Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3K8TaORTXLdOKTiNnwIAxxOzfm8.roa
File: 3K8TaORTXLdOKTiNnwIAxxOzfm8.roa (raw, json)
Hash identifier: GnN6PaaOzFyhWb+KJY5RfRSMeWni3l8gslEoTC/PDH4=
Subject key identifier: DC:AF:13:68:E4:53:5C:B7:4E:29:38:8D:9F:02:00:C7:13:B3:7E:6F
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0195C8E2CFDB3B15B7325CE86980F6BCFBEA
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3K8TaORTXLdOKTiNnwIAxxOzfm8.roa
Signing time: Mon 24 Mar 2025 16:01:02 +0000
ROA not before: Mon 24 Mar 2025 16:01:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211270
IP address blocks: 2a0c:b641:340::/44 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:e2:cf:db:3b:15:b7:32:5c:e8:69:80:f6:bc:fb:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Mar 24 16:01:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcaf1368e4535cb74e29388d9f0200c713b37e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9e:95:87:65:ce:65:40:3e:7a:c5:64:89:57:
2e:da:41:5b:f8:67:1d:50:68:93:74:6d:cf:79:4c:
25:4c:db:c9:7f:bb:d1:b2:27:af:13:fa:a4:ed:fa:
47:5f:96:14:69:98:88:49:c5:b9:42:27:e2:0d:d5:
77:85:c8:8e:23:cf:64:53:a4:98:6f:58:40:3b:42:
3a:76:d7:de:07:ba:c6:93:5b:5b:fb:18:04:48:ed:
1c:b2:49:58:29:a5:ba:05:1d:df:04:19:15:62:c3:
0c:14:2b:82:1e:e1:ac:c6:04:29:04:4c:e9:a3:96:
e8:06:70:c8:68:a9:41:a0:48:ad:4b:41:8a:22:5a:
de:db:1d:25:df:89:fb:69:ee:5e:ee:88:33:d6:10:
fd:b6:cc:4a:a8:10:54:fd:ac:22:f1:9c:d7:8c:c8:
47:2c:38:ec:0b:30:6a:a2:5a:d0:23:6b:d1:5b:43:
ea:44:d7:38:86:c9:57:f3:2d:d5:e0:28:ff:db:2e:
b9:01:83:a5:4c:5b:54:fd:0d:b2:64:a3:71:7a:e5:
24:56:87:5f:e8:d4:db:38:74:fa:4c:1c:f2:fe:91:
cb:a1:bd:d8:3c:df:41:3e:15:06:47:7b:c0:68:71:
6e:3e:96:1c:73:29:eb:de:58:34:19:b6:1a:df:12:
6a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AF:13:68:E4:53:5C:B7:4E:29:38:8D:9F:02:00:C7:13:B3:7E:6F
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3K8TaORTXLdOKTiNnwIAxxOzfm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:340::/44
Signature Algorithm: sha256WithRSAEncryption
19:5b:43:91:71:00:05:2c:d6:89:04:d6:10:69:10:6c:e4:a2:
0f:7f:46:be:7f:46:2a:87:11:dc:bc:cf:d4:b1:50:40:5f:e9:
11:c0:f5:88:96:df:d5:53:2d:1b:f9:c9:ea:5b:c9:31:3e:ae:
df:47:e3:03:4f:7b:3f:e2:32:42:90:ec:b1:a6:1d:8f:af:8c:
f4:c2:a6:18:a6:88:88:9d:03:84:13:42:3d:f3:2f:fa:c0:44:
35:f0:64:1a:12:7b:fd:68:4a:bc:17:1f:28:de:50:fa:c2:d7:
d3:d9:90:22:da:68:49:f6:ca:de:88:1d:d4:73:78:3d:37:62:
38:8c:d3:50:c3:71:5e:c8:8c:cf:10:5c:f7:ae:68:3c:bf:da:
a8:e5:ce:6b:f4:1e:7f:b8:0e:8e:32:6d:e8:3b:03:d7:2e:e5:
c8:f9:c4:c3:93:4a:32:19:b5:07:34:eb:79:f8:2d:45:1b:f4:
5f:ea:72:22:f8:4b:f5:4c:39:70:20:12:47:0c:13:d4:77:46:
88:db:31:49:b1:70:8c:0b:fd:a4:9d:51:1d:0e:14:6e:6c:df:
6c:2d:a0:4e:62:1d:0c:97:c7:78:2c:c3:ab:ff:4f:61:a6:77:
81:4c:05:76:85:cd:40:b5:cc:37:c3:d1:20:5f:6a:5c:d7:25:
b9:24:7e:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZXI4s/bOxW3MlzoaYD2vPvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMzI0MTYwMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FmMTM2OGU0NTM1Y2I3NGUyOTM4OGQ5ZjAyMDBjNzEzYjM3ZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ6Vh2XOZUA+esVkiVcu2kFb+Gcd
UGiTdG3PeUwlTNvJf7vRsievE/qk7fpHX5YUaZiIScW5QifiDdV3hciOI89kU6SY
b1hAO0I6dtfeB7rGk1tb+xgESO0csklYKaW6BR3fBBkVYsMMFCuCHuGsxgQpBEzp
o5boBnDIaKlBoEitS0GKIlre2x0l34n7ae5e7ogz1hD9tsxKqBBU/awi8ZzXjMhH
LDjsCzBqolrQI2vRW0PqRNc4hslX8y3V4Cj/2y65AYOlTFtU/Q2yZKNxeuUkVodf
6NTbOHT6TBzy/pHLob3YPN9BPhUGR3vAaHFuPpYccynr3lg0GbYa3xJqYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNyvE2jkU1y3Tik4jZ8CAMcTs35vMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvM0s4VGFPUlRYTGRPS1RpTm53SUF4eE96Zm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQNA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZW0ORcQAFLNaJBNYQaRBs5KIPf0a+f0YqhxHc
vM/UsVBAX+kRwPWIlt/VUy0b+cnqW8kxPq7fR+MDT3s/4jJCkOyxph2Pr4z0wqYY
poiInQOEE0I98y/6wEQ18GQaEnv9aEq8Fx8o3lD6wtfT2ZAi2mhJ9sreiB3Uc3g9
N2I4jNNQw3FeyIzPEFz3rmg8v9qo5c5r9B5/uA6OMm3oOwPXLuXI+cTDk0oyGbUH
NOt5+C1FG/Rf6nIi+Ev1TDlwIBJHDBPUd0aI2zFJsXCMC/2knVEdDhRubN9sLaBO
Yh0Ml8d4LMOr/09hpneBTAV2hc1Atcw3w9EgX2pc1yW5JH7E
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:43:57 2025 by rpki-client