Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/7S7ARH6OeOMmEIzUWrymG1HMgUg.roa
File: 7S7ARH6OeOMmEIzUWrymG1HMgUg.roa (raw, json)
Hash identifier: 4by5oqUTQ7giLqJYKeU0H0kpc5OHsvVhuQQi+oZ4Ey4=
Subject key identifier: ED:2E:C0:44:7E:8E:78:E3:26:10:8C:D4:5A:BC:A6:1B:51:CC:81:48
Certificate issuer: /CN=c089423af1be03027196d1f81df22992978cda6e
Certificate serial: 0194274870085BBEA4A26F5F633A96C1A9CF
Authority key identifier: C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/7S7ARH6OeOMmEIzUWrymG1HMgUg.roa
Signing time: Thu 02 Jan 2025 13:50:46 +0000
ROA not before: Thu 02 Jan 2025 13:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 328543
IP address blocks: 2a0c:640::/29 maxlen: 29
2a0c:9380::/29 maxlen: 29
2a0c:f480::/29 maxlen: 29
2a0d:2480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:70:08:5b:be:a4:a2:6f:5f:63:3a:96:c1:a9:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c089423af1be03027196d1f81df22992978cda6e
Validity
Not Before: Jan 2 13:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed2ec0447e8e78e326108cd45abca61b51cc8148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:71:5d:cd:78:7e:a6:b9:c9:ab:44:41:fe:f7:
f7:2b:8e:ad:d5:95:3b:9e:ba:7d:e2:c1:ab:62:da:
85:cf:5c:68:a1:7e:2f:a8:15:fe:51:ba:1e:a5:4e:
4c:91:27:7c:07:07:9c:5c:7a:19:cd:29:45:16:28:
93:39:1c:88:a2:07:39:f6:78:5d:8a:e4:6d:e8:ae:
f0:bd:4d:e9:5b:52:45:d3:3c:29:1b:ab:2e:42:00:
56:83:19:3b:8f:36:f4:ec:1b:3e:8b:d4:e3:e5:fd:
ec:2e:d0:73:5c:3b:df:3a:ab:8f:8a:94:dd:a4:04:
72:9b:39:16:09:69:d7:4d:00:d3:45:a6:56:5c:17:
25:8f:60:35:a3:cb:2c:4d:c0:b9:a9:7d:e8:f8:78:
56:27:13:a9:5b:88:91:7c:83:8f:21:7f:6b:89:4d:
d7:89:fa:3a:07:5d:04:f2:08:d7:e0:44:b8:70:82:
f8:e4:a1:40:10:50:e5:6d:5d:a0:88:ff:98:95:2d:
d7:b4:e2:ac:3d:fb:20:ff:29:d9:eb:55:b7:2f:a2:
8d:c6:70:a7:68:4d:68:fc:d0:30:17:19:c4:94:f7:
e3:34:96:72:a3:b2:73:a8:c9:8e:4d:32:37:30:ec:
5e:ff:8d:76:31:75:28:02:63:f7:0a:7c:81:fd:bc:
83:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:2E:C0:44:7E:8E:78:E3:26:10:8C:D4:5A:BC:A6:1B:51:CC:81:48
X509v3 Authority Key Identifier:
keyid:C0:89:42:3A:F1:BE:03:02:71:96:D1:F8:1D:F2:29:92:97:8C:DA:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIlCOvG-AwJxltH4HfIpkpeM2m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/7S7ARH6OeOMmEIzUWrymG1HMgUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc2912-c7b0-4df4-9aa8-65332b47f5eb/1/wIlCOvG-AwJxltH4HfIpkpeM2m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:640::/29
2a0c:9380::/29
2a0c:f480::/29
2a0d:2480::/29
Signature Algorithm: sha256WithRSAEncryption
18:91:af:b6:1f:45:88:b9:9e:8d:f6:d1:3e:82:91:40:87:83:
e1:14:67:da:14:00:fc:8a:79:26:19:5e:b0:8f:22:05:e7:74:
5d:a9:03:d8:30:56:55:41:4f:3c:61:fa:e4:0d:da:e1:16:0d:
70:c3:f0:da:6d:0c:f6:33:e1:27:ed:1c:21:cb:85:fa:19:39:
7d:cf:ff:71:63:d5:b3:ae:82:52:32:f0:bc:44:30:5d:ab:bd:
4b:6b:bb:71:38:7c:e8:3a:57:0d:0d:5d:2f:42:68:58:b6:ca:
c3:38:88:d8:83:6c:c6:75:22:1c:39:2b:0d:18:a8:d2:48:7b:
21:53:39:69:12:d6:0e:7d:2f:a8:55:45:c8:32:e3:4f:e8:41:
1b:e9:73:16:ad:f2:aa:0c:c8:59:36:75:7c:ce:f6:28:1f:1b:
d3:70:c6:e6:14:bc:5b:60:38:4b:99:fc:c0:83:05:f6:f3:c8:
67:75:9e:06:b6:1a:d9:a2:cc:26:4b:bf:7a:7a:85:5c:b5:19:
b5:ee:bf:57:9d:e5:b4:64:8b:e4:f9:37:d8:b1:ef:03:15:98:
74:a9:45:87:e4:76:39:aa:33:7e:79:96:5a:cb:f7:56:c8:7c:
00:07:58:8a:4b:13:d6:3e:8c:e9:05:63:e4:a9:64:a7:e5:df:
ac:63:ec:b6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQnSHAIW76kom9fYzqWwanPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODk0MjNhZjFiZTAzMDI3MTk2ZDFmODFkZjIyOTkyOTc4
Y2RhNmUwHhcNMjUwMTAyMTM1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDJlYzA0NDdlOGU3OGUzMjYxMDhjZDQ1YWJjYTYxYjUxY2M4MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHFdzXh+prnJq0RB/vf3K46t1ZU7
nrp94sGrYtqFz1xooX4vqBX+UboepU5MkSd8BwecXHoZzSlFFiiTORyIogc59nhd
iuRt6K7wvU3pW1JF0zwpG6suQgBWgxk7jzb07Bs+i9Tj5f3sLtBzXDvfOquPipTd
pARymzkWCWnXTQDTRaZWXBclj2A1o8ssTcC5qX3o+HhWJxOpW4iRfIOPIX9riU3X
ifo6B10E8gjX4ES4cIL45KFAEFDlbV2giP+YlS3XtOKsPfsg/ynZ61W3L6KNxnCn
aE1o/NAwFxnElPfjNJZyo7JzqMmOTTI3MOxe/412MXUoAmP3CnyB/byDDQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFO0uwER+jnjjJhCM1Fq8phtRzIFIMB8GA1UdIwQY
MBaAFMCJQjrxvgMCcZbR+B3yKZKXjNpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgt
NjUzMzJiNDdmNWViLzEvN1M3QVJINk9lT01tRUl6VVdyeW1HMUhNZ1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzI5MTItYzdiMC00ZGY0LTlhYTgtNjUzMzJiNDdmNWVi
LzEvd0lsQ092Ry1Bd0p4bHRINEhmSXBrcGVNMm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgwGQAMF
AyoMk4ADBQMqDPSAAwUDKg0kgDANBgkqhkiG9w0BAQsFAAOCAQEAGJGvth9FiLme
jfbRPoKRQIeD4RRn2hQA/Ip5JhlesI8iBed0XakD2DBWVUFPPGH65A3a4RYNcMPw
2m0M9jPhJ+0cIcuF+hk5fc//cWPVs66CUjLwvEQwXau9S2u7cTh86DpXDQ1dL0Jo
WLbKwziI2INsxnUiHDkrDRio0kh7IVM5aRLWDn0vqFVFyDLjT+hBG+lzFq3yqgzI
WTZ1fM72KB8b03DG5hS8W2A4S5n8wIMF9vPIZ3WeBrYa2aLMJku/enqFXLUZte6/
V53ltGSL5Pk32LHvAxWYdKlFh+R2OaozfnmWWsv3Vsh8AAdYiksT1j6M6QVj5Klk
p+XfrGPstg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:06 2025 by rpki-client