Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/aVnXSxl3A9imF58Ni6PA9o97Lt0.roa
File: aVnXSxl3A9imF58Ni6PA9o97Lt0.roa (raw, json)
Hash identifier: 1b03aGZyiDI4vZq8xAQwMk9wWsMeLl0pjrQrWqhenxw=
Subject key identifier: 69:59:D7:4B:19:77:03:D8:A6:17:9F:0D:8B:A3:C0:F6:8F:7B:2E:DD
Certificate issuer: /CN=40e3953c5cb452f159f8e1505fc702e883657e72
Certificate serial: 01942746DAED7E48516D3B5C063CCDD09678
Authority key identifier: 40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/aVnXSxl3A9imF58Ni6PA9o97Lt0.roa
Signing time: Thu 02 Jan 2025 13:49:02 +0000
ROA not before: Thu 02 Jan 2025 13:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26506
IP address blocks: 207.229.122.0/24 maxlen: 24
209.16.176.0/24 maxlen: 24
209.16.178.0/24 maxlen: 24
209.162.155.0/24 maxlen: 24
209.162.157.0/24 maxlen: 24
2a02:3d0:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:da:ed:7e:48:51:6d:3b:5c:06:3c:cd:d0:96:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40e3953c5cb452f159f8e1505fc702e883657e72
Validity
Not Before: Jan 2 13:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6959d74b197703d8a6179f0d8ba3c0f68f7b2edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6f:6f:aa:5a:35:f7:8e:0d:83:79:3f:3e:1b:
97:5d:c7:a6:95:ae:61:f6:7e:1d:77:bb:ae:91:2d:
75:4a:23:52:94:ab:c7:ea:3a:80:47:a0:c9:c5:ed:
52:80:29:77:1d:71:70:51:6e:77:c8:ad:f7:0e:de:
19:b2:66:45:f8:10:0d:a8:bd:0b:bf:a3:dc:6b:6e:
ce:8d:53:e5:c5:c0:f5:b0:c0:e0:d6:25:55:81:dc:
d0:83:7d:26:e4:b2:95:9b:7e:bb:13:c9:c3:8f:6f:
de:08:cd:0f:a9:c5:a4:7a:0d:ad:f1:ae:36:0d:88:
ec:1e:a3:cf:ca:0e:57:00:e9:9d:b0:80:f5:60:ba:
33:ac:62:12:ce:e9:1e:ae:cf:21:db:92:e0:f6:cb:
18:5c:9f:35:dc:4f:9c:f7:b8:01:2d:46:00:5e:5b:
92:c1:ec:83:e2:0b:61:1e:20:d5:ef:c4:68:44:0a:
ad:d6:f6:97:10:5d:e3:b9:b8:69:e4:b0:6c:1a:cb:
6d:73:28:a6:5c:8e:38:af:dc:4d:bf:be:cd:b8:92:
30:3b:e5:9a:c2:44:b9:95:6e:86:42:05:de:db:02:
f3:40:a0:ad:ff:d5:38:0c:7e:3b:aa:54:52:ae:0a:
10:ac:e6:0f:d7:12:1c:f8:d9:19:36:04:5a:c6:9d:
62:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:59:D7:4B:19:77:03:D8:A6:17:9F:0D:8B:A3:C0:F6:8F:7B:2E:DD
X509v3 Authority Key Identifier:
keyid:40:E3:95:3C:5C:B4:52:F1:59:F8:E1:50:5F:C7:02:E8:83:65:7E:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOOVPFy0UvFZ-OFQX8cC6INlfnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/aVnXSxl3A9imF58Ni6PA9o97Lt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7d8505-3899-4a9e-8cf1-fa5af38deb5e/1/QOOVPFy0UvFZ-OFQX8cC6INlfnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.229.122.0/24
209.16.176.0/24
209.16.178.0/24
209.162.155.0/24
209.162.157.0/24
IPv6:
2a02:3d0:7::/48
Signature Algorithm: sha256WithRSAEncryption
07:58:4f:f1:d7:e3:6c:ef:a8:aa:39:0d:89:82:53:a4:48:ec:
25:0d:f4:74:53:89:6e:57:fd:70:4b:59:1d:e1:df:92:5e:9e:
4b:b7:9c:63:a0:50:25:f1:89:be:97:ff:04:7c:93:d1:c0:0b:
c8:74:44:38:4f:1a:63:32:9c:fe:d2:35:bf:56:d6:bd:10:31:
92:da:d2:86:5b:82:f4:1d:ea:50:5a:4c:37:a4:91:c0:9a:29:
37:bb:1c:2e:05:b7:b5:88:58:22:de:37:c0:41:7a:1e:f5:cb:
43:c7:a5:e8:6b:02:12:cf:b2:02:04:32:d2:16:a0:8b:d2:c7:
ba:24:c9:e9:8b:4f:4d:91:c4:1e:bd:63:58:16:bb:06:d3:29:
00:37:7a:bf:ce:8a:44:d2:29:eb:ed:1d:b9:6d:c8:c4:41:89:
91:97:15:ff:1f:2b:33:57:d2:b6:dc:dd:66:b2:aa:6a:bc:c2:
c4:f7:1d:82:24:4c:a8:fe:d9:61:e4:7a:57:e1:1c:4e:40:d4:
a4:8b:7e:1a:4a:19:97:d2:93:d3:30:09:e5:84:a0:14:93:12:
5f:c7:10:36:7f:50:8b:0b:f5:91:cb:a5:74:6c:f2:7e:a4:1f:
fd:87:9c:21:4a:25:f8:7b:cf:c2:c5:94:52:da:fb:51:5a:6d:
26:3d:16:e2
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQnRtrtfkhRbTtcBjzN0JZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM5NTNjNWNiNDUyZjE1OWY4ZTE1MDVmYzcwMmU4ODM2
NTdlNzIwHhcNMjUwMTAyMTM0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTU5ZDc0YjE5NzcwM2Q4YTYxNzlmMGQ4YmEzYzBmNjhmN2IyZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA329vqlo1944Ng3k/PhuXXcemla5h
9n4dd7uukS11SiNSlKvH6jqAR6DJxe1SgCl3HXFwUW53yK33Dt4ZsmZF+BANqL0L
v6Pca27OjVPlxcD1sMDg1iVVgdzQg30m5LKVm367E8nDj2/eCM0PqcWkeg2t8a42
DYjsHqPPyg5XAOmdsID1YLozrGISzukers8h25Lg9ssYXJ813E+c97gBLUYAXluS
weyD4gthHiDV78RoRAqt1vaXEF3jubhp5LBsGsttcyimXI44r9xNv77NuJIwO+Wa
wkS5lW6GQgXe2wLzQKCt/9U4DH47qlRSrgoQrOYP1xIc+NkZNgRaxp1iPwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGlZ10sZdwPYphefDYujwPaPey7dMB8GA1UdIwQY
MBaAFEDjlTxctFLxWfjhUF/HAuiDZX5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEt
ZmE1YWYzOGRlYjVlLzEvYVZuWFN4bDNBOWltRjU4Tmk2UEE5bzk3THQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83ZDg1MDUtMzg5OS00YTllLThjZjEtZmE1YWYzOGRlYjVl
LzEvUU9PVlBGeTBVdkZaLU9GUVg4Y0M2SU5sZm5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAz+V6AwQA
0RCwAwQA0RCyAwQA0aKbAwQA0aKdMA8EAgACMAkDBwAqAgPQAAcwDQYJKoZIhvcN
AQELBQADggEBAAdYT/HX42zvqKo5DYmCU6RI7CUN9HRTiW5X/XBLWR3h35Jenku3
nGOgUCXxib6X/wR8k9HAC8h0RDhPGmMynP7SNb9W1r0QMZLa0oZbgvQd6lBaTDek
kcCaKTe7HC4Ft7WIWCLeN8BBeh71y0PHpehrAhLPsgIEMtIWoIvSx7okyemLT02R
xB69Y1gWuwbTKQA3er/OikTSKevtHbltyMRBiZGXFf8fKzNX0rbc3Wayqmq8wsT3
HYIkTKj+2WHkelfhHE5A1KSLfhpKGZfSk9MwCeWEoBSTEl/HEDZ/UIsL9ZHLpXRs
8n6kH/2HnCFKJfh7z8LFlFLa+1FabSY9FuI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:34:26 2025 by rpki-client