Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XmdOCyIKakEG1Lzz3gSAkjCTwaY.roa
File: XmdOCyIKakEG1Lzz3gSAkjCTwaY.roa (raw, json)
Hash identifier: ntiCHnsGxOwtXf4Aorjq2HTLHGIyfFA5piBJjZ6TynQ=
Subject key identifier: 5E:67:4E:0B:22:0A:6A:41:06:D4:BC:F3:DE:04:80:92:30:93:C1:A6
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA7B04BA6BA79A6FCA443878AC1DE2
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XmdOCyIKakEG1Lzz3gSAkjCTwaY.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49519
IP address blocks: 2a0c:b642:5000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:7b:04:ba:6b:a7:9a:6f:ca:44:38:78:ac:1d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e674e0b220a6a4106d4bcf3de0480923093c1a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:df:0a:2b:51:43:ff:e7:29:a8:d9:af:f3:6f:
35:48:56:6e:1b:9b:f6:97:ba:bb:1b:b3:d0:e0:33:
73:5b:10:64:3c:fa:10:8c:5e:55:c0:33:c3:ac:06:
91:58:81:9d:1c:02:52:b0:41:c1:ca:47:35:f3:ef:
ca:bb:c1:5d:be:b5:75:60:2b:b5:da:38:d1:00:c1:
17:cf:81:b6:91:f3:92:51:96:1f:39:07:68:76:be:
67:64:a7:04:29:ba:7d:ab:9d:af:cb:c4:89:e4:d8:
00:a1:3e:6a:56:b6:53:f7:3b:b4:7b:2f:17:30:95:
cd:f9:cd:c8:f0:62:4a:0e:5d:a0:79:6f:03:47:66:
5a:b2:32:84:d1:e2:71:90:1c:7b:92:52:b3:95:ff:
26:3a:f0:70:12:6e:4c:9d:73:ba:f2:6b:64:5f:a6:
11:21:1a:f6:6d:77:dc:2b:89:62:86:08:65:8c:55:
99:68:25:30:95:30:2b:48:f7:43:d0:6c:92:5e:20:
eb:bf:ae:2b:02:ab:cc:91:97:6e:14:55:13:65:29:
06:fc:8b:e9:86:06:8b:b1:32:45:25:22:2c:31:2d:
45:53:c5:e8:2e:db:b4:8b:bc:53:fe:f2:2c:df:34:
55:fb:c4:9d:73:25:34:55:f6:b0:f9:3f:5e:9f:7c:
a8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:67:4E:0B:22:0A:6A:41:06:D4:BC:F3:DE:04:80:92:30:93:C1:A6
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/XmdOCyIKakEG1Lzz3gSAkjCTwaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:5000::/36
Signature Algorithm: sha256WithRSAEncryption
91:33:d9:a2:42:ba:b7:81:a2:90:2e:80:69:21:d5:f2:09:7f:
4b:96:16:8d:66:b2:8b:b2:86:98:a1:e6:b4:50:52:af:88:7c:
4e:a4:ae:79:74:e4:ca:62:8c:8d:cf:f5:0f:d9:02:98:00:43:
0a:b0:48:e4:75:d3:c3:7c:5c:5a:9e:9f:f4:b9:5d:9a:dc:ec:
82:dd:20:bd:e8:7d:b3:75:fc:b4:f7:9a:ab:7a:00:f3:ac:69:
86:3b:3f:4f:c3:5f:a0:f9:72:f4:cb:a6:b2:79:d6:95:4d:f4:
62:67:ba:e7:a5:af:46:ee:ad:b4:8c:ab:c8:b7:b2:6c:ee:1e:
99:04:6f:dc:fd:e2:8c:91:e9:d2:ca:60:8d:ff:a2:74:5d:ea:
2b:71:21:bc:a3:78:bf:48:4b:cb:31:50:1d:2d:02:df:70:f5:
09:8d:7e:b2:48:8f:92:42:8e:cb:49:d8:7a:09:9f:50:1b:90:
7c:24:73:77:f4:85:a8:ae:4b:a1:07:3a:e1:42:50:a1:ef:21:
e4:1b:07:41:87:ea:1b:b7:c5:b3:ff:b6:6d:49:78:6b:64:2d:
5a:ac:02:51:c0:76:ea:c3:da:93:73:28:ac:25:18:30:e9:1f:
8a:72:b8:52:7d:19:92:b7:23:7e:2f:45:88:ef:82:4a:47:eb:
55:52:fd:33
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQf+nsEumunmm/KRDh4rB3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY3NGUwYjIyMGE2YTQxMDZkNGJjZjNkZTA0ODA5MjMwOTNjMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm98KK1FD/+cpqNmv8281SFZuG5v2
l7q7G7PQ4DNzWxBkPPoQjF5VwDPDrAaRWIGdHAJSsEHBykc18+/Ku8FdvrV1YCu1
2jjRAMEXz4G2kfOSUZYfOQdodr5nZKcEKbp9q52vy8SJ5NgAoT5qVrZT9zu0ey8X
MJXN+c3I8GJKDl2geW8DR2ZasjKE0eJxkBx7klKzlf8mOvBwEm5MnXO68mtkX6YR
IRr2bXfcK4lihghljFWZaCUwlTArSPdD0GySXiDrv64rAqvMkZduFFUTZSkG/Ivp
hgaLsTJFJSIsMS1FU8XoLtu0i7xT/vIs3zRV+8SdcyU0Vfaw+T9en3yoBQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF5nTgsiCmpBBtS8894EgJIwk8GmMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvWG1kT0N5SUtha0VHMUx6ejNnU0FrakNUd2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgy2QlAw
DQYJKoZIhvcNAQELBQADggEBAJEz2aJCureBopAugGkh1fIJf0uWFo1msouyhpih
5rRQUq+IfE6krnl05MpijI3P9Q/ZApgAQwqwSOR108N8XFqen/S5XZrc7ILdIL3o
fbN1/LT3mqt6APOsaYY7P0/DX6D5cvTLprJ51pVN9GJnuuelr0burbSMq8i3smzu
HpkEb9z94oyR6dLKYI3/onRd6itxIbyjeL9IS8sxUB0tAt9w9QmNfrJIj5JCjstJ
2HoJn1AbkHwkc3f0haiuS6EHOuFCUKHvIeQbB0GH6hu3xbP/tm1JeGtkLVqsAlHA
durD2pNzKKwlGDDpH4pyuFJ9GZK3I34vRYjvgkpH61VS/TM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:56:51 2025 by rpki-client