Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/KSAJh59TBqB3nBc2swg-HhWD4HU.roa
File: KSAJh59TBqB3nBc2swg-HhWD4HU.roa (raw, json)
Hash identifier: YuODHnc04OfbOoqG4f2goTKLkOcK+XMOJlxF0H5E6MU=
Subject key identifier: 29:20:09:87:9F:53:06:A0:77:9C:17:36:B3:08:3E:1E:15:83:E0:75
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 019424459AFB8647AF00F2472B2DB7C40437
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/KSAJh59TBqB3nBc2swg-HhWD4HU.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216164
IP address blocks: 2a05:4142::/32 maxlen: 32
2a05:4143::/32 maxlen: 32
2a05:4144::/32 maxlen: 32
2a11:e100::/29 maxlen: 48
2a11:e106::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9a:fb:86:47:af:00:f2:47:2b:2d:b7:c4:04:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=292009879f5306a0779c1736b3083e1e1583e075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:55:d1:9f:06:b6:34:8c:3d:52:3c:bf:47:b7:
98:78:6d:17:cb:2c:da:29:8e:20:a1:7b:2d:dc:80:
6d:15:c4:d3:ce:95:08:e6:09:54:71:96:16:00:4f:
69:87:93:c7:91:cd:5c:29:d5:a6:cb:4d:39:ff:fd:
e0:9c:6e:32:8d:fb:59:77:98:96:44:62:cc:9e:da:
76:57:5e:17:44:bb:61:4a:da:57:b5:63:ea:24:94:
c8:ca:d4:dd:af:e0:84:eb:75:5f:e2:fa:d8:2c:71:
99:73:48:28:25:49:15:c1:f9:ba:64:a3:8d:03:36:
d1:e1:fe:8e:88:a2:71:c7:80:9e:7d:d1:a6:4c:6b:
1a:4e:aa:56:10:73:c9:e0:2b:8b:3c:a9:46:fc:3e:
d5:65:c1:da:39:90:4f:88:b5:2e:25:7c:e9:e4:0a:
f0:bb:16:a0:7b:0f:c0:af:9f:a1:86:dc:12:a5:84:
c8:70:0d:0f:9f:c8:1d:4e:b2:2c:e2:a9:4e:6e:65:
c9:65:7a:9a:cd:4d:6b:58:aa:76:28:25:cc:fe:2c:
22:d2:6e:f1:64:52:fd:c8:4f:b0:3f:88:7d:c5:81:
68:27:0b:c2:df:96:74:aa:84:bd:45:06:1d:e7:77:
22:c6:5b:bb:02:59:2e:82:3a:95:f1:d1:f8:bb:cb:
58:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:20:09:87:9F:53:06:A0:77:9C:17:36:B3:08:3E:1E:15:83:E0:75
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/KSAJh59TBqB3nBc2swg-HhWD4HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4142::-2a05:4144:ffff:ffff:ffff:ffff:ffff:ffff
2a11:e100::/29
Signature Algorithm: sha256WithRSAEncryption
31:2d:75:51:1a:04:cf:d0:0a:0d:5f:53:44:d2:9e:35:73:12:
f8:52:89:b4:89:46:fb:b8:fe:64:9d:86:e4:5f:91:29:c6:1d:
f5:05:0f:e6:0c:4d:62:ee:ad:af:7f:90:fb:99:20:84:82:c8:
c5:45:20:14:80:cb:76:10:ca:75:2a:12:0d:b6:b1:0f:5f:54:
8d:2e:8d:4f:55:da:49:aa:8b:1e:4b:15:72:22:bb:fe:0e:bf:
0a:2d:ef:4e:37:15:9e:64:d7:6e:3b:99:40:b0:5a:9e:7d:d9:
51:fa:f4:a9:a5:91:e0:af:82:78:15:89:e3:a0:b0:d7:56:25:
aa:52:77:4f:3a:f5:6a:b5:05:f1:eb:97:1e:48:09:fb:f5:42:
c1:4b:c2:bb:0b:da:c3:ab:31:1a:01:23:f9:07:ad:83:5b:62:
4b:28:db:04:eb:0c:39:79:ae:24:ff:7e:1c:65:d3:7a:21:cd:
12:05:9e:f5:c6:ce:44:41:8e:54:9c:20:ae:20:83:77:fe:dc:
af:0d:33:61:05:62:8b:ed:67:ed:80:ad:7e:cb:43:15:01:9a:
4a:1c:cc:f9:5e:f7:3b:7b:7d:69:a5:01:d1:0c:58:28:8f:8a:
7f:4a:44:74:54:48:60:1f:8d:48:46:9b:4a:33:66:a9:d4:c6:
7d:88:5c:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQkRZr7hkevAPJHKy23xAQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTIwMDk4NzlmNTMwNmEwNzc5YzE3MzZiMzA4M2UxZTE1ODNlMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlXRnwa2NIw9Ujy/R7eYeG0Xyyza
KY4goXst3IBtFcTTzpUI5glUcZYWAE9ph5PHkc1cKdWmy005//3gnG4yjftZd5iW
RGLMntp2V14XRLthStpXtWPqJJTIytTdr+CE63Vf4vrYLHGZc0goJUkVwfm6ZKON
AzbR4f6OiKJxx4CefdGmTGsaTqpWEHPJ4CuLPKlG/D7VZcHaOZBPiLUuJXzp5Arw
uxagew/Ar5+hhtwSpYTIcA0Pn8gdTrIs4qlObmXJZXqazU1rWKp2KCXM/iwi0m7x
ZFL9yE+wP4h9xYFoJwvC35Z0qoS9RQYd53cixlu7AlkugjqV8dH4u8tYyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkgCYefUwagd5wXNrMIPh4Vg+B1MB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvS1NBSmg1OVRCcUIzbkJjMnN3Zy1IaFdENEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXMA4DBQEqBUFC
AwUAKgVBRAMFAyoR4QAwDQYJKoZIhvcNAQELBQADggEBADEtdVEaBM/QCg1fU0TS
njVzEvhSibSJRvu4/mSdhuRfkSnGHfUFD+YMTWLura9/kPuZIISCyMVFIBSAy3YQ
ynUqEg22sQ9fVI0ujU9V2kmqix5LFXIiu/4Ovwot7043FZ5k1247mUCwWp592VH6
9KmlkeCvgngVieOgsNdWJapSd0869Wq1BfHrlx5ICfv1QsFLwrsL2sOrMRoBI/kH
rYNbYkso2wTrDDl5riT/fhxl03ohzRIFnvXGzkRBjlScIK4gg3f+3K8NM2EFYovt
Z+2ArX7LQxUBmkoczPle9zt7fWmlAdEMWCiPin9KRHRUSGAfjUhGm0ozZqnUxn2I
XJA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:58:36 2025 by rpki-client