Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/jcQFU7Zk7-0Lbr1GReTX6bLuEPE.roa
File: jcQFU7Zk7-0Lbr1GReTX6bLuEPE.roa (raw, json)
Hash identifier: 6B+Zw0i1FE8WuG3O7mAFWms0Wi1ZgHxcSaTjZME1FJE=
Subject key identifier: 8D:C4:05:53:B6:64:EF:ED:0B:6E:BD:46:45:E4:D7:E9:B2:EE:10:F1
Certificate issuer: /CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Certificate serial: 019427480D3589E584E087C008AC0F8A3AC8
Authority key identifier: 6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/jcQFU7Zk7-0Lbr1GReTX6bLuEPE.roa
Signing time: Thu 02 Jan 2025 13:50:20 +0000
ROA not before: Thu 02 Jan 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a13:b483::/32 maxlen: 48
2a13:b484::/31 maxlen: 48
2a13:b486::/32 maxlen: 48
2a13:b487:1e00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0d:35:89:e5:84:e0:87:c0:08:ac:0f:8a:3a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ca977f854c63dc9f97a18be7b13002121a5d384
Validity
Not Before: Jan 2 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dc40553b664efed0b6ebd4645e4d7e9b2ee10f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:37:3a:c0:be:8a:95:4d:e2:3a:f4:17:cf:bb:
2a:b0:39:b6:69:1d:41:d5:35:b3:fc:8e:89:70:4d:
4d:19:f5:42:98:f5:85:7c:11:5d:0a:b7:38:a6:97:
bc:a2:1d:45:87:98:14:bf:81:84:e1:7c:d7:3e:50:
d6:e7:a5:d5:8b:d1:44:6e:6f:a7:f1:42:64:95:38:
1c:5b:15:f5:44:1f:d3:1b:2d:5c:c0:ef:0f:e0:69:
83:87:fd:53:94:7d:d9:01:69:d3:aa:bf:72:ed:25:
45:58:0f:c6:af:35:9f:b0:f1:07:e5:3c:38:c3:f1:
6b:49:16:db:35:bb:3e:bd:49:75:13:32:7e:fd:2d:
b5:fc:8a:26:9d:e9:54:66:84:77:df:81:bc:26:94:
74:e8:bb:6b:1a:4a:3a:b5:55:d6:24:24:c2:74:c5:
95:77:3f:62:84:1e:75:43:13:4f:9d:ff:f7:85:69:
d5:a8:cc:06:29:f5:5d:22:a5:fe:1f:8b:76:31:59:
82:37:06:fe:d8:31:8f:f2:cb:a4:b6:ba:47:97:5f:
0e:1a:29:59:cc:df:01:8b:99:53:be:a2:65:0e:80:
17:48:fd:0f:28:de:9a:c9:be:cf:c8:ba:6b:22:74:
2c:0a:b8:cd:3f:8a:03:c3:9b:0e:d9:4b:5a:2a:62:
b3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C4:05:53:B6:64:EF:ED:0B:6E:BD:46:45:E4:D7:E9:B2:EE:10:F1
X509v3 Authority Key Identifier:
keyid:6C:A9:77:F8:54:C6:3D:C9:F9:7A:18:BE:7B:13:00:21:21:A5:D3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bKl3-FTGPcn5ehi-exMAISGl04Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/jcQFU7Zk7-0Lbr1GReTX6bLuEPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/09ccb4-2483-4ba7-9634-d6a5950cadf2/1/bKl3-FTGPcn5ehi-exMAISGl04Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b483::-2a13:b486:ffff:ffff:ffff:ffff:ffff:ffff
2a13:b487:1e00::/40
Signature Algorithm: sha256WithRSAEncryption
b4:46:ed:e7:f2:6c:00:08:3e:06:32:4b:bb:76:6e:c0:be:a2:
05:ac:75:25:8c:3e:14:ba:3f:f8:c8:e3:88:bb:ba:47:40:d2:
54:09:d6:63:61:b5:a0:e7:96:d3:0b:d8:63:70:a6:c6:7b:01:
0d:2a:42:0e:1d:73:a9:e9:b8:ec:b6:41:d5:b9:e5:59:77:d6:
57:15:62:d2:64:5f:ef:e0:5f:92:11:1b:94:3e:c3:ad:0c:71:
1e:7b:c2:17:07:30:41:1d:b9:87:91:1b:a6:58:c9:3e:09:8c:
24:ac:c4:d7:7f:f8:6c:3e:36:8a:8f:1f:a3:fd:dd:b1:9f:b2:
3f:8e:f6:04:11:ec:17:ad:c8:e2:62:ee:35:5c:c8:67:34:6b:
18:ad:68:27:ea:81:9a:7e:1b:e9:46:47:c9:94:c1:a3:67:b0:
73:8f:1a:a6:6f:5b:1e:4e:2f:e7:ad:52:ab:ca:d4:11:69:55:
4e:1b:7d:15:c3:65:38:8a:a3:2e:63:96:19:31:16:27:9a:04:
b5:9c:f9:e8:e8:43:d6:9d:b2:78:16:8b:88:2b:04:fc:cb:8a:
6d:91:0f:9d:8c:9e:df:95:08:e7:a2:26:2f:ac:a1:f2:12:a3:
35:53:d0:9e:52:fd:e5:7d:72:de:07:02:27:e0:7f:1a:9e:a8:
43:f4:1f:65
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSA01ieWE4IfACKwPijrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYTk3N2Y4NTRjNjNkYzlmOTdhMThiZTdiMTMwMDIxMjFh
NWQzODQwHhcNMjUwMTAyMTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGM0MDU1M2I2NjRlZmVkMGI2ZWJkNDY0NWU0ZDdlOWIyZWUxMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzc6wL6KlU3iOvQXz7sqsDm2aR1B
1TWz/I6JcE1NGfVCmPWFfBFdCrc4ppe8oh1Fh5gUv4GE4XzXPlDW56XVi9FEbm+n
8UJklTgcWxX1RB/TGy1cwO8P4GmDh/1TlH3ZAWnTqr9y7SVFWA/GrzWfsPEH5Tw4
w/FrSRbbNbs+vUl1EzJ+/S21/IomnelUZoR334G8JpR06LtrGko6tVXWJCTCdMWV
dz9ihB51QxNPnf/3hWnVqMwGKfVdIqX+H4t2MVmCNwb+2DGP8suktrpHl18OGilZ
zN8Bi5lTvqJlDoAXSP0PKN6ayb7PyLprInQsCrjNP4oDw5sO2UtaKmKzXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI3EBVO2ZO/tC269RkXk1+my7hDxMB8GA1UdIwQY
MBaAFGypd/hUxj3J+XoYvnsTACEhpdOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQt
ZDZhNTk1MGNhZGYyLzEvamNRRlU3Wms3LTBMYnIxR1JlVFg2Ykx1RVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wOWNjYjQtMjQ4My00YmE3LTk2MzQtZDZhNTk1MGNhZGYy
LzEvYktsMy1GVEdQY241ZWhpLWV4TUFJU0dsMDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYMA4DBQAqE7SD
AwUAKhO0hgMGACoTtIceMA0GCSqGSIb3DQEBCwUAA4IBAQC0Ru3n8mwACD4GMku7
dm7AvqIFrHUljD4Uuj/4yOOIu7pHQNJUCdZjYbWg55bTC9hjcKbGewENKkIOHXOp
6bjstkHVueVZd9ZXFWLSZF/v4F+SERuUPsOtDHEee8IXBzBBHbmHkRumWMk+CYwk
rMTXf/hsPjaKjx+j/d2xn7I/jvYEEewXrcjiYu41XMhnNGsYrWgn6oGafhvpRkfJ
lMGjZ7Bzjxqmb1seTi/nrVKrytQRaVVOG30Vw2U4iqMuY5YZMRYnmgS1nPno6EPW
nbJ4FouIKwT8y4ptkQ+djJ7flQjnoiYvrKHyEqM1U9CeUv3lfXLeBwIn4H8anqhD
9B9l
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:04:33 2025 by rpki-client