Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/YNsqLkitHpqkjiltdLgc2bdx6rs.roa
File: YNsqLkitHpqkjiltdLgc2bdx6rs.roa (raw, json)
Hash identifier: 3Qov5yHW6YQLGF3KdMXPXf4671PbN4pLA5bsaPPsRlI=
Subject key identifier: 60:DB:2A:2E:48:AD:1E:9A:A4:8E:29:6D:74:B8:1C:D9:B7:71:EA:BB
Certificate issuer: /CN=d515f2e9149ce1b428c8f1edfc009215e2847f55
Certificate serial: 01941F8C9F5C120A1C717EA9958EAAAE2C92
Authority key identifier: D5:15:F2:E9:14:9C:E1:B4:28:C8:F1:ED:FC:00:92:15:E2:84:7F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/YNsqLkitHpqkjiltdLgc2bdx6rs.roa
Signing time: Wed 01 Jan 2025 01:48:16 +0000
ROA not before: Wed 01 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a01:ea00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9f:5c:12:0a:1c:71:7e:a9:95:8e:aa:ae:2c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d515f2e9149ce1b428c8f1edfc009215e2847f55
Validity
Not Before: Jan 1 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60db2a2e48ad1e9aa48e296d74b81cd9b771eabb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6b:95:57:2f:9c:bb:de:83:89:33:17:9e:a2:
b1:04:ac:a9:80:58:50:8c:ab:f0:40:1d:59:f5:63:
41:5a:ea:5f:e5:c5:f5:02:bb:24:9a:e7:fb:6f:50:
45:23:08:e0:79:61:64:8f:3b:ef:94:3a:98:28:dc:
58:a8:32:58:31:c4:e8:15:06:48:d8:e7:a4:72:54:
4a:35:1b:7a:c6:50:1a:b5:f7:76:ef:c0:0e:1b:51:
b1:f3:cf:b1:63:bf:28:26:8c:cc:3b:e1:50:4c:e1:
70:b3:87:61:b0:bf:9c:5a:e8:33:a8:8b:64:1a:29:
51:c4:4c:20:f2:77:a4:d9:aa:a7:2b:36:a2:ed:e0:
03:ad:7a:7b:2f:6d:18:24:12:5a:2f:dd:5f:63:48:
0b:9d:62:f5:ee:7f:93:0a:4f:24:25:4e:8d:c3:01:
0d:1b:ae:2d:3b:90:56:c6:d0:2e:a8:eb:ea:59:3e:
28:c0:c1:74:80:25:6f:10:a0:62:c1:79:b8:3f:85:
f1:3b:e4:28:4c:bd:e3:4c:97:eb:28:d8:bf:51:52:
37:82:8d:5e:5d:c2:9f:40:fe:a2:50:f1:19:44:6b:
cb:d8:2b:91:97:13:4d:97:ec:7c:b9:00:23:b2:59:
6d:75:ea:7f:98:0a:db:66:35:43:c8:fa:e9:66:f5:
64:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DB:2A:2E:48:AD:1E:9A:A4:8E:29:6D:74:B8:1C:D9:B7:71:EA:BB
X509v3 Authority Key Identifier:
keyid:D5:15:F2:E9:14:9C:E1:B4:28:C8:F1:ED:FC:00:92:15:E2:84:7F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1RXy6RSc4bQoyPHt_ACSFeKEf1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/YNsqLkitHpqkjiltdLgc2bdx6rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8366ae-575d-4fde-8e92-0089944980ca/1/1RXy6RSc4bQoyPHt_ACSFeKEf1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ea00:1::/48
Signature Algorithm: sha256WithRSAEncryption
08:bd:f5:84:17:13:69:68:aa:aa:91:f6:16:c4:a2:d8:0a:4d:
8c:65:05:a9:a0:47:9d:6c:7b:b2:e6:ef:1c:92:44:59:10:f6:
25:29:0c:67:90:ec:ef:2a:e9:af:08:45:ab:8d:bc:59:90:79:
96:e3:ab:60:11:08:bd:82:02:df:cd:9c:b7:77:17:54:be:be:
4b:b7:cd:61:c5:52:4b:af:52:f1:58:af:3e:7d:f9:64:f7:37:
e6:2a:8b:a2:df:41:4d:90:63:24:b3:82:88:8e:b6:8d:03:55:
ef:01:57:37:37:e5:4f:6b:34:10:ae:84:68:7d:05:84:33:b5:
ba:37:c1:a9:1c:3d:39:4c:b6:65:23:32:86:12:68:75:4a:0b:
5e:56:61:b8:a7:b0:6e:f0:18:b9:91:7f:fc:eb:36:e7:31:18:
fd:81:fb:fa:66:06:8a:60:a7:34:9a:3b:b9:36:1b:2d:6c:b2:
e6:db:c8:60:bb:6b:88:af:3c:4f:5c:5e:2d:75:cd:9d:c2:e1:
c8:c3:bb:e0:2f:e0:82:4f:a5:22:4d:21:4f:5f:6b:00:99:e7:
ad:20:f3:49:e5:a2:a8:2b:d4:2d:b5:8d:cd:cf:d1:1d:40:00:
98:37:16:b6:a6:06:f3:3d:83:96:00:0c:44:b6:d7:4c:8f:1d:
a6:cd:1f:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjJ9cEgoccX6plY6qriySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTVmMmU5MTQ5Y2UxYjQyOGM4ZjFlZGZjMDA5MjE1ZTI4
NDdmNTUwHhcNMjUwMTAxMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRiMmEyZTQ4YWQxZTlhYTQ4ZTI5NmQ3NGI4MWNkOWI3NzFlYWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WuVVy+cu96DiTMXnqKxBKypgFhQ
jKvwQB1Z9WNBWupf5cX1Arskmuf7b1BFIwjgeWFkjzvvlDqYKNxYqDJYMcToFQZI
2OekclRKNRt6xlAatfd278AOG1Gx88+xY78oJozMO+FQTOFws4dhsL+cWugzqItk
GilRxEwg8nek2aqnKzai7eADrXp7L20YJBJaL91fY0gLnWL17n+TCk8kJU6NwwEN
G64tO5BWxtAuqOvqWT4owMF0gCVvEKBiwXm4P4XxO+QoTL3jTJfrKNi/UVI3go1e
XcKfQP6iUPEZRGvL2CuRlxNNl+x8uQAjslltdep/mArbZjVDyPrpZvVkDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGDbKi5IrR6apI4pbXS4HNm3ceq7MB8GA1UdIwQY
MBaAFNUV8ukUnOG0KMjx7fwAkhXihH9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJYeTZSU2M0YlFveVBIdF9BQ1NGZUtFZjFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84MzY2YWUtNTc1ZC00ZmRlLThlOTIt
MDA4OTk0NDk4MGNhLzEvWU5zcUxraXRIcHFramlsdGRMZ2MyYmR4NnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84MzY2YWUtNTc1ZC00ZmRlLThlOTItMDA4OTk0NDk4MGNh
LzEvMVJYeTZSU2M0YlFveVBIdF9BQ1NGZUtFZjFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgHqAAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAIvfWEFxNpaKqqkfYWxKLYCk2MZQWpoEedbHuy
5u8ckkRZEPYlKQxnkOzvKumvCEWrjbxZkHmW46tgEQi9ggLfzZy3dxdUvr5Lt81h
xVJLr1LxWK8+fflk9zfmKoui30FNkGMks4KIjraNA1XvAVc3N+VPazQQroRofQWE
M7W6N8GpHD05TLZlIzKGEmh1SgteVmG4p7Bu8Bi5kX/86zbnMRj9gfv6ZgaKYKc0
mju5NhstbLLm28hgu2uIrzxPXF4tdc2dwuHIw7vgL+CCT6UiTSFPX2sAmeetIPNJ
5aKoK9QttY3Nz9EdQACYNxa2pgbzPYOWAAxEttdMjx2mzR/o
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:54:22 2025 by rpki-client