Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/4EjGUKcT2yFs6G9pHdYogWB1RUs.roa
File: 4EjGUKcT2yFs6G9pHdYogWB1RUs.roa (raw, json)
Hash identifier: waH4/VQ5w2natpsZlO1/cBueUlc6j3yTaQMXzFaaLGU=
Subject key identifier: E0:48:C6:50:A7:13:DB:21:6C:E8:6F:69:1D:D6:28:81:60:75:45:4B
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222048C3C95B0DFE477BD98AA17C95D7
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/4EjGUKcT2yFs6G9pHdYogWB1RUs.roa
Signing time: Wed 01 Jan 2025 13:48:48 +0000
ROA not before: Wed 01 Jan 2025 13:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213018
IP address blocks: 2a0e:8f00:dfc0::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 13:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:48:c3:c9:5b:0d:fe:47:7b:d9:8a:a1:7c:95:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e048c650a713db216ce86f691dd628816075454b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e8:13:08:97:23:cb:af:0e:29:8e:c6:37:ce:
0b:93:da:ca:45:e6:23:44:ae:a7:f5:5d:d2:36:10:
be:52:fd:fb:b8:63:35:3c:39:27:f1:5b:93:55:79:
e5:9e:a1:6b:a8:ca:b5:e8:24:b2:18:39:71:15:d6:
fe:7e:c6:2a:e1:f0:59:f2:79:91:3d:eb:df:76:cb:
e9:97:d0:e8:fb:b1:ea:ca:f4:63:3d:05:ed:ee:4c:
c7:a4:21:d5:d2:06:55:8a:48:24:53:c0:96:e5:b1:
c8:10:d2:1c:0f:67:6d:c8:73:8f:28:e0:ad:17:6c:
09:06:7c:71:37:ce:58:d8:11:a3:24:2f:1b:4b:8f:
bb:49:3e:cf:49:61:58:93:b9:2c:5c:02:7c:6d:2e:
45:1d:8d:75:6d:48:61:45:68:62:46:16:0e:77:14:
c7:84:26:49:42:58:53:cb:51:88:34:b2:09:b2:f6:
3c:1d:16:73:02:55:03:8f:ed:3d:56:20:6f:46:5d:
88:3d:e8:a7:1b:aa:10:45:29:e6:93:f5:3c:cd:0d:
cc:30:62:fb:43:5c:24:c0:d5:a0:f0:24:d5:0a:81:
a8:a5:24:31:c6:42:40:63:f4:65:1b:f4:56:65:d9:
08:2d:49:5a:8d:72:77:ac:d9:6d:f3:5a:1c:7e:86:
20:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:48:C6:50:A7:13:DB:21:6C:E8:6F:69:1D:D6:28:81:60:75:45:4B
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/4EjGUKcT2yFs6G9pHdYogWB1RUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f00:dfc0::/42
Signature Algorithm: sha256WithRSAEncryption
6f:ae:69:5d:07:cd:19:d3:dc:d0:5e:c2:f8:62:df:7c:77:31:
b5:91:97:57:e6:04:46:44:e6:3f:09:41:bd:be:47:3c:13:41:
53:e8:a1:a7:a5:e8:b8:5d:13:0e:c7:40:08:a3:51:03:ce:9a:
38:6b:f9:15:57:8c:b1:f1:ff:77:b2:32:79:05:a2:af:2d:e2:
14:86:24:23:ef:dd:3e:52:e1:ec:7e:0f:af:f7:ad:75:f4:89:
e4:77:36:3d:fb:29:db:18:f4:1b:52:57:66:f1:b4:9e:42:42:
71:29:bd:6c:10:49:a3:50:5a:3e:bc:63:b2:52:ee:3d:d5:71:
3e:a7:c3:81:07:37:91:e3:5d:43:38:11:e8:e1:5d:bc:24:71:
53:36:c2:09:da:83:f3:91:c7:00:71:61:49:2a:6f:78:b2:11:
70:c3:58:b5:54:2e:48:62:51:ed:47:dd:01:87:03:1c:c5:2a:
52:d7:b5:8b:c6:36:be:e0:47:01:16:10:53:67:f9:b8:b3:aa:
9c:38:f0:de:b4:37:ed:db:0d:ea:0a:0c:b6:3d:7d:89:f0:9e:
0b:a0:76:59:56:9d:d3:ab:3b:1a:50:93:79:60:b2:41:7f:7a:
f1:86:77:25:db:85:02:08:d9:21:3b:fb:43:8d:2b:b7:9d:83:
b9:7d:03:1b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIEjDyVsN/kd72YqhfJXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDQ4YzY1MGE3MTNkYjIxNmNlODZmNjkxZGQ2Mjg4MTYwNzU0NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOgTCJcjy68OKY7GN84Lk9rKReYj
RK6n9V3SNhC+Uv37uGM1PDkn8VuTVXnlnqFrqMq16CSyGDlxFdb+fsYq4fBZ8nmR
Pevfdsvpl9Do+7HqyvRjPQXt7kzHpCHV0gZVikgkU8CW5bHIENIcD2dtyHOPKOCt
F2wJBnxxN85Y2BGjJC8bS4+7ST7PSWFYk7ksXAJ8bS5FHY11bUhhRWhiRhYOdxTH
hCZJQlhTy1GINLIJsvY8HRZzAlUDj+09ViBvRl2IPeinG6oQRSnmk/U8zQ3MMGL7
Q1wkwNWg8CTVCoGopSQxxkJAY/RlG/RWZdkILUlajXJ3rNlt81ocfoYgsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOBIxlCnE9shbOhvaR3WKIFgdUVLMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvNEVqR1VLY1QyeUZzNkc5cEhkWW9nV0IxUlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKg6PAN/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBvrmldB80Z09zQXsL4Yt98dzG1kZdX5gRGROY/
CUG9vkc8E0FT6KGnpei4XRMOx0AIo1EDzpo4a/kVV4yx8f93sjJ5BaKvLeIUhiQj
790+UuHsfg+v96119InkdzY9+ynbGPQbUldm8bSeQkJxKb1sEEmjUFo+vGOyUu49
1XE+p8OBBzeR411DOBHo4V28JHFTNsIJ2oPzkccAcWFJKm94shFww1i1VC5IYlHt
R90BhwMcxSpS17WLxja+4EcBFhBTZ/m4s6qcOPDetDft2w3qCgy2PX2J8J4LoHZZ
Vp3TqzsaUJN5YLJBf3rxhncl24UCCNkhO/tDjSu3nYO5fQMb
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:01:15 2025 by rpki-client