Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/g2DFl2N-WdFrs9z950ghIm6CXgg.roa
File: g2DFl2N-WdFrs9z950ghIm6CXgg.roa (raw, json)
Hash identifier: g4VcoYAo+P4AnCakQIRF1npt/PFP6SzCAGb+cSIm25Q=
Subject key identifier: 83:60:C5:97:63:7E:59:D1:6B:B3:DC:FD:E7:48:21:22:6E:82:5E:08
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 019427B656A4A04F3F4901B171B9AB0C16F3
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/g2DFl2N-WdFrs9z950ghIm6CXgg.roa
Signing time: Thu 02 Jan 2025 15:50:48 +0000
ROA not before: Thu 02 Jan 2025 15:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398104
IP address blocks: 2a01:488:bb1b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:56:a4:a0:4f:3f:49:01:b1:71:b9:ab:0c:16:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 15:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8360c597637e59d16bb3dcfde74821226e825e08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7a:75:a9:3c:71:40:14:0d:3d:bd:aa:4d:98:
03:06:4b:a9:2c:f3:d9:70:51:bb:44:57:a3:00:35:
f3:07:5b:b4:76:4d:ae:3d:3c:51:73:56:5f:8e:84:
28:9d:d2:a6:50:de:73:03:fd:30:5d:ce:d6:0a:61:
22:9e:6c:da:d0:b2:10:e6:b8:a9:69:6d:de:64:7e:
8b:88:8b:73:fe:ac:47:58:98:d0:26:7d:71:96:da:
c2:bf:1a:ae:8a:35:a8:70:70:28:44:96:0f:e3:f1:
29:51:cd:08:e8:99:87:db:30:7f:53:8a:29:12:ab:
c7:98:c1:c7:89:12:f9:2f:e7:3b:07:b4:38:4a:ee:
e2:de:8a:07:a0:09:30:35:86:f8:4d:0d:04:3f:24:
80:c3:02:56:23:09:46:57:99:82:00:3e:69:01:4e:
eb:2a:7b:80:3c:f3:bc:42:0e:52:1f:f7:c5:f4:92:
dc:73:ab:13:1f:54:e9:3a:99:a2:22:c0:af:97:2d:
ee:6d:5c:c0:3a:d9:21:f1:6d:1a:e2:fc:16:34:64:
b3:a2:80:5e:3f:69:72:0c:ea:af:49:ab:df:66:8f:
87:af:12:45:f8:22:46:1f:0a:ee:9a:f1:00:18:06:
fe:22:87:5c:30:ba:f7:92:de:3d:4c:b9:cf:ae:db:
a1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:60:C5:97:63:7E:59:D1:6B:B3:DC:FD:E7:48:21:22:6E:82:5E:08
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/g2DFl2N-WdFrs9z950ghIm6CXgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb1b::/48
Signature Algorithm: sha256WithRSAEncryption
a4:12:71:a3:f3:3e:39:14:26:06:3f:41:8c:94:bd:56:52:ff:
60:d8:c5:42:79:d8:c6:b9:ac:8d:c8:80:6c:22:40:cb:ba:dc:
d4:c0:ab:73:07:06:4e:4a:33:fd:a2:09:f4:ad:11:8a:78:59:
cc:89:e6:9f:a7:8d:e8:5f:d7:5d:0e:4b:19:fd:02:af:60:bf:
cb:f1:0b:bf:26:1b:70:33:e9:ba:0d:3e:a3:97:15:9e:0e:25:
d0:68:f2:5e:d9:fe:58:3e:0f:66:0d:20:43:ac:b4:26:b9:4e:
0f:6e:c3:df:8e:de:b0:ab:3b:61:52:0b:24:fe:83:55:e7:1d:
34:53:85:f6:30:35:cc:3b:62:47:16:95:41:57:22:2d:aa:00:
94:f6:c2:83:fc:f0:a9:e6:46:9f:29:67:14:1d:1d:dd:41:4f:
97:0c:06:4d:53:55:88:d4:4d:23:db:fa:2f:92:3b:34:ed:6b:
0a:43:c2:d7:0b:1d:36:63:e4:2f:5d:0c:37:a7:4d:7b:56:6e:
2a:4f:2b:8b:3f:11:9e:e0:87:5c:d9:98:64:20:14:58:7f:18:
e8:23:10:08:c7:fb:c5:ff:3b:3a:9d:57:aa:9d:f9:80:8c:c8:
9f:e3:95:45:5e:a7:59:ed:b4:e9:5f:77:05:52:54:89:5d:94:
1e:0b:ee:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntlakoE8/SQGxcbmrDBbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjUwMTAyMTU1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzYwYzU5NzYzN2U1OWQxNmJiM2RjZmRlNzQ4MjEyMjZlODI1ZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnp1qTxxQBQNPb2qTZgDBkupLPPZ
cFG7RFejADXzB1u0dk2uPTxRc1ZfjoQondKmUN5zA/0wXc7WCmEinmza0LIQ5rip
aW3eZH6LiItz/qxHWJjQJn1xltrCvxquijWocHAoRJYP4/EpUc0I6JmH2zB/U4op
EqvHmMHHiRL5L+c7B7Q4Su7i3ooHoAkwNYb4TQ0EPySAwwJWIwlGV5mCAD5pAU7r
KnuAPPO8Qg5SH/fF9JLcc6sTH1TpOpmiIsCvly3ubVzAOtkh8W0a4vwWNGSzooBe
P2lyDOqvSavfZo+HrxJF+CJGHwrumvEAGAb+IodcMLr3kt49TLnPrtuhUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFINgxZdjflnRa7Pc/edIISJugl4IMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvZzJERmwyTi1XZEZyczl6OTUwZ2hJbTZDWGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsb
MA0GCSqGSIb3DQEBCwUAA4IBAQCkEnGj8z45FCYGP0GMlL1WUv9g2MVCedjGuayN
yIBsIkDLutzUwKtzBwZOSjP9ogn0rRGKeFnMieafp43oX9ddDksZ/QKvYL/L8Qu/
JhtwM+m6DT6jlxWeDiXQaPJe2f5YPg9mDSBDrLQmuU4PbsPfjt6wqzthUgsk/oNV
5x00U4X2MDXMO2JHFpVBVyItqgCU9sKD/PCp5kafKWcUHR3dQU+XDAZNU1WI1E0j
2/ovkjs07WsKQ8LXCx02Y+QvXQw3p017Vm4qTyuLPxGe4Idc2ZhkIBRYfxjoIxAI
x/vF/zs6nVeqnfmAjMif45VFXqdZ7bTpX3cFUlSJXZQeC+42
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:58 2025 by rpki-client