Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/NLlH7wyRLHhpVMf9Y4kq3C6oqfA.roa
File: NLlH7wyRLHhpVMf9Y4kq3C6oqfA.roa (raw, json)
Hash identifier: i2LyLVhCeB7IornwTg1jN9QGO0Pp0VfCBKeDwPI6tUs=
Subject key identifier: 34:B9:47:EF:0C:91:2C:78:69:54:C7:FD:63:89:2A:DC:2E:A8:A9:F0
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222039D412F85A08F7E2E997123CF3F2
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/NLlH7wyRLHhpVMf9Y4kq3C6oqfA.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211480
IP address blocks: 2a0e:8f02:f026::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 22:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:39:d4:12:f8:5a:08:f7:e2:e9:97:12:3c:f3:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34b947ef0c912c786954c7fd63892adc2ea8a9f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:53:59:2c:f0:14:49:99:b4:2f:af:53:a7:ec:
4d:1d:ae:a3:c7:04:60:ba:00:b8:b9:34:0a:8a:ab:
8f:a4:be:77:b6:3b:50:ea:13:ee:4a:65:18:54:5e:
34:9b:28:c9:ca:78:3c:22:ec:df:bb:6e:08:3a:2f:
be:05:12:37:da:c2:91:9a:9e:5a:c4:b4:56:97:73:
f2:6a:1f:e0:4a:d9:89:8f:c3:49:18:50:c1:b3:5a:
ff:9f:18:3f:b3:ad:93:47:1b:84:94:c9:04:d4:42:
08:43:22:77:d7:2a:b3:c7:77:c2:46:8d:c5:82:d6:
b2:98:26:4d:b5:e9:26:22:c7:1a:da:48:33:51:1b:
ac:66:f1:8d:0e:79:70:d6:51:12:8a:c9:d6:66:11:
4b:ac:95:83:9c:92:29:ae:9c:79:5d:5a:71:5d:89:
77:36:b6:92:be:30:16:8d:c8:9f:95:45:fe:35:5a:
40:f0:1d:1e:a3:59:77:0a:c0:41:66:c6:34:0b:ae:
9a:13:33:52:f6:4a:e7:3e:6f:cf:5c:b2:63:82:13:
70:93:ce:6c:b8:77:72:89:5b:76:95:ac:ec:90:49:
d4:fc:37:d9:b8:45:b7:3e:71:cb:4a:8d:51:02:d9:
98:a7:a6:32:f8:1f:cc:2a:cb:1a:f2:16:d4:9c:fb:
87:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B9:47:EF:0C:91:2C:78:69:54:C7:FD:63:89:2A:DC:2E:A8:A9:F0
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/NLlH7wyRLHhpVMf9Y4kq3C6oqfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f026::/48
Signature Algorithm: sha256WithRSAEncryption
4f:9a:60:74:66:c9:9c:b8:b3:94:3a:92:ae:cd:79:00:84:c5:
23:2e:17:b0:c0:a0:4f:41:f9:a5:6c:5e:86:a0:32:ff:64:f9:
b5:c6:1d:d5:6d:2c:cd:72:b2:c4:4a:d3:48:c6:d3:08:09:32:
f1:ab:f5:a2:54:d6:6c:e0:ff:b0:03:17:44:9d:f9:4c:bc:e7:
51:c0:83:25:b6:ba:80:7a:4c:e9:31:7b:9f:89:a5:22:b3:4a:
db:69:6f:94:c0:ff:de:47:23:fe:3f:f0:66:93:13:d6:2f:e0:
40:ac:ac:f7:f6:63:56:f5:78:5d:87:d4:00:e7:dc:39:c1:02:
73:3f:77:80:55:c5:09:06:a8:cb:ab:79:43:c1:a7:b3:f9:cf:
56:b5:4e:12:a1:f7:7d:b6:ef:10:ab:ae:06:aa:32:46:ce:c5:
8e:1c:e0:3a:5a:1c:8f:26:77:e6:39:dd:b7:e7:f4:1a:14:e2:
63:32:50:63:a7:88:b4:1c:07:c3:ab:05:3a:1a:6f:cc:b1:18:
68:05:94:35:26:0b:61:80:8e:1e:21:f7:77:98:15:d4:3e:c1:
28:e3:a5:df:d3:a9:32:82:36:cd:6a:fb:0e:95:29:2e:d4:ef:
78:a3:cb:36:65:33:60:1d:f0:47:dd:7c:53:d5:61:eb:4d:90:
97:6d:47:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDnUEvhaCPfi6ZcSPPPyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI5NDdlZjBjOTEyYzc4Njk1NGM3ZmQ2Mzg5MmFkYzJlYThhOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVNZLPAUSZm0L69Tp+xNHa6jxwRg
ugC4uTQKiquPpL53tjtQ6hPuSmUYVF40myjJyng8Iuzfu24IOi++BRI32sKRmp5a
xLRWl3Pyah/gStmJj8NJGFDBs1r/nxg/s62TRxuElMkE1EIIQyJ31yqzx3fCRo3F
gtaymCZNtekmIsca2kgzURusZvGNDnlw1lESisnWZhFLrJWDnJIprpx5XVpxXYl3
NraSvjAWjciflUX+NVpA8B0eo1l3CsBBZsY0C66aEzNS9krnPm/PXLJjghNwk85s
uHdyiVt2lazskEnU/DfZuEW3PnHLSo1RAtmYp6Yy+B/MKssa8hbUnPuHpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDS5R+8MkSx4aVTH/WOJKtwuqKnwMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvTkxsSDd3eVJMSGhwVk1mOVk0a3EzQzZvcWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAm
MA0GCSqGSIb3DQEBCwUAA4IBAQBPmmB0ZsmcuLOUOpKuzXkAhMUjLhewwKBPQfml
bF6GoDL/ZPm1xh3VbSzNcrLEStNIxtMICTLxq/WiVNZs4P+wAxdEnflMvOdRwIMl
trqAekzpMXufiaUis0rbaW+UwP/eRyP+P/BmkxPWL+BArKz39mNW9Xhdh9QA59w5
wQJzP3eAVcUJBqjLq3lDwaez+c9WtU4Sofd9tu8Qq64GqjJGzsWOHOA6WhyPJnfm
Od235/QaFOJjMlBjp4i0HAfDqwU6Gm/MsRhoBZQ1JgthgI4eIfd3mBXUPsEo46Xf
06kygjbNavsOlSku1O94o8s2ZTNgHfBH3XxT1WHrTZCXbUfL
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:01:37 2025 by rpki-client