Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0POl11MqwNs1bjYJkDt_5M8yTSA.roa
File: 0POl11MqwNs1bjYJkDt_5M8yTSA.roa (raw, json)
Hash identifier: DjVMqzkcwAbmD0m0IHkK+rPDh/Ms6g2EQ17udQoOyMI=
Subject key identifier: D0:F3:A5:D7:53:2A:C0:DB:35:6E:36:09:90:3B:7F:E4:CF:32:4D:20
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422204AC6D803DD9AF7829CE59E0CF7FE
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0POl11MqwNs1bjYJkDt_5M8yTSA.roa
Signing time: Wed 01 Jan 2025 13:48:49 +0000
ROA not before: Wed 01 Jan 2025 13:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213244
IP address blocks: 2a0e:8f02:f031::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:4a:c6:d8:03:dd:9a:f7:82:9c:e5:9e:0c:f7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0f3a5d7532ac0db356e3609903b7fe4cf324d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f9:e6:0e:77:4d:7d:66:8c:85:c3:58:60:e7:
e5:fb:14:59:38:1a:be:42:a6:79:bc:bc:39:02:05:
46:91:d7:e7:68:5b:4f:9c:79:65:4e:b3:57:74:2b:
d5:b5:10:f5:be:19:6a:e6:97:64:f6:0d:44:d4:7b:
8a:79:2d:f2:23:eb:23:11:e9:55:c2:31:ff:ca:32:
5c:7a:65:8d:5a:8e:96:af:0b:18:11:4c:af:d2:35:
e7:e5:cb:e6:eb:22:68:d7:c0:92:b4:26:81:d7:f5:
56:40:9a:e4:8c:4a:72:a7:db:ca:c3:9f:b8:92:c8:
7d:ce:c3:42:14:34:7a:96:69:36:8c:29:3c:6a:c2:
52:87:38:f3:9d:f0:32:13:70:c1:47:85:aa:c1:90:
4f:2e:6a:f4:40:ce:90:41:c1:3c:3b:20:b5:a2:5c:
ac:7b:1d:2f:f4:02:6c:b3:26:c8:32:c6:53:5c:96:
1e:54:a2:ed:b3:ac:fe:7d:a4:04:b5:58:fb:fe:f6:
65:ed:f2:7b:cc:ac:1a:3e:ac:0e:71:ea:cc:97:0c:
35:6e:10:92:39:4a:a3:4c:1e:09:0f:ce:a8:62:bc:
1a:f3:26:40:ae:f1:89:5e:8d:5c:ef:2c:d3:04:7f:
23:4a:c6:0a:e0:36:b7:f8:3c:fb:4b:ff:d6:b2:0e:
8e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F3:A5:D7:53:2A:C0:DB:35:6E:36:09:90:3B:7F:E4:CF:32:4D:20
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0POl11MqwNs1bjYJkDt_5M8yTSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f031::/48
Signature Algorithm: sha256WithRSAEncryption
0d:9f:97:ba:97:23:6e:54:73:e7:21:0e:d7:ac:9d:0d:12:04:
7b:d9:6c:2c:e3:77:cc:d2:cd:fd:74:f6:ee:5d:d0:33:ee:e7:
a7:63:64:f1:ff:bc:d1:4d:ab:1e:9b:29:eb:9d:fa:3f:da:c3:
0e:b2:40:07:1a:d0:c8:f9:78:d9:8a:5c:cd:92:cc:1f:87:0a:
f1:56:76:41:ba:d0:aa:04:92:af:f6:ac:f1:2d:18:ae:d4:a0:
33:51:77:ee:dc:a0:ea:49:d1:1e:8b:bb:04:71:f6:d7:f7:3b:
73:c4:09:22:a2:ee:c5:ac:de:4a:d9:ec:7b:b5:2b:94:2d:0c:
4f:fd:7b:74:ff:2b:bb:45:a8:19:6e:cd:59:8b:43:b5:57:ff:
55:d5:1e:7f:01:7a:35:e5:c0:01:fb:df:ea:77:0d:9a:c2:87:
74:51:c6:ab:5d:7a:77:43:05:2e:23:33:fa:ee:ce:fa:4b:be:
63:34:db:9d:65:e2:c9:8f:ee:5a:ce:d6:1e:13:07:d8:39:6e:
71:c1:85:3d:dc:64:0d:23:f2:67:57:b1:32:cf:22:61:37:29:
52:8b:5e:9d:59:e1:85:46:0b:ce:b7:45:dc:0a:32:a4:55:22:
7f:9d:27:72:73:98:c6:69:03:df:48:83:4a:69:f7:91:17:10:
9f:5a:9f:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIErG2APdmveCnOWeDPf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYzYTVkNzUzMmFjMGRiMzU2ZTM2MDk5MDNiN2ZlNGNmMzI0ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/nmDndNfWaMhcNYYOfl+xRZOBq+
QqZ5vLw5AgVGkdfnaFtPnHllTrNXdCvVtRD1vhlq5pdk9g1E1HuKeS3yI+sjEelV
wjH/yjJcemWNWo6WrwsYEUyv0jXn5cvm6yJo18CStCaB1/VWQJrkjEpyp9vKw5+4
ksh9zsNCFDR6lmk2jCk8asJShzjznfAyE3DBR4WqwZBPLmr0QM6QQcE8OyC1olys
ex0v9AJssybIMsZTXJYeVKLts6z+faQEtVj7/vZl7fJ7zKwaPqwOcerMlww1bhCS
OUqjTB4JD86oYrwa8yZArvGJXo1c7yzTBH8jSsYK4Da3+Dz7S//Wsg6OJwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNDzpddTKsDbNW42CZA7f+TPMk0gMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMFBPbDExTXF3TnMxYmpZSmtEdF81TTh5VFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAx
MA0GCSqGSIb3DQEBCwUAA4IBAQANn5e6lyNuVHPnIQ7XrJ0NEgR72Wws43fM0s39
dPbuXdAz7uenY2Tx/7zRTasemynrnfo/2sMOskAHGtDI+XjZilzNkswfhwrxVnZB
utCqBJKv9qzxLRiu1KAzUXfu3KDqSdEei7sEcfbX9ztzxAkiou7FrN5K2ex7tSuU
LQxP/Xt0/yu7RagZbs1Zi0O1V/9V1R5/AXo15cAB+9/qdw2awod0UcarXXp3QwUu
IzP67s76S75jNNudZeLJj+5aztYeEwfYOW5xwYU93GQNI/JnV7EyzyJhNylSi16d
WeGFRgvOt0XcCjKkVSJ/nSdyc5jGaQPfSINKafeRFxCfWp/W
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:45:06 2025 by rpki-client