Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/9RqjWLw5HPxJzuXKXhGXXmyVkAE.roa
File: 9RqjWLw5HPxJzuXKXhGXXmyVkAE.roa (raw, json)
Hash identifier: 16h/SJTNr54l9qICOmuHkNeVLrt+8pmYa+3yNFUR3qM=
Subject key identifier: F5:1A:A3:58:BC:39:1C:FC:49:CE:E5:CA:5E:11:97:5E:6C:95:90:01
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B5655EF79E076A018001293ACCDC30
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/9RqjWLw5HPxJzuXKXhGXXmyVkAE.roa
Signing time: Thu 02 Jan 2025 15:49:46 +0000
ROA not before: Thu 02 Jan 2025 15:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215144
IP address blocks: 2a10:4646:450::/44 maxlen: 44
2a10:4646:455::/48 maxlen: 48
2a10:4646:45a::/48 maxlen: 48
2a10:4646:45b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 11:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:65:5e:f7:9e:07:6a:01:80:01:29:3a:cc:dc:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f51aa358bc391cfc49cee5ca5e11975e6c959001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8d:be:cf:ac:54:07:f2:11:8f:e8:a3:ea:72:
51:d7:16:2d:97:6a:fb:b0:67:65:9f:71:e4:79:ab:
be:13:b5:a4:af:94:2c:f4:89:63:d9:f1:e2:10:1d:
74:cd:fb:b4:a8:04:08:d8:74:fc:09:36:44:e8:01:
ae:75:4b:3b:6b:d9:75:e7:21:c6:18:86:19:55:81:
3f:fe:e4:77:e6:d2:e2:d7:de:e4:07:f8:a0:6e:ea:
1c:f8:2b:ff:e0:53:04:b7:a4:a0:37:b2:4f:c1:ac:
5b:7e:0f:8b:df:cc:8d:b9:f2:d0:45:ef:b0:78:48:
47:8c:4e:3c:43:26:07:5d:69:0a:b1:1e:5e:f5:30:
54:1f:56:ee:26:aa:25:73:3f:ff:32:5d:62:a5:fc:
3c:80:4a:f7:f7:55:95:94:87:e7:55:c9:bb:ea:8a:
b6:60:86:76:5f:64:0d:2d:08:68:39:70:f3:78:45:
7d:90:48:ad:fa:6e:a3:50:11:a0:ec:a6:b6:fa:07:
d3:ce:0d:48:c7:02:30:42:00:86:f0:f2:69:e6:69:
db:dd:56:71:6d:63:a2:4e:97:d2:cb:66:37:5d:84:
99:5d:01:f7:90:92:fb:71:26:63:50:63:0a:53:20:
cf:8c:9e:42:5d:07:df:82:94:a8:d5:bc:73:18:24:
d7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1A:A3:58:BC:39:1C:FC:49:CE:E5:CA:5E:11:97:5E:6C:95:90:01
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/9RqjWLw5HPxJzuXKXhGXXmyVkAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:450::/44
Signature Algorithm: sha256WithRSAEncryption
d2:bf:2b:85:39:74:d4:80:e1:b8:8a:75:d7:9e:9f:ee:f4:19:
b7:3a:1d:61:e2:ee:ef:b8:fc:b3:65:47:0f:f2:95:aa:a6:6c:
73:b5:19:52:78:5e:84:14:f2:ee:34:c3:c8:88:da:d7:7d:29:
43:04:d2:41:16:c5:32:8c:91:f7:b1:1f:69:c8:fa:c9:8c:3d:
0f:78:eb:de:a0:b7:c0:51:b4:2b:96:59:1d:d6:85:fb:76:ef:
17:fd:9c:f2:cc:8b:53:c6:4d:b2:97:08:f1:6f:f8:71:2a:1d:
ea:c8:17:28:f9:98:46:a8:69:0a:43:00:2a:c9:fe:94:bb:2d:
e8:1f:1f:3a:ea:3b:ad:21:4a:e7:d3:b3:15:bb:a0:96:4a:37:
75:3a:e3:97:26:8a:c2:d7:b4:6f:cd:14:c4:ce:1e:0a:6e:8a:
e1:18:b6:7d:83:88:9a:7d:03:4f:f6:6a:0e:95:7c:cc:1a:f6:
9f:85:88:94:23:b2:ac:67:65:8b:01:3c:03:15:4a:00:94:7b:
18:56:d2:f1:b7:76:d8:b6:bc:69:16:47:12:5d:b6:cf:fc:7b:
91:97:27:a0:db:2b:b8:b0:57:d5:0c:09:e0:23:37:9c:03:dc:
71:ef:e8:95:83:25:f3:6a:c6:c8:8f:94:2f:bb:fc:7b:34:57:
29:a6:0b:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntWVe954HagGAASk6zNwwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFhYTM1OGJjMzkxY2ZjNDljZWU1Y2E1ZTExOTc1ZTZjOTU5MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr42+z6xUB/IRj+ij6nJR1xYtl2r7
sGdln3Hkeau+E7Wkr5Qs9Ilj2fHiEB10zfu0qAQI2HT8CTZE6AGudUs7a9l15yHG
GIYZVYE//uR35tLi197kB/igbuoc+Cv/4FMEt6SgN7JPwaxbfg+L38yNufLQRe+w
eEhHjE48QyYHXWkKsR5e9TBUH1buJqolcz//Ml1ipfw8gEr391WVlIfnVcm76oq2
YIZ2X2QNLQhoOXDzeEV9kEit+m6jUBGg7Ka2+gfTzg1IxwIwQgCG8PJp5mnb3VZx
bWOiTpfSy2Y3XYSZXQH3kJL7cSZjUGMKUyDPjJ5CXQffgpSo1bxzGCTXyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPUao1i8ORz8Sc7lyl4Rl15slZABMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvOVJxaldMdzVIUHhKenVYS1hoR1hYbXlWa0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgRQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDSvyuFOXTUgOG4inXXnp/u9Bm3Oh1h4u7vuPyz
ZUcP8pWqpmxztRlSeF6EFPLuNMPIiNrXfSlDBNJBFsUyjJH3sR9pyPrJjD0PeOve
oLfAUbQrllkd1oX7du8X/ZzyzItTxk2ylwjxb/hxKh3qyBco+ZhGqGkKQwAqyf6U
uy3oHx866jutIUrn07MVu6CWSjd1OuOXJorC17RvzRTEzh4KborhGLZ9g4iafQNP
9moOlXzMGvafhYiUI7KsZ2WLATwDFUoAlHsYVtLxt3bYtrxpFkcSXbbP/HuRlyeg
2yu4sFfVDAngIzecA9xx7+iVgyXzasbIj5Qvu/x7NFcppgv5
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:25:01 2025 by rpki-client