Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/kV9BaaJp3bhAo4tQDSQdD_KGKA8.roa
File: kV9BaaJp3bhAo4tQDSQdD_KGKA8.roa (raw, json)
Hash identifier: f3JiebE8gczSZgpVGp2jkCNZn7S8iorDwX6Di/s1kP8=
Subject key identifier: 91:5F:41:69:A2:69:DD:B8:40:A3:8B:50:0D:24:1D:0F:F2:86:28:0F
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 0194266C29F549DF05595214932D4E2F61A7
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/kV9BaaJp3bhAo4tQDSQdD_KGKA8.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60767
IP address blocks: 2a0d:2d46:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 07:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:29:f5:49:df:05:59:52:14:93:2d:4e:2f:61:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=915f4169a269ddb840a38b500d241d0ff286280f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b4:3c:a6:35:6f:bf:c0:c9:b2:68:ac:39:69:
1d:0f:24:86:24:0e:32:1b:9e:f3:a1:e7:73:c4:bf:
78:ca:42:cf:c4:94:80:f5:5c:38:72:3d:e9:eb:01:
43:68:2b:c9:fc:00:b0:cd:6e:8e:37:a5:3a:fc:59:
9f:bd:66:66:53:36:5a:91:34:58:0c:c9:76:a0:b7:
47:06:27:db:b4:1d:b4:e9:92:23:3f:6a:6e:5c:12:
8b:44:f0:a0:e0:b1:4b:d6:01:d3:ad:42:aa:7a:25:
9d:29:97:17:70:52:a9:34:0d:18:1a:75:4d:01:8e:
24:7f:ca:70:d7:5e:a0:27:6a:6c:1f:ff:7a:69:48:
16:96:9f:d9:08:15:1c:2d:6f:89:df:44:25:09:2c:
4a:2f:6d:c3:89:c0:4e:2d:09:57:13:09:2c:8b:6a:
b2:6f:1e:65:76:6b:41:11:cf:db:e3:ed:3f:f3:28:
89:b3:14:e6:58:99:84:c8:a4:da:0d:5b:7e:5c:ab:
fd:60:b3:4e:0a:7b:52:0f:f7:bd:5e:39:e8:d9:24:
19:e8:e5:df:dc:2d:19:88:99:6a:f8:3c:6c:db:0e:
21:73:63:93:df:db:73:c6:53:20:71:c5:b2:0a:bc:
a5:03:73:d2:41:37:c4:2e:ca:fd:df:76:98:61:53:
98:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5F:41:69:A2:69:DD:B8:40:A3:8B:50:0D:24:1D:0F:F2:86:28:0F
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/kV9BaaJp3bhAo4tQDSQdD_KGKA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2d46:18::/48
Signature Algorithm: sha256WithRSAEncryption
dc:4a:23:6c:ea:bf:d6:1b:01:be:b1:8a:14:74:c7:68:c1:4c:
7d:1a:3f:64:84:6e:a0:a7:4e:5e:07:7d:21:75:e7:c7:1c:b3:
60:fd:54:da:21:7e:63:82:d4:9b:01:ab:63:29:3f:a9:c2:34:
2b:07:31:11:be:6d:a6:6f:91:b1:ae:33:bb:07:2d:95:74:27:
fd:ed:a2:2f:91:3e:63:2d:64:f0:24:de:a1:61:bc:15:a0:54:
4e:37:94:1b:51:79:15:78:9e:2e:f2:ed:f3:3d:c7:7c:8a:8c:
ab:56:24:a3:6e:29:3a:24:37:52:41:6c:65:55:fe:1f:68:9d:
84:61:60:50:42:c1:50:86:5a:6b:26:1f:12:4a:ee:2b:3e:76:
00:f0:3d:18:4c:77:ac:50:a7:ed:80:8b:8f:67:16:a0:fc:63:
37:3f:f8:c9:83:df:3b:e4:21:a0:63:95:51:f4:f1:07:8f:13:
57:9e:37:60:91:41:27:de:0a:c6:a8:27:9d:17:07:4a:b4:ee:
43:3c:5e:39:3f:11:4b:52:94:da:7f:fd:40:f1:f1:e6:ee:6c:
b8:95:63:e5:4c:16:aa:90:5e:98:f0:6c:7b:8f:ae:33:c1:de:
15:1b:3b:08:20:0c:3b:f3:a2:01:2b:b9:1a:2d:c6:f6:5b:ed:
74:e8:1d:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQmbCn1Sd8FWVIUky1OL2GnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTVmNDE2OWEyNjlkZGI4NDBhMzhiNTAwZDI0MWQwZmYyODYyODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrQ8pjVvv8DJsmisOWkdDySGJA4y
G57zoedzxL94ykLPxJSA9Vw4cj3p6wFDaCvJ/ACwzW6ON6U6/FmfvWZmUzZakTRY
DMl2oLdHBifbtB206ZIjP2puXBKLRPCg4LFL1gHTrUKqeiWdKZcXcFKpNA0YGnVN
AY4kf8pw116gJ2psH/96aUgWlp/ZCBUcLW+J30QlCSxKL23DicBOLQlXEwksi2qy
bx5ldmtBEc/b4+0/8yiJsxTmWJmEyKTaDVt+XKv9YLNOCntSD/e9Xjno2SQZ6OXf
3C0ZiJlq+Dxs2w4hc2OT39tzxlMgccWyCrylA3PSQTfELsr933aYYVOYZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJFfQWmiad24QKOLUA0kHQ/yhigPMB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEva1Y5QmFhSnAzYmhBbzR0UURTUWREX0tHS0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0tRgAY
MA0GCSqGSIb3DQEBCwUAA4IBAQDcSiNs6r/WGwG+sYoUdMdowUx9Gj9khG6gp05e
B30hdefHHLNg/VTaIX5jgtSbAatjKT+pwjQrBzERvm2mb5GxrjO7By2VdCf97aIv
kT5jLWTwJN6hYbwVoFRON5QbUXkVeJ4u8u3zPcd8ioyrViSjbik6JDdSQWxlVf4f
aJ2EYWBQQsFQhlprJh8SSu4rPnYA8D0YTHesUKftgIuPZxag/GM3P/jJg9875CGg
Y5VR9PEHjxNXnjdgkUEn3grGqCedFwdKtO5DPF45PxFLUpTaf/1A8fHm7my4lWPl
TBaqkF6Y8Gx7j64zwd4VGzsIIAw786IBK7kaLcb2W+106B2R
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:32:26 2025 by rpki-client