Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/6vJ_I4Qsur9Ih45q8_GeDahWN0c.roa
File: 6vJ_I4Qsur9Ih45q8_GeDahWN0c.roa (raw, json)
Hash identifier: dFh6X6qgHNkFlYjksVHkI3rW+fe7dVzePztX5khTuoo=
Subject key identifier: EA:F2:7F:23:84:2C:BA:BF:48:87:8E:6A:F3:F1:9E:0D:A8:56:37:47
Certificate issuer: /CN=04d3c5de9ff3cce131c8bfcdcce333947d92635e
Certificate serial: 0194274826BA4FD1E11D18F1EFCBAB51C2E3
Authority key identifier: 04:D3:C5:DE:9F:F3:CC:E1:31:C8:BF:CD:CC:E3:33:94:7D:92:63:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/6vJ_I4Qsur9Ih45q8_GeDahWN0c.roa
Signing time: Thu 02 Jan 2025 13:50:27 +0000
ROA not before: Thu 02 Jan 2025 13:50:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214824
IP address blocks: 2a14:4e40::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/BNPF3p_zzOExyL_NzOMzlH2SY14.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/BNPF3p_zzOExyL_NzOMzlH2SY14.mft
rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:26:ba:4f:d1:e1:1d:18:f1:ef:cb:ab:51:c2:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d3c5de9ff3cce131c8bfcdcce333947d92635e
Validity
Not Before: Jan 2 13:50:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eaf27f23842cbabf48878e6af3f19e0da8563747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b0:89:9e:52:8b:7d:c9:e7:5c:41:4e:04:be:
3a:8e:f5:29:e9:16:ae:fd:08:c6:19:4e:8f:24:c3:
1a:88:d7:c8:36:52:5b:cd:e1:ab:93:f1:8b:30:d8:
1d:60:44:06:d7:9e:d8:24:ff:7b:d6:80:cf:f6:73:
00:5e:69:2f:a1:e2:35:5e:b5:b3:ce:31:2a:d7:06:
1c:8c:f7:3b:4a:bf:45:c0:7a:02:8c:1f:c2:13:27:
0b:a1:61:74:bc:b6:51:cf:08:12:98:be:8d:17:da:
17:af:df:64:19:d4:bc:4e:1b:50:b9:39:8b:6d:d4:
0f:9e:2b:75:85:6f:6e:96:52:25:2f:32:cc:45:2e:
6b:d9:49:01:08:e0:6d:c9:b3:d2:4f:a7:e0:8d:36:
8b:2a:22:bb:8d:80:d4:93:26:6e:53:2b:05:ed:b9:
a0:04:1b:1b:1f:67:cc:a1:a7:2a:57:cf:fc:74:69:
59:92:ed:03:3b:4a:84:88:a0:10:9a:07:84:c9:da:
a6:71:70:56:1f:4a:4c:67:bc:37:10:4f:6f:cd:90:
aa:fe:47:d7:b4:1e:63:f1:37:bf:96:4f:4e:65:52:
24:96:ee:64:bd:d2:54:39:76:03:33:52:bd:b8:5e:
bd:ca:5f:4c:71:23:06:ba:fb:36:92:31:5e:db:ba:
50:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F2:7F:23:84:2C:BA:BF:48:87:8E:6A:F3:F1:9E:0D:A8:56:37:47
X509v3 Authority Key Identifier:
keyid:04:D3:C5:DE:9F:F3:CC:E1:31:C8:BF:CD:CC:E3:33:94:7D:92:63:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNPF3p_zzOExyL_NzOMzlH2SY14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/6vJ_I4Qsur9Ih45q8_GeDahWN0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2607fb-6b84-456e-aa09-9d8bc8115f68/1/BNPF3p_zzOExyL_NzOMzlH2SY14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4e40::/64
Signature Algorithm: sha256WithRSAEncryption
76:fa:a3:bf:89:75:c2:30:92:05:83:af:07:f0:fa:27:d5:21:
f4:8e:e5:2e:7a:84:2d:7e:a9:f0:e7:cf:af:7b:24:db:be:b4:
be:00:70:be:73:5c:9f:ec:8c:dd:2c:2b:98:cc:0a:fc:0b:9b:
9a:ab:59:0f:c2:53:83:d9:e5:73:5b:fc:5c:00:c8:f7:13:94:
4f:d9:80:95:71:52:c4:32:d1:93:ae:f7:f9:af:27:66:2a:29:
d4:a2:d4:ad:d7:9f:ed:ef:e7:65:77:e4:08:d2:a4:c5:77:99:
19:63:63:00:68:d9:61:fc:1c:ee:da:45:94:1c:b5:a2:75:51:
a1:a8:fe:85:16:c1:b0:26:30:5e:09:77:ae:38:86:6b:33:68:
24:81:c9:3f:92:e4:0e:8c:69:2f:2e:e7:14:a9:d6:8e:21:4d:
74:09:e8:5f:6d:6c:61:da:27:1e:30:ad:bd:ce:aa:5a:d5:ac:
cf:57:d6:19:a7:fd:dc:6a:ac:80:c1:78:31:ce:d6:a0:4a:7b:
84:09:57:c7:ec:a0:2b:21:76:9a:f7:93:52:9e:69:cd:8a:99:
b3:b8:37:d1:69:52:82:1a:0d:ce:a0:f8:c2:86:f3:34:e9:43:
ce:4e:35:03:04:e9:d3:90:88:da:60:b5:0c:ac:b3:2a:05:b1:
bb:df:59:27
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZQnSCa6T9HhHRjx78urUcLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDNjNWRlOWZmM2NjZTEzMWM4YmZjZGNjZTMzMzk0N2Q5
MjYzNWUwHhcNMjUwMTAyMTM1MDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWYyN2YyMzg0MmNiYWJmNDg4NzhlNmFmM2YxOWUwZGE4NTYzNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7CJnlKLfcnnXEFOBL46jvUp6Rau
/QjGGU6PJMMaiNfINlJbzeGrk/GLMNgdYEQG157YJP971oDP9nMAXmkvoeI1XrWz
zjEq1wYcjPc7Sr9FwHoCjB/CEycLoWF0vLZRzwgSmL6NF9oXr99kGdS8ThtQuTmL
bdQPnit1hW9ullIlLzLMRS5r2UkBCOBtybPST6fgjTaLKiK7jYDUkyZuUysF7bmg
BBsbH2fMoacqV8/8dGlZku0DO0qEiKAQmgeEydqmcXBWH0pMZ7w3EE9vzZCq/kfX
tB5j8Te/lk9OZVIklu5kvdJUOXYDM1K9uF69yl9McSMGuvs2kjFe27pQPwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFOryfyOELLq/SIeOavPxng2oVjdHMB8GA1UdIwQY
MBaAFATTxd6f88zhMci/zczjM5R9kmNeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5QRjNwX3p6T0V4eUxfTnpPTXpsSDJTWTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yNjA3ZmItNmI4NC00NTZlLWFhMDkt
OWQ4YmM4MTE1ZjY4LzEvNnZKX0k0UXN1cjlJaDQ1cThfR2VEYWhXTjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yNjA3ZmItNmI4NC00NTZlLWFhMDktOWQ4YmM4MTE1ZjY4
LzEvQk5QRjNwX3p6T0V4eUxfTnpPTXpsSDJTWTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAAjALAwkAKhROQAAA
AAAwDQYJKoZIhvcNAQELBQADggEBAHb6o7+JdcIwkgWDrwfw+ifVIfSO5S56hC1+
qfDnz697JNu+tL4AcL5zXJ/sjN0sK5jMCvwLm5qrWQ/CU4PZ5XNb/FwAyPcTlE/Z
gJVxUsQy0ZOu9/mvJ2YqKdSi1K3Xn+3v52V35AjSpMV3mRljYwBo2WH8HO7aRZQc
taJ1UaGo/oUWwbAmMF4Jd644hmszaCSByT+S5A6MaS8u5xSp1o4hTXQJ6F9tbGHa
Jx4wrb3OqlrVrM9X1hmn/dxqrIDBeDHO1qBKe4QJV8fsoCshdpr3k1Keac2KmbO4
N9FpUoIaDc6g+MKG8zTpQ85ONQME6dOQiNpgtQyssyoFsbvfWSc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:16 2025 by rpki-client