Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-bRXAfKabhiCWoXNzMdEeZon5D0.roa
File: 1-bRXAfKabhiCWoXNzMdEeZon5D0.roa (raw, json)
Hash identifier: 6aOl45K8ZyCq0V5nRgXFil5rqzEBRL97C2Z/LQMpZzM=
Subject key identifier: F9:B4:57:01:F2:9A:6E:18:82:5A:85:CD:CC:C7:44:79:9A:27:E4:3D
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195AE8BC43AADB494A9AEB14D3991E3E664
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-bRXAfKabhiCWoXNzMdEeZon5D0.roa
Signing time: Wed 19 Mar 2025 13:15:50 +0000
ROA not before: Wed 19 Mar 2025 13:15:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 2a14:68c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ae:8b:c4:3a:ad:b4:94:a9:ae:b1:4d:39:91:e3:e6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 19 13:15:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9b45701f29a6e18825a85cdccc744799a27e43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:89:35:67:7c:ab:8c:f4:85:e5:69:f0:40:0f:
d2:89:42:1f:d9:dc:c4:82:74:91:fa:2e:46:de:81:
d4:0e:70:35:3a:d5:08:ad:c0:b6:6a:5c:eb:fc:9c:
fa:41:19:d2:c8:92:c6:17:60:ec:53:91:27:43:2c:
df:1c:75:78:cd:bb:a6:79:2a:8f:93:74:21:2d:42:
44:9f:8e:7d:1d:b8:6a:55:b5:99:47:ca:65:11:91:
15:34:e2:e9:b7:ad:48:d9:9d:07:67:c8:2a:e9:f0:
a5:ce:a4:54:7c:5f:b6:37:7f:c9:eb:81:60:e1:19:
28:e7:6a:20:47:5a:18:db:41:c3:c2:79:92:0e:ed:
8e:e8:44:bb:77:9c:49:de:7d:af:96:be:76:fd:05:
9c:6d:4c:f2:c6:86:10:64:99:cb:1f:fd:46:86:ff:
b2:19:1c:b3:be:73:45:47:1c:77:e4:b6:11:81:4e:
44:3b:e3:2f:3c:e4:b6:bf:a9:e3:9f:b1:9b:01:a5:
4e:33:5e:8f:c8:02:fe:bc:c2:58:77:a2:04:cf:f4:
54:1b:00:26:e5:24:30:48:fb:e2:7f:d2:d9:bd:4a:
64:10:4f:e7:a5:ca:3f:de:3b:ab:a6:29:2f:76:0f:
69:cf:21:4c:c4:b6:ae:f7:51:86:27:60:12:36:4a:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B4:57:01:F2:9A:6E:18:82:5A:85:CD:CC:C7:44:79:9A:27:E4:3D
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-bRXAfKabhiCWoXNzMdEeZon5D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:68c0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:22:d1:aa:88:3a:49:e9:80:9f:8b:b1:f8:85:15:fa:d3:74:
72:bb:17:5f:b0:8b:22:6e:bc:ea:b3:94:92:9a:b7:b4:c2:02:
e8:3f:00:82:01:f3:c8:01:77:e5:cc:6b:2d:c3:11:43:b6:9e:
c6:41:56:1c:e0:44:c6:4b:36:33:a3:d3:7c:d7:cc:22:cd:b8:
db:58:b6:36:8e:ab:92:ad:9e:b9:35:c0:55:92:a7:c1:cd:85:
d0:3b:09:df:dc:46:2d:94:88:e6:94:84:3f:39:26:91:03:98:
83:2d:36:f2:0a:f6:ea:cf:2a:8a:e5:84:a6:e2:27:10:85:67:
f6:77:d7:2a:7b:0b:8d:c5:dc:80:84:ef:14:13:7e:eb:a1:f9:
ea:c6:7b:fb:44:e9:c3:b7:aa:4a:b1:97:99:79:86:c0:0a:43:
58:15:eb:e5:4d:12:0a:5d:a8:07:cf:bf:35:26:13:6f:0a:c6:
8e:e0:bd:87:50:c6:ff:c4:a2:f2:54:8e:00:da:41:f6:79:4f:
69:5b:83:48:e9:cb:1e:9a:7d:4b:a4:d1:51:dc:cc:1a:52:5f:
b5:7c:e9:9b:ba:86:85:56:df:47:ba:b0:bc:49:6c:1e:ac:58:
a1:ed:9b:b0:11:5b:12:e7:df:f1:f1:dd:b2:ca:aa:8a:c0:0f:
3d:ce:93:03
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZWui8Q6rbSUqa6xTTmR4+ZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzE5MTMxNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI0NTcwMWYyOWE2ZTE4ODI1YTg1Y2RjY2M3NDQ3OTlhMjdlNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4k1Z3yrjPSF5WnwQA/SiUIf2dzE
gnSR+i5G3oHUDnA1OtUIrcC2alzr/Jz6QRnSyJLGF2DsU5EnQyzfHHV4zbumeSqP
k3QhLUJEn459HbhqVbWZR8plEZEVNOLpt61I2Z0HZ8gq6fClzqRUfF+2N3/J64Fg
4Rko52ogR1oY20HDwnmSDu2O6ES7d5xJ3n2vlr52/QWcbUzyxoYQZJnLH/1Ghv+y
GRyzvnNFRxx35LYRgU5EO+MvPOS2v6njn7GbAaVOM16PyAL+vMJYd6IEz/RUGwAm
5SQwSPvif9LZvUpkEE/npco/3jurpikvdg9pzyFMxLau91GGJ2ASNkp7SwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPm0VwHymm4YglqFzczHRHmaJ+Q9MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMS1iUlhBZkthYmhpQ1dvWE56TWRFZVpvbjVEMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWUvM2NhYTUxLTdhMjEtNDk5ZC1hNTQ1LWJhZmJkZmM4MTMy
YS8xL1R4UVJMUVhwMkhZVW5TZDQxSTdhcWpKTnNLVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoUaMAw
DQYJKoZIhvcNAQELBQADggEBAH0i0aqIOknpgJ+LsfiFFfrTdHK7F1+wiyJuvOqz
lJKat7TCAug/AIIB88gBd+XMay3DEUO2nsZBVhzgRMZLNjOj03zXzCLNuNtYtjaO
q5Ktnrk1wFWSp8HNhdA7Cd/cRi2UiOaUhD85JpEDmIMtNvIK9urPKorlhKbiJxCF
Z/Z31yp7C43F3ICE7xQTfuuh+erGe/tE6cO3qkqxl5l5hsAKQ1gV6+VNEgpdqAfP
vzUmE28Kxo7gvYdQxv/EovJUjgDaQfZ5T2lbg0jpyx6afUuk0VHczBpSX7V86Zu6
hoVW30e6sLxJbB6sWKHtm7ARWxLn3/Hx3bLKqorADz3OkwM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:21:35 2025 by rpki-client