c8:57:3f:93:3d:
0f:e2:40:1c:d2:e4:8c:51:62:fd:64:e5:c1:d0:f9:
cd:59:13:d0:6a:52:d2:6b:b0:f8:6b:f9:d2:45:06:
0e:1d:41:de:83:5e:8a:08:a5:e7:31:c0:91:67:88:
27:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:66:AF:53:06:06:7F:D9:3C:86:6A:A9:A5:C5:7A:3A:10:11:D2:5F
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/oGavUwYGf9k8hmqppcV6OhAR0l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:f340::/32
2a0e:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
12:26:b8:d3:69:75:53:ac:4c:de:50:c9:cb:c2:54:67:06:ba:
7c:b5:88:a6:8e:17:53:9d:fa:81:90:f1:fa:39:79:ad:b2:38:
67:e8:d8:4e:aa:b1:17:33:2b:75:e1:5e:dd:a6:fa:c2:79:11:
fb:01:73:a8:bd:9a:78:98:1a:f8:0a:2c:4c:81:36:41:d9:f7:
c0:c4:ff:80:4a:12:b9:07:b0:ea:a3:c1:51:f9:fe:c1:9b:3e:
50:20:c4:8c:1c:30:3f:5e:47:0b:f2:78:d5:a5:3b:bd:33:9d:
b2:2d:a9:8c:79:1c:32:6a:be:a0:50:b7:42:b9:ad:69:a2:25:
87:ee:d7:b0:31:71:6b:f1:a3:41:bf:e0:44:c1:be:cb:6c:b9:
b5:1f:33:bf:e6:60:08:90:d6:7e:10:29:27:9e:bb:e6:08:3d:
d5:3d:25:5a:c5:21:95:d8:9a:2c:ae:b8:4c:1c:7f:f4:94:61:
72:7c:4d:5f:ea:9f:d1:28:4e:f2:af:57:c0:e2:3e:41:35:5e:
e0:59:32:4b:b6:00:aa:9a:8c:f8:67:fd:cb:59:a1:45:d8:79:
13:51:c8:0a:45:c4:54:70:cd:45:cb:eb:e9:a7:f4:2c:23:be:
44:62:93:88:d8:0f:d2:02:03:f7:a1:d4:ed:79:05:68:f1:f5:
40:8c:9b:93
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQksmOFbDRCmmttEnb5XgSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjUwMTAyMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDY2YWY1MzA2MDY3ZmQ5M2M4NjZhYTlhNWM1N2EzYTEwMTFkMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+GgWXTVr0Ben0rVpIeskA36Ecz1
eO0rFxoBLFProD+yrhImHO2eg5YbmlI0MzF4VtE4Rwouy7AFcCHlmOCmNa22QlMg
R8HazzdRm9HPRMTehM72WmzzkmQHL8GiSwP6K8y1THp8YpvndsSNrBvunzANPBBB
cxaU6sTDlM7Rlxef4HgeHDEMgfqT7fWvpof7piZZ4nRm/Z1CPyUQtc0qCHKO0/vw
ZUoAVFfExhbhfPgCQ7UHXqoucU+eIyUw5KKJ/E80/133WMRGPo3fyFc/kz0P4kAc
0uSMUWL9ZOXB0PnNWRPQalLSa7D4a/nSRQYOHUHeg16KCKXnMcCRZ4gnRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKBmr1MGBn/ZPIZqqaXFejoQEdJfMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvb0dhdlV3WUdmOWs4aG1xcHBjVjZPaEFSMGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgzzQAMF
AyoOnAAwDQYJKoZIhvcNAQELBQADggEBABImuNNpdVOsTN5QycvCVGcGuny1iKaO
F1Od+oGQ8fo5ea2yOGfo2E6qsRczK3XhXt2m+sJ5EfsBc6i9mniYGvgKLEyBNkHZ
98DE/4BKErkHsOqjwVH5/sGbPlAgxIwcMD9eRwvyeNWlO70znbItqYx5HDJqvqBQ
t0K5rWmiJYfu17AxcWvxo0G/4ETBvstsubUfM7/mYAiQ1n4QKSeeu+YIPdU9JVrF
IZXYmiyuuEwcf/SUYXJ8TV/qn9EoTvKvV8DiPkE1XuBZMku2AKqajPhn/ctZoUXY
eRNRyApFxFRwzUXL6+mn9CwjvkRik4jYD9ICA/eh1O15BWjx9UCMm5M=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:16:44 2025 by rpki-client