Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/u7NJorLQLlQ64Dtf2Q4vsNlQL8s.roa
File: u7NJorLQLlQ64Dtf2Q4vsNlQL8s.roa (raw, json)
Hash identifier: uuOGSGz0z9NmBb5QhJcSvcz7Eb6+Zl1KT8WB0Q9Vzxo=
Subject key identifier: BB:B3:49:A2:B2:D0:2E:54:3A:E0:3B:5F:D9:0E:2F:B0:D9:50:2F:CB
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA79A71A38083EC8FCF7391BE7F8AE
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/u7NJorLQLlQ64Dtf2Q4vsNlQL8s.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47757
IP address blocks: 2a0c:b641:aa0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:79:a7:1a:38:08:3e:c8:fc:f7:39:1b:e7:f8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbb349a2b2d02e543ae03b5fd90e2fb0d9502fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:38:80:a9:29:55:fe:3c:28:0f:84:03:16:21:
00:bb:c1:3e:5a:c3:f1:d9:2a:6d:56:b9:89:85:e1:
c9:12:27:f5:a2:49:55:9f:04:01:b7:2a:85:b4:3f:
eb:17:67:85:bc:96:2d:41:9c:8e:84:14:3b:e2:1b:
f8:8c:f1:b1:a7:44:31:5c:b8:41:6d:23:63:94:e4:
eb:7e:8a:fe:24:cb:8e:6c:98:02:ae:a1:ac:f4:d3:
19:dc:69:0c:32:c5:b6:9a:d5:a7:22:15:ac:48:b1:
d5:1e:fb:8a:ac:a7:86:0b:3a:7d:67:8b:5a:67:87:
c9:4f:63:b5:a1:73:bc:80:ac:4d:22:64:7d:3e:9b:
99:7b:84:fa:58:9b:f8:f7:d5:66:27:a9:58:b5:af:
9f:75:da:11:23:e7:70:e0:b0:78:9c:e6:9a:ed:5f:
91:fb:a5:65:e4:60:9f:e0:42:2a:d9:d4:69:25:8e:
8b:7d:4f:e2:1a:bb:81:8e:10:f8:a3:18:d6:e3:c2:
22:3d:7a:df:f7:e0:ba:8c:d1:2d:92:4f:1a:a7:98:
12:e0:37:ea:86:2c:9e:da:f3:71:29:83:cd:b7:e3:
3c:cf:74:3d:0e:37:f7:52:4d:ea:f0:e7:c4:5a:c6:
66:a8:b9:b9:85:ba:33:6f:6b:31:3a:d1:10:b2:84:
75:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B3:49:A2:B2:D0:2E:54:3A:E0:3B:5F:D9:0E:2F:B0:D9:50:2F:CB
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/u7NJorLQLlQ64Dtf2Q4vsNlQL8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:aa0::/44
Signature Algorithm: sha256WithRSAEncryption
5d:a8:cc:72:d7:43:39:dc:45:e1:0d:3e:23:86:37:cf:db:bc:
3e:3d:bf:a0:66:d1:f6:a5:e9:96:05:a3:56:12:57:14:d6:63:
16:33:5d:d9:cc:bb:2e:6f:44:8c:dc:91:ac:e3:e8:db:c7:8a:
e6:51:c4:6f:7a:2a:e5:7d:67:63:dd:08:92:c6:a0:a7:cf:08:
bf:17:06:dd:b1:dd:c0:52:eb:a3:9d:2f:1d:67:17:4d:b6:53:
96:a1:81:a2:ac:f6:86:d8:46:73:d9:1a:ff:f7:07:65:a6:79:
08:2a:3b:26:fd:4d:9d:98:4a:d3:9d:08:d4:22:d4:a8:06:cf:
07:20:24:f3:75:a7:4b:7a:cb:58:0a:b9:b4:e9:03:7d:5d:6e:
48:9f:6a:de:09:52:44:51:db:dd:36:b9:df:74:ae:1f:7e:f8:
f2:f6:82:22:2d:43:b5:81:29:91:0f:39:ce:e1:e1:a4:19:46:
8f:fb:24:98:f5:80:fa:fb:58:7b:42:a8:29:05:87:8a:94:15:
a0:93:6e:76:b9:06:2a:34:32:1d:6e:1d:19:20:fe:eb:f7:ea:
df:ab:0f:74:94:ee:37:d3:79:02:82:35:76:34:66:46:9f:ef:
0e:99:3f:ec:6e:bc:53:6f:e4:5c:6d:6d:8a:1d:f3:e3:e5:52:
2b:f4:5a:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+nmnGjgIPsj89zkb5/iuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmIzNDlhMmIyZDAyZTU0M2FlMDNiNWZkOTBlMmZiMGQ5NTAyZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtziAqSlV/jwoD4QDFiEAu8E+WsPx
2SptVrmJheHJEif1oklVnwQBtyqFtD/rF2eFvJYtQZyOhBQ74hv4jPGxp0QxXLhB
bSNjlOTrfor+JMuObJgCrqGs9NMZ3GkMMsW2mtWnIhWsSLHVHvuKrKeGCzp9Z4ta
Z4fJT2O1oXO8gKxNImR9PpuZe4T6WJv499VmJ6lYta+fddoRI+dw4LB4nOaa7V+R
+6Vl5GCf4EIq2dRpJY6LfU/iGruBjhD4oxjW48IiPXrf9+C6jNEtkk8ap5gS4Dfq
hiye2vNxKYPNt+M8z3Q9Djf3Uk3q8OfEWsZmqLm5hbozb2sxOtEQsoR1swIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLuzSaKy0C5UOuA7X9kOL7DZUC/LMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvdTdOSm9yTFFMbFE2NER0ZjJRNHZzTmxRTDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBdqMxy10M53EXhDT4jhjfP27w+Pb+gZtH2pemW
BaNWElcU1mMWM13ZzLsub0SM3JGs4+jbx4rmUcRveirlfWdj3QiSxqCnzwi/Fwbd
sd3AUuujnS8dZxdNtlOWoYGirPaG2EZz2Rr/9wdlpnkIKjsm/U2dmErTnQjUItSo
Bs8HICTzdadLestYCrm06QN9XW5In2reCVJEUdvdNrnfdK4ffvjy9oIiLUO1gSmR
DznO4eGkGUaP+ySY9YD6+1h7QqgpBYeKlBWgk252uQYqNDIdbh0ZIP7r9+rfqw90
lO4303kCgjV2NGZGn+8OmT/sbrxTb+RcbW2KHfPj5VIr9Frg
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:12:27 2025 by rpki-client