Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/DUyUlX3xTZHlVnLSKpECvt4NkYU.roa
File: DUyUlX3xTZHlVnLSKpECvt4NkYU.roa (raw, json)
Hash identifier: ZP6huwEf1pdyFLtyz+3lIcMnm1rz3bsZAcR3RQdU+KU=
Subject key identifier: 0D:4C:94:95:7D:F1:4D:91:E5:56:72:D2:2A:91:02:BE:DE:0D:91:85
Certificate issuer: /CN=41e383c5807e9b32f576d0a5b8ee7744cacfb717
Certificate serial: 019427B5AAB4CC53F6D80F23972840D5A08F
Authority key identifier: 41:E3:83:C5:80:7E:9B:32:F5:76:D0:A5:B8:EE:77:44:CA:CF:B7:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QeODxYB-mzL1dtCluO53RMrPtxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/DUyUlX3xTZHlVnLSKpECvt4NkYU.roa
Signing time: Thu 02 Jan 2025 15:50:04 +0000
ROA not before: Thu 02 Jan 2025 15:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:9080::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/QeODxYB-mzL1dtCluO53RMrPtxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/QeODxYB-mzL1dtCluO53RMrPtxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QeODxYB-mzL1dtCluO53RMrPtxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:aa:b4:cc:53:f6:d8:0f:23:97:28:40:d5:a0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41e383c5807e9b32f576d0a5b8ee7744cacfb717
Validity
Not Before: Jan 2 15:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d4c94957df14d91e55672d22a9102bede0d9185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e0:5c:96:24:63:a6:68:17:06:01:81:60:fc:
32:68:4e:fd:68:a3:b3:21:b5:7c:b7:6e:d3:95:69:
e7:54:91:53:af:73:93:4d:32:7d:25:66:bc:47:cd:
3c:a4:69:9c:04:b1:c7:03:c7:b9:ac:3d:f0:17:09:
17:a8:49:54:61:c2:e4:ba:38:ce:18:93:77:d6:8d:
cc:3d:83:37:ad:b1:2b:a5:74:7d:eb:30:d4:f1:bb:
90:c2:90:fe:ad:d0:3e:2d:a7:0a:2b:9e:32:7d:1f:
cb:13:4c:e5:f3:89:36:b7:98:c0:88:f2:e7:1e:04:
17:00:06:57:0f:61:57:11:9f:0b:21:9b:d3:e2:03:
0d:04:7a:a6:a8:25:5f:00:1d:27:13:17:8f:53:25:
27:14:e1:d7:1d:af:92:ed:21:b5:2b:5e:a6:96:22:
35:b1:7d:31:f9:5e:2b:78:3e:18:44:00:33:d9:fe:
f9:57:3b:0e:ba:b2:c3:46:fd:66:86:4b:df:c3:c1:
36:39:1c:c9:f2:a4:9f:85:3e:19:71:75:0d:66:4c:
4a:4f:89:e5:4c:85:66:04:e2:39:0b:21:d7:53:18:
b9:38:cc:30:d9:80:95:20:3b:49:5d:04:0c:59:53:
16:cc:e5:9c:d1:16:85:58:90:9b:cb:e4:91:d5:e7:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4C:94:95:7D:F1:4D:91:E5:56:72:D2:2A:91:02:BE:DE:0D:91:85
X509v3 Authority Key Identifier:
keyid:41:E3:83:C5:80:7E:9B:32:F5:76:D0:A5:B8:EE:77:44:CA:CF:B7:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QeODxYB-mzL1dtCluO53RMrPtxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/DUyUlX3xTZHlVnLSKpECvt4NkYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/aea465-ba45-49ac-9c68-7b41fabc6f67/1/QeODxYB-mzL1dtCluO53RMrPtxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9080::/29
Signature Algorithm: sha256WithRSAEncryption
bf:8e:25:41:a2:6c:0a:31:54:e3:c0:f3:d3:3d:f2:f7:4a:15:
12:48:89:97:f4:36:01:1f:db:09:e0:a6:fa:3f:fd:6a:69:25:
f6:74:cb:d8:f0:9e:1e:7d:7e:7d:d0:e9:c1:70:c6:c0:07:81:
e6:4c:6b:ef:bb:f5:91:1c:ff:70:2e:69:16:9d:b8:0e:9a:cc:
0a:dc:09:be:4e:73:23:47:90:96:b7:c5:8b:e0:2a:50:c3:c7:
3f:13:0d:55:c0:3f:aa:4d:ab:72:ca:18:da:7a:d7:86:a9:0f:
9c:4f:76:2a:c6:e5:dc:92:44:21:76:26:9e:67:b3:ff:c0:ca:
c3:47:b0:d2:2a:1b:9f:51:cc:aa:a6:3c:d8:05:1d:d9:e9:e8:
e5:1f:1a:86:89:0f:85:b4:da:62:81:cb:73:4e:2c:6b:81:7a:
17:82:6d:88:9d:eb:b6:84:75:a9:82:cd:4a:7f:97:56:91:e2:
c2:7e:bd:2e:54:05:07:75:94:c3:2a:b2:2a:7b:d4:6d:9b:cf:
6b:2f:61:78:a4:81:7c:81:c3:92:37:b6:31:fd:cb:b4:01:0c:
ce:64:e8:30:3f:78:d3:fe:9f:e1:60:bd:4c:e3:c9:d8:43:ac:
01:d8:da:55:60:4e:47:77:a2:5a:c8:11:10:5d:05:43:3c:2f:
33:e4:8b:9e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntaq0zFP22A8jlyhA1aCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZTM4M2M1ODA3ZTliMzJmNTc2ZDBhNWI4ZWU3NzQ0Y2Fj
ZmI3MTcwHhcNMjUwMTAyMTU1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRjOTQ5NTdkZjE0ZDkxZTU1NjcyZDIyYTkxMDJiZWRlMGQ5MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteBcliRjpmgXBgGBYPwyaE79aKOz
IbV8t27TlWnnVJFTr3OTTTJ9JWa8R808pGmcBLHHA8e5rD3wFwkXqElUYcLkujjO
GJN31o3MPYM3rbErpXR96zDU8buQwpD+rdA+LacKK54yfR/LE0zl84k2t5jAiPLn
HgQXAAZXD2FXEZ8LIZvT4gMNBHqmqCVfAB0nExePUyUnFOHXHa+S7SG1K16mliI1
sX0x+V4reD4YRAAz2f75VzsOurLDRv1mhkvfw8E2ORzJ8qSfhT4ZcXUNZkxKT4nl
TIVmBOI5CyHXUxi5OMww2YCVIDtJXQQMWVMWzOWc0RaFWJCby+SR1eekZQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA1MlJV98U2R5VZy0iqRAr7eDZGFMB8GA1UdIwQY
MBaAFEHjg8WAfpsy9XbQpbjud0TKz7cXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWVPRHhZQi1tekwxZHRDbHVPNTNSTXJQdHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9hZWE0NjUtYmE0NS00OWFjLTljNjgt
N2I0MWZhYmM2ZjY3LzEvRFV5VWxYM3hUWkhsVm5MU0twRUN2dDROa1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9hZWE0NjUtYmE0NS00OWFjLTljNjgtN2I0MWZhYmM2ZjY3
LzEvUWVPRHhZQi1tekwxZHRDbHVPNTNSTXJQdHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgaQgDAN
BgkqhkiG9w0BAQsFAAOCAQEAv44lQaJsCjFU48Dz0z3y90oVEkiJl/Q2AR/bCeCm
+j/9amkl9nTL2PCeHn1+fdDpwXDGwAeB5kxr77v1kRz/cC5pFp24DprMCtwJvk5z
I0eQlrfFi+AqUMPHPxMNVcA/qk2rcsoY2nrXhqkPnE92Ksbl3JJEIXYmnmez/8DK
w0ew0iobn1HMqqY82AUd2eno5R8ahokPhbTaYoHLc04sa4F6F4JtiJ3rtoR1qYLN
Sn+XVpHiwn69LlQFB3WUwyqyKnvUbZvPay9heKSBfIHDkje2Mf3LtAEMzmToMD94
0/6f4WC9TOPJ2EOsAdjaVWBOR3eiWsgREF0FQzwvM+SLng==
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:00:35 2025 by rpki-client