Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/qxv97i_u-oPbXERls-AuUJ-ehN0.roa
File: qxv97i_u-oPbXERls-AuUJ-ehN0.roa (raw, json)
Hash identifier: 3CpmmFrGAOZMYO7PvcVF3IlSxwWNYbKDyVw/pp4ZIZ0=
Subject key identifier: AB:1B:FD:EE:2F:EE:FA:83:DB:5C:44:65:B3:E0:2E:50:9F:9E:84:DD
Certificate issuer: /CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Certificate serial: 019426D9E098F5759E206364E2CC0A2DD257
Authority key identifier: C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/qxv97i_u-oPbXERls-AuUJ-ehN0.roa
Signing time: Thu 02 Jan 2025 11:50:00 +0000
ROA not before: Thu 02 Jan 2025 11:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209309
IP address blocks: 2a0e:e0c0::/32 maxlen: 32
2a0e:e0c1::/32 maxlen: 32
2a0e:e0c2::/32 maxlen: 32
2a0e:e0c3::/32 maxlen: 32
2a0e:e0c4::/32 maxlen: 32
2a0e:e0c5::/32 maxlen: 32
2a0e:e0c6::/32 maxlen: 32
2a0e:e0c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e0:98:f5:75:9e:20:63:64:e2:cc:0a:2d:d2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c12ac9b14fd261a8d2763aad417432bebc49a0d6
Validity
Not Before: Jan 2 11:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab1bfdee2feefa83db5c4465b3e02e509f9e84dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2f:97:85:f4:fb:92:62:f1:7e:3a:ec:71:d6:
48:5b:a8:1a:ee:43:d8:4a:1d:dd:15:75:6a:08:8b:
01:2e:c0:9e:38:b3:91:9b:9d:43:a4:32:cc:49:e2:
f0:37:74:c7:9c:84:df:41:74:29:d4:66:bb:52:b2:
02:36:64:8a:33:8a:26:47:b9:62:1e:9c:53:be:88:
b3:bc:d8:ed:3d:74:86:95:f9:f1:ac:99:e4:65:88:
97:a7:69:b5:a4:16:e5:2f:f6:8f:25:65:27:bf:3a:
c8:8b:30:57:b5:71:92:0a:9e:a8:50:e6:26:66:4a:
43:5c:1b:0e:d9:ea:12:29:ea:ec:f2:40:6d:7d:b0:
d4:f9:25:21:ad:45:0e:f6:a7:20:3a:94:92:90:41:
9c:20:d3:59:bd:3c:3b:1f:63:76:1a:1e:de:f7:85:
68:0b:0b:80:ec:53:5f:07:f4:35:e2:02:2d:37:4e:
eb:c9:a1:1c:86:5f:14:87:7f:b4:d7:41:09:aa:bd:
a9:13:32:c4:eb:06:7e:62:8f:b2:f6:0a:e7:8d:db:
d9:43:bd:6c:37:27:2a:ba:da:ea:69:74:f0:f8:84:
fd:67:20:94:6c:55:4b:4f:66:41:fb:77:fc:e5:7c:
0c:50:e2:b3:de:74:18:22:cd:a9:c7:03:18:80:fd:
63:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1B:FD:EE:2F:EE:FA:83:DB:5C:44:65:B3:E0:2E:50:9F:9E:84:DD
X509v3 Authority Key Identifier:
keyid:C1:2A:C9:B1:4F:D2:61:A8:D2:76:3A:AD:41:74:32:BE:BC:49:A0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSrJsU_SYajSdjqtQXQyvrxJoNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/qxv97i_u-oPbXERls-AuUJ-ehN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/7011dd-c2d9-4341-9236-2167cf01cf4a/1/wSrJsU_SYajSdjqtQXQyvrxJoNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
d0:27:49:3c:65:04:64:67:af:e8:73:17:3f:71:80:18:cb:73:
07:e4:74:bf:a1:3d:87:60:3c:7f:d7:62:ef:a5:ce:82:3f:d1:
ff:ae:c9:a0:09:20:6c:c9:5c:3a:36:b5:8e:31:92:58:a1:4c:
7c:51:05:55:12:a8:4a:7e:a9:1c:10:d7:7a:58:4c:f7:78:68:
9b:69:b4:37:a7:2c:d9:8d:bc:a2:b1:ed:8f:6b:ca:71:55:8a:
d9:ca:2b:a4:3a:10:42:57:bb:57:ba:f3:02:86:5c:24:25:3e:
c5:33:f0:37:9d:99:84:92:35:63:fc:24:91:08:87:be:7f:dd:
e9:45:22:97:27:5a:b2:0d:ee:9f:69:98:8e:64:24:12:db:21:
d1:78:c2:10:f2:1d:8e:81:81:55:5c:2b:ea:41:16:d4:77:fe:
0b:2a:92:6d:5a:0b:a1:91:d8:32:22:21:9c:a2:9c:d0:f3:7f:
aa:7e:9a:41:f8:2b:1a:85:17:4b:e0:ea:2d:ec:df:a8:88:ae:
62:78:4c:ea:a8:16:2e:0d:c3:31:9b:56:9e:96:cb:59:72:30:
26:74:ba:b3:5e:58:ea:82:6a:da:45:2d:20:58:e1:e5:70:93:
7f:25:e3:cc:7e:01:6f:86:c4:3f:e4:dd:da:25:fd:1a:1f:29:
54:8e:57:65
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2eCY9XWeIGNk4swKLdJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMmFjOWIxNGZkMjYxYThkMjc2M2FhZDQxNzQzMmJlYmM0
OWEwZDYwHhcNMjUwMTAyMTE1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjFiZmRlZTJmZWVmYTgzZGI1YzQ0NjViM2UwMmU1MDlmOWU4NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1y+XhfT7kmLxfjrscdZIW6ga7kPY
Sh3dFXVqCIsBLsCeOLORm51DpDLMSeLwN3THnITfQXQp1Ga7UrICNmSKM4omR7li
HpxTvoizvNjtPXSGlfnxrJnkZYiXp2m1pBblL/aPJWUnvzrIizBXtXGSCp6oUOYm
ZkpDXBsO2eoSKers8kBtfbDU+SUhrUUO9qcgOpSSkEGcINNZvTw7H2N2Gh7e94Vo
CwuA7FNfB/Q14gItN07ryaEchl8Uh3+010EJqr2pEzLE6wZ+Yo+y9grnjdvZQ71s
NycqutrqaXTw+IT9ZyCUbFVLT2ZB+3f85XwMUOKz3nQYIs2pxwMYgP1jOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKsb/e4v7vqD21xEZbPgLlCfnoTdMB8GA1UdIwQY
MBaAFMEqybFP0mGo0nY6rUF0Mr68SaDWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYt
MjE2N2NmMDFjZjRhLzEvcXh2OTdpX3Utb1BiWEVSbHMtQXVVSi1laE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83MDExZGQtYzJkOS00MzQxLTkyMzYtMjE2N2NmMDFjZjRh
LzEvd1NySnNVX1NZYWpTZGpxdFFYUXl2cnhKb05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg7gwDAN
BgkqhkiG9w0BAQsFAAOCAQEA0CdJPGUEZGev6HMXP3GAGMtzB+R0v6E9h2A8f9di
76XOgj/R/67JoAkgbMlcOja1jjGSWKFMfFEFVRKoSn6pHBDXelhM93hom2m0N6cs
2Y28orHtj2vKcVWK2corpDoQQle7V7rzAoZcJCU+xTPwN52ZhJI1Y/wkkQiHvn/d
6UUilydasg3un2mYjmQkEtsh0XjCEPIdjoGBVVwr6kEW1Hf+CyqSbVoLoZHYMiIh
nKKc0PN/qn6aQfgrGoUXS+DqLezfqIiuYnhM6qgWLg3DMZtWnpbLWXIwJnS6s15Y
6oJq2kUtIFjh5XCTfyXjzH4Bb4bEP+Td2iX9Gh8pVI5XZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:07:25 2025 by rpki-client