Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/_SshAR6hOmD6p2TQ_8REUwOUYaE.roa
File: _SshAR6hOmD6p2TQ_8REUwOUYaE.roa (raw, json)
Hash identifier: uV85CMgGRfSLozaQmISq3UQwEeymm/unWTXoRPL13Xk=
Subject key identifier: FD:2B:21:01:1E:A1:3A:60:FA:A7:64:D0:FF:C4:44:53:03:94:61:A1
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422205188979CFF2D94DF9C64F7BD2012
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/_SshAR6hOmD6p2TQ_8REUwOUYaE.roa
Signing time: Wed 01 Jan 2025 13:48:50 +0000
ROA not before: Wed 01 Jan 2025 13:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215386
IP address blocks: 2a0e:8f02:f069::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:51:88:97:9c:ff:2d:94:df:9c:64:f7:bd:20:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd2b21011ea13a60faa764d0ffc44453039461a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d7:37:34:b7:2a:d2:76:82:4e:77:b9:75:c0:
06:5c:24:62:7a:af:7b:58:64:fa:e9:b6:15:50:c1:
26:b1:71:a1:13:5c:8f:1f:64:f3:38:b6:94:43:7f:
3a:1f:d3:2b:53:00:ab:b7:37:42:2d:da:97:fb:26:
e6:a8:c4:29:af:5c:31:f7:90:48:7b:0a:31:6c:64:
fa:23:9e:ac:3e:6a:3a:5d:07:85:e2:ea:62:28:b9:
4a:2f:03:90:d6:b9:cf:e9:b0:75:2c:24:0b:af:dc:
01:c4:05:94:28:80:b1:88:82:bb:98:07:91:a0:a0:
3b:2a:76:f4:8e:b9:9d:14:69:92:5c:55:6e:0d:33:
fe:ad:d4:79:53:c0:cc:af:a5:2a:ec:98:38:27:ed:
33:95:e8:4c:aa:a2:c2:3d:6c:f4:35:e5:82:ae:17:
e2:09:2c:5d:c0:d6:d2:8f:65:62:4a:76:bf:75:a6:
98:b0:3e:bf:fe:45:5e:26:b4:39:ed:c2:75:70:91:
2b:f0:08:5f:dc:e1:c2:9c:70:72:46:50:f3:c1:d7:
7f:7b:52:aa:b7:d0:7a:43:f7:db:3f:63:2c:5d:d7:
0b:27:41:b7:40:5d:0b:7e:a8:13:48:09:fb:06:33:
18:4b:ed:ee:ad:f0:2d:43:28:64:a1:2d:57:d5:b4:
f5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2B:21:01:1E:A1:3A:60:FA:A7:64:D0:FF:C4:44:53:03:94:61:A1
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/_SshAR6hOmD6p2TQ_8REUwOUYaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f069::/48
Signature Algorithm: sha256WithRSAEncryption
9a:29:78:5b:c3:3a:18:12:54:ae:99:2a:b8:54:8d:dd:a7:dc:
0c:0d:bd:1c:16:ef:84:cd:16:76:0f:40:32:65:1c:86:07:92:
77:15:4d:61:b0:fe:2e:17:4b:03:36:36:4e:68:75:47:cd:15:
bd:78:ef:87:6b:87:10:a9:2e:9d:61:76:99:c0:a8:0c:6f:11:
99:0c:14:a9:d9:9b:e5:cd:42:42:c3:70:d8:b1:90:aa:13:db:
b4:39:1f:61:f6:1e:4e:ce:2f:91:e9:a6:16:5f:aa:c4:2b:35:
12:3c:96:25:73:2e:b0:3b:87:30:c4:b2:61:8c:ab:24:b3:93:
1c:42:32:b5:c6:3a:c8:cb:87:ca:a0:35:32:0e:2b:44:98:0d:
22:b8:ad:bd:9b:e1:56:17:7b:b8:dd:48:68:c2:3c:41:3e:56:
5f:b1:a1:09:be:18:75:50:36:02:f5:76:be:e2:dc:ec:18:40:
c1:66:c8:1c:9a:d6:1a:00:e8:98:0f:ad:a7:a4:a6:b2:05:cb:
7e:eb:b2:3b:9b:75:68:8d:59:8b:99:e6:e0:6b:99:22:26:60:
ca:65:b8:d7:ff:d7:f2:f3:a0:57:52:8c:64:fa:64:0c:01:fc:
44:36:c7:3e:12:43:a2:cd:5c:38:b6:a7:1c:61:8c:40:9d:f0:
89:8f:48:73
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIFGIl5z/LZTfnGT3vSASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJiMjEwMTFlYTEzYTYwZmFhNzY0ZDBmZmM0NDQ1MzAzOTQ2MWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNc3NLcq0naCTne5dcAGXCRieq97
WGT66bYVUMEmsXGhE1yPH2TzOLaUQ386H9MrUwCrtzdCLdqX+ybmqMQpr1wx95BI
ewoxbGT6I56sPmo6XQeF4upiKLlKLwOQ1rnP6bB1LCQLr9wBxAWUKICxiIK7mAeR
oKA7Knb0jrmdFGmSXFVuDTP+rdR5U8DMr6Uq7Jg4J+0zlehMqqLCPWz0NeWCrhfi
CSxdwNbSj2ViSna/daaYsD6//kVeJrQ57cJ1cJEr8Ahf3OHCnHByRlDzwdd/e1Kq
t9B6Q/fbP2MsXdcLJ0G3QF0LfqgTSAn7BjMYS+3urfAtQyhkoS1X1bT15wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFP0rIQEeoTpg+qdk0P/ERFMDlGGhMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvX1NzaEFSNmhPbUQ2cDJUUV84UkVVd09VWWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBp
MA0GCSqGSIb3DQEBCwUAA4IBAQCaKXhbwzoYElSumSq4VI3dp9wMDb0cFu+EzRZ2
D0AyZRyGB5J3FU1hsP4uF0sDNjZOaHVHzRW9eO+Ha4cQqS6dYXaZwKgMbxGZDBSp
2ZvlzUJCw3DYsZCqE9u0OR9h9h5Ozi+R6aYWX6rEKzUSPJYlcy6wO4cwxLJhjKsk
s5McQjK1xjrIy4fKoDUyDitEmA0iuK29m+FWF3u43UhowjxBPlZfsaEJvhh1UDYC
9Xa+4tzsGEDBZsgcmtYaAOiYD62npKayBct+67I7m3VojVmLmebga5kiJmDKZbjX
/9fy86BXUoxk+mQMAfxENsc+EkOizVw4tqccYYxAnfCJj0hz
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:21:57 2025 by rpki-client