Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/_1lqE5scJ0MBH0b9lTR0YHuGOuU.roa
File: _1lqE5scJ0MBH0b9lTR0YHuGOuU.roa (raw, json)
Hash identifier: 4TZYcGOcfHMexmHJPq3AcWYTwMqwPGPD0OgXI/Zx1Ik=
Subject key identifier: FF:59:6A:13:9B:1C:27:43:01:1F:46:FD:95:34:74:60:7B:86:3A:E5
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521E610A82676EAA7B2C3025A518BC3
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/_1lqE5scJ0MBH0b9lTR0YHuGOuU.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208022
IP address blocks: 2a0a:280::/29 maxlen: 32
2a11:3780::/29 maxlen: 32
2a12:ef40::/29 maxlen: 32
2a13:63c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e6:10:a8:26:76:ea:a7:b2:c3:02:5a:51:8b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff596a139b1c2743011f46fd953474607b863ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ce:3c:ad:05:27:d7:b4:0f:38:ed:bb:c8:cb:
60:9a:a1:44:e1:ed:6a:08:fb:45:c5:49:81:5a:02:
5f:b7:5c:e9:3d:d6:c3:30:b1:2c:03:de:cd:4d:1d:
7a:6f:d4:4a:c9:46:6e:e8:25:d7:ef:c4:1e:7c:8a:
58:63:c4:dd:c6:59:ed:39:8e:27:8f:39:6c:1b:d9:
ee:cd:6e:c9:22:0c:aa:ef:ca:37:70:a1:58:60:d4:
bd:8e:55:0e:0f:3f:f4:a0:1e:1b:31:c1:be:b5:49:
71:11:54:cf:a3:d0:c7:4e:38:bd:46:14:1d:e2:a1:
64:e0:14:63:f3:4a:70:0f:58:7f:93:95:fb:e0:d0:
61:84:25:cd:b5:b8:ad:66:a7:41:56:2e:a1:36:dc:
2a:7c:61:7e:55:82:6d:41:eb:17:2d:e2:22:96:6b:
9c:ab:0a:37:55:23:fe:67:f7:c1:df:5b:38:ed:86:
19:dc:7b:32:98:98:cc:05:a0:94:f7:76:3d:fb:81:
e9:0e:8e:55:d2:c0:1c:f2:c7:69:1e:a2:46:a6:f6:
e7:60:ce:c3:be:24:b7:3a:8c:65:03:c1:52:20:28:
cc:09:3e:49:86:c2:b4:54:cb:cc:6f:4d:b0:d9:69:
4f:26:c9:2a:7f:6b:7b:7b:44:3a:7c:aa:96:a2:a5:
5e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:59:6A:13:9B:1C:27:43:01:1F:46:FD:95:34:74:60:7B:86:3A:E5
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/_1lqE5scJ0MBH0b9lTR0YHuGOuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280::/29
2a11:3780::/29
2a12:ef40::/29
2a13:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:4e:cb:e1:8d:36:dd:83:11:24:c8:67:43:b1:e0:7d:39:c3:
4c:10:8a:af:32:f2:ad:5f:e0:9a:f2:10:a7:b5:86:76:fa:37:
7c:50:53:44:b7:d9:e8:a6:fb:1f:1d:92:5e:75:df:84:4d:87:
8f:46:bd:78:96:4b:94:45:86:a2:15:34:37:bd:53:c7:17:e7:
dd:91:0f:b1:16:f9:c1:41:d8:8c:9a:73:87:12:e1:5b:7d:42:
f5:a8:4e:f4:45:da:8b:a9:4d:74:15:93:d2:da:12:13:60:cd:
97:9c:be:80:de:13:c2:bb:9d:cc:9e:cd:17:75:02:53:80:54:
87:d7:10:53:5c:a8:01:5f:f9:5f:15:08:04:9f:fb:1a:4a:87:
0d:b9:e8:df:08:1a:fb:20:aa:68:35:4b:4d:cb:c6:3e:35:d9:
98:17:c0:30:ba:31:01:b2:e7:21:a7:11:d4:2a:41:d2:7f:49:
bf:a5:66:7f:d3:05:78:b4:b9:83:b5:30:7f:c7:4f:cd:ff:5b:
c4:fa:4f:b2:05:33:a3:e8:06:d0:92:90:29:72:92:b3:4f:9d:
08:67:97:d1:0c:f1:ef:a2:a1:7d:ee:43:30:44:b5:25:0b:8e:
3e:c1:d0:b3:30:bb:a2:7a:11:9c:51:26:10:7a:09:d6:87:aa:
de:44:33:d6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQlIeYQqCZ26qeywwJaUYvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjU5NmExMzliMWMyNzQzMDExZjQ2ZmQ5NTM0NzQ2MDdiODYzYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr848rQUn17QPOO27yMtgmqFE4e1q
CPtFxUmBWgJft1zpPdbDMLEsA97NTR16b9RKyUZu6CXX78QefIpYY8TdxlntOY4n
jzlsG9nuzW7JIgyq78o3cKFYYNS9jlUODz/0oB4bMcG+tUlxEVTPo9DHTji9RhQd
4qFk4BRj80pwD1h/k5X74NBhhCXNtbitZqdBVi6hNtwqfGF+VYJtQesXLeIilmuc
qwo3VSP+Z/fB31s47YYZ3HsymJjMBaCU93Y9+4HpDo5V0sAc8sdpHqJGpvbnYM7D
viS3OoxlA8FSICjMCT5JhsK0VMvMb02w2WlPJskqf2t7e0Q6fKqWoqVexQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP9ZahObHCdDAR9G/ZU0dGB7hjrlMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvXzFscUU1c2NKME1CSDBiOWxUUjBZSHVHT3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgoCgAMF
AyoRN4ADBQMqEu9AAwUDKhNjwDANBgkqhkiG9w0BAQsFAAOCAQEAC07L4Y023YMR
JMhnQ7HgfTnDTBCKrzLyrV/gmvIQp7WGdvo3fFBTRLfZ6Kb7Hx2SXnXfhE2Hj0a9
eJZLlEWGohU0N71Txxfn3ZEPsRb5wUHYjJpzhxLhW31C9ahO9EXai6lNdBWT0toS
E2DNl5y+gN4TwrudzJ7NF3UCU4BUh9cQU1yoAV/5XxUIBJ/7GkqHDbno3wga+yCq
aDVLTcvGPjXZmBfAMLoxAbLnIacR1CpB0n9Jv6Vmf9MFeLS5g7Uwf8dPzf9bxPpP
sgUzo+gG0JKQKXKSs0+dCGeX0Qzx76Khfe5DMES1JQuOPsHQszC7onoRnFEmEHoJ
1oeq3kQz1g==
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:01:11 2025 by rpki-client