Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/omv1iA0sTwZqywTVYlUXXegJP1Q.roa
File: omv1iA0sTwZqywTVYlUXXegJP1Q.roa (raw, json)
Hash identifier: lDFIRi5hNHf1aQj7xWQEmMDGw0C4yu9jECeYI1136N4=
Subject key identifier: A2:6B:F5:88:0D:2C:4F:06:6A:CB:04:D5:62:55:17:5D:E8:09:3F:54
Certificate issuer: /CN=27d8640c305107766a646fbf8ec81db45ce1f249
Certificate serial: 0194236A1C12C80D3EE10CF6FFF02FA16058
Authority key identifier: 27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/omv1iA0sTwZqywTVYlUXXegJP1Q.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8399
IP address blocks: 2a0c:10c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.mft
rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1c:12:c8:0d:3e:e1:0c:f6:ff:f0:2f:a1:60:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d8640c305107766a646fbf8ec81db45ce1f249
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a26bf5880d2c4f066acb04d56255175de8093f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fd:9f:09:47:2d:2d:78:1f:d4:07:b2:63:48:
a7:27:7c:01:e5:c5:b0:92:6f:37:81:da:91:41:07:
46:77:a8:01:92:3d:ae:49:cf:a3:2b:cb:f5:b7:30:
2c:9b:86:e8:32:53:8c:c3:3c:32:80:32:5b:fe:b5:
ed:da:e2:80:ae:1b:34:05:9d:1c:5a:50:75:97:f9:
8a:e3:43:02:a0:7f:a1:64:27:50:7f:98:39:34:77:
d7:7a:6c:b1:b2:e3:fc:1a:79:20:27:58:c4:62:d4:
05:31:09:9c:93:6d:d1:3f:75:e2:4a:9c:fc:30:34:
b4:5b:76:26:1a:4d:ba:6e:07:35:06:cf:79:ba:e0:
a3:c5:bc:05:7a:34:d8:e7:7c:f7:cd:5a:bd:bf:32:
a0:b4:89:fb:11:56:dd:f2:d8:0b:1b:67:67:7f:ff:
5d:d3:2b:22:76:59:11:96:1e:a7:06:be:85:bc:23:
9d:46:36:1a:4d:0a:06:7c:2e:9e:ff:43:7e:31:7e:
c0:df:e7:2c:51:5e:61:40:82:ac:74:f6:e9:9d:c8:
3a:c7:d0:96:af:9e:a3:b9:c4:b7:58:3f:94:e9:45:
af:84:5c:20:16:a0:24:8f:97:79:67:98:e7:c7:f6:
da:bd:33:2c:fc:42:8c:74:51:87:80:51:20:b7:92:
c1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6B:F5:88:0D:2C:4F:06:6A:CB:04:D5:62:55:17:5D:E8:09:3F:54
X509v3 Authority Key Identifier:
keyid:27:D8:64:0C:30:51:07:76:6A:64:6F:BF:8E:C8:1D:B4:5C:E1:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/omv1iA0sTwZqywTVYlUXXegJP1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/88175a-12c8-4590-82e0-3c6f88c914b1/1/J9hkDDBRB3ZqZG-_jsgdtFzh8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:3c:e0:de:ae:31:f2:c8:53:12:5a:27:27:6e:65:50:c3:d4:
12:88:8e:3b:1a:43:06:5b:59:ec:67:54:3b:e2:99:1e:94:49:
73:4e:df:f4:5f:f0:80:03:07:02:a2:9c:5e:14:ca:0f:1b:4e:
3e:9a:18:0a:5d:91:be:7f:3f:84:02:95:2d:8c:3e:5c:2d:4d:
e5:09:8e:14:1f:51:51:be:7d:1b:2d:88:23:b6:7e:cb:78:6b:
cb:72:68:6d:2d:2f:4e:91:23:3a:da:a1:0d:c9:c3:51:87:fa:
71:35:d7:50:25:f5:9f:f8:ac:ec:c6:ec:e8:b1:87:4b:11:75:
8c:35:a4:80:c0:f5:b1:14:07:36:0c:c7:4b:08:14:9b:3d:3e:
94:4f:2e:68:32:3c:87:fe:3e:44:f0:85:98:ed:4a:af:1c:f4:
ce:90:2c:55:de:2b:b7:d2:1a:9a:5b:c8:6f:9a:bb:b9:71:11:
8f:8c:87:15:aa:08:c5:2d:fd:90:ee:77:5a:09:45:f9:1a:69:
a8:13:d1:2b:7f:5a:a4:1d:95:69:5c:80:63:cf:66:4f:aa:42:
d1:d8:41:33:f6:51:f2:7f:6d:97:fe:3b:00:89:05:2e:79:67:
7a:0a:43:a7:2e:d6:17:33:93:c4:bb:a7:88:3b:69:f0:ba:bf:
06:12:db:97
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjahwSyA0+4Qz2//AvoWBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDg2NDBjMzA1MTA3NzY2YTY0NmZiZjhlYzgxZGI0NWNl
MWYyNDkwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZiZjU4ODBkMmM0ZjA2NmFjYjA0ZDU2MjU1MTc1ZGU4MDkzZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/2fCUctLXgf1AeyY0inJ3wB5cWw
km83gdqRQQdGd6gBkj2uSc+jK8v1tzAsm4boMlOMwzwygDJb/rXt2uKArhs0BZ0c
WlB1l/mK40MCoH+hZCdQf5g5NHfXemyxsuP8GnkgJ1jEYtQFMQmck23RP3XiSpz8
MDS0W3YmGk26bgc1Bs95uuCjxbwFejTY53z3zVq9vzKgtIn7EVbd8tgLG2dnf/9d
0ysidlkRlh6nBr6FvCOdRjYaTQoGfC6e/0N+MX7A3+csUV5hQIKsdPbpncg6x9CW
r56jucS3WD+U6UWvhFwgFqAkj5d5Z5jnx/bavTMs/EKMdFGHgFEgt5LBKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKJr9YgNLE8GassE1WJVF13oCT9UMB8GA1UdIwQY
MBaAFCfYZAwwUQd2amRvv47IHbRc4fJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAt
M2M2Zjg4YzkxNGIxLzEvb212MWlBMHNUd1pxeXdUVllsVVhYZWdKUDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ODE3NWEtMTJjOC00NTkwLTgyZTAtM2M2Zjg4YzkxNGIx
LzEvSjloa0REQlJCM1pxWkctX2pzZ2R0RnpoOGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgwQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhDzg3q4x8shTElonJ25lUMPUEoiOOxpDBltZ7GdU
O+KZHpRJc07f9F/wgAMHAqKcXhTKDxtOPpoYCl2Rvn8/hAKVLYw+XC1N5QmOFB9R
Ub59Gy2II7Z+y3hry3JobS0vTpEjOtqhDcnDUYf6cTXXUCX1n/is7Mbs6LGHSxF1
jDWkgMD1sRQHNgzHSwgUmz0+lE8uaDI8h/4+RPCFmO1Krxz0zpAsVd4rt9IamlvI
b5q7uXERj4yHFaoIxS39kO53WglF+RppqBPRK39apB2VaVyAY89mT6pC0dhBM/ZR
8n9tl/47AIkFLnlnegpDpy7WFzOTxLuniDtp8Lq/BhLblw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:38:10 2025 by rpki-client