Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/q4T6C9SJ_RxEIK5tgGiTpzMm6xg.roa
File: q4T6C9SJ_RxEIK5tgGiTpzMm6xg.roa (raw, json)
Hash identifier: RWzlSMc1gc7RwpNEzTCYCAEul5k2bRiDoY63p+i7qf0=
Subject key identifier: AB:84:FA:0B:D4:89:FD:1C:44:20:AE:6D:80:68:93:A7:33:26:EB:18
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01942369FE72D95F3D26EE9EAE34EB295197
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/q4T6C9SJ_RxEIK5tgGiTpzMm6xg.roa
Signing time: Wed 01 Jan 2025 19:48:56 +0000
ROA not before: Wed 01 Jan 2025 19:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215427
IP address blocks: 2a07:f580::/29 maxlen: 29
2a0d:38c0::/29 maxlen: 29
2a14:41c0::/29 maxlen: 29
2a14:4240::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
2a14:6240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:fe:72:d9:5f:3d:26:ee:9e:ae:34:eb:29:51:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 1 19:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab84fa0bd489fd1c4420ae6d806893a73326eb18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3d:ef:2c:79:71:36:20:8c:34:d6:77:fc:bb:
cd:2c:9d:cd:08:77:62:cc:34:d1:b1:d5:31:b8:91:
b8:dc:b7:7c:6a:1c:d5:37:01:66:40:5f:54:9b:e3:
49:f4:65:9e:bc:bc:6f:78:45:df:e3:49:47:eb:da:
99:44:05:7a:cb:a1:9f:59:93:cd:9d:c8:01:56:21:
a1:76:f0:47:ae:5d:16:4f:ea:b7:33:f0:53:b1:65:
90:66:6a:5f:3a:74:0f:34:c6:c6:c0:c7:c1:be:87:
ea:ea:41:84:52:e2:fe:78:7d:80:a1:d0:79:cc:a0:
9e:c1:2b:50:5e:0b:65:21:62:d5:6f:5b:0d:9e:66:
df:c6:5d:78:5f:34:a6:35:d5:76:dc:76:7b:80:8e:
0b:c9:d1:d7:9b:6f:d1:b0:7a:ca:8a:6a:e9:9c:9a:
e4:e6:40:2f:84:c7:99:1f:23:b8:d5:74:f6:7e:d8:
e8:c8:54:a7:51:e7:03:1f:01:e6:47:b8:b8:7e:98:
ec:6f:02:07:d4:c3:a1:17:f2:bf:f0:ef:2c:6b:63:
ee:5f:86:4e:8b:cc:52:47:a7:7e:64:2c:e8:f9:19:
6f:3f:88:b6:e8:a0:d7:de:ac:04:55:20:65:ae:f5:
83:01:d1:76:f5:7d:fd:e4:1f:dd:74:1c:33:e0:b8:
cb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:84:FA:0B:D4:89:FD:1C:44:20:AE:6D:80:68:93:A7:33:26:EB:18
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/q4T6C9SJ_RxEIK5tgGiTpzMm6xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f580::/29
2a0d:38c0::/29
2a14:41c0::/29
2a14:4240::/29
2a14:42c0::/29
2a14:6240::/29
Signature Algorithm: sha256WithRSAEncryption
d9:47:9c:37:12:00:7b:33:ff:be:6b:bd:3f:a4:ac:28:ad:ec:
d0:a8:9c:91:3c:f9:c0:08:44:57:7b:66:00:f6:30:2f:54:61:
15:0c:ba:2a:91:0a:06:2a:de:4c:e6:bd:e7:cf:ba:6a:15:fb:
e2:52:a2:0b:94:e5:ff:1c:59:ba:76:54:a5:23:98:7c:83:2d:
92:80:7a:b7:54:d3:c9:0a:4f:04:e0:5a:13:e0:05:f2:5a:f2:
3b:7d:5a:bf:52:de:fc:00:6d:b0:26:15:7d:18:2e:63:23:11:
09:21:7e:e1:2f:61:3b:c4:a0:41:24:c3:8b:7b:9e:7a:b9:86:
3e:76:99:c4:5b:d1:a9:bd:8e:15:ff:b8:57:ae:f1:2d:26:c9:
be:0e:cb:78:94:f1:30:9a:7e:0c:d7:a2:b5:81:b1:46:31:fc:
99:0a:9a:8e:27:8e:80:02:cc:86:d1:15:e7:bf:00:47:16:0f:
49:25:9b:b0:c3:86:ac:2e:c1:2c:0a:bd:4b:be:d8:18:a5:95:
bb:59:97:83:bf:9b:fb:84:2b:f7:31:19:27:cb:6a:e9:3e:04:
8e:6d:dd:36:47:4b:0e:c3:97:7c:b8:ae:61:79:f9:cf:21:c6:
47:84:d2:a5:a5:9f:48:24:33:29:1c:c4:1a:89:1e:db:37:c6:
c8:69:75:a9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQjaf5y2V89Ju6erjTrKVGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMTAxMTk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjg0ZmEwYmQ0ODlmZDFjNDQyMGFlNmQ4MDY4OTNhNzMzMjZlYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz3vLHlxNiCMNNZ3/LvNLJ3NCHdi
zDTRsdUxuJG43Ld8ahzVNwFmQF9Um+NJ9GWevLxveEXf40lH69qZRAV6y6GfWZPN
ncgBViGhdvBHrl0WT+q3M/BTsWWQZmpfOnQPNMbGwMfBvofq6kGEUuL+eH2AodB5
zKCewStQXgtlIWLVb1sNnmbfxl14XzSmNdV23HZ7gI4LydHXm2/RsHrKimrpnJrk
5kAvhMeZHyO41XT2ftjoyFSnUecDHwHmR7i4fpjsbwIH1MOhF/K/8O8sa2PuX4ZO
i8xSR6d+ZCzo+RlvP4i26KDX3qwEVSBlrvWDAdF29X395B/ddBwz4LjL2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKuE+gvUif0cRCCubYBok6czJusYMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcTRUNkM5U0pfUnhFSUs1dGdHaVRwek1tNnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgf1gAMF
AyoNOMADBQMqFEHAAwUDKhRCQAMFAyoUQsADBQMqFGJAMA0GCSqGSIb3DQEBCwUA
A4IBAQDZR5w3EgB7M/++a70/pKworezQqJyRPPnACERXe2YA9jAvVGEVDLoqkQoG
Kt5M5r3nz7pqFfviUqILlOX/HFm6dlSlI5h8gy2SgHq3VNPJCk8E4FoT4AXyWvI7
fVq/Ut78AG2wJhV9GC5jIxEJIX7hL2E7xKBBJMOLe556uYY+dpnEW9GpvY4V/7hX
rvEtJsm+Dst4lPEwmn4M16K1gbFGMfyZCpqOJ46AAsyG0RXnvwBHFg9JJZuww4as
LsEsCr1LvtgYpZW7WZeDv5v7hCv3MRkny2rpPgSObd02R0sOw5d8uK5hefnPIcZH
hNKlpZ9IJDMpHMQaiR7bN8bIaXWp
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:55:58 2025 by rpki-client