Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/RFQq8CL00Iuq4i_jx3Jd0iwOLHI.roa
File: RFQq8CL00Iuq4i_jx3Jd0iwOLHI.roa (raw, json)
Hash identifier: +y+KD8Sa0MVn4eIucYiZ7dhXT2uIb+hoC3jKlQ4uUUg=
Subject key identifier: 44:54:2A:F0:22:F4:D0:8B:AA:E2:2F:E3:C7:72:5D:D2:2C:0E:2C:72
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 019421440641095606BBB5B8FA6BF6CB105C
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/RFQq8CL00Iuq4i_jx3Jd0iwOLHI.roa
Signing time: Wed 01 Jan 2025 09:48:13 +0000
ROA not before: Wed 01 Jan 2025 09:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 2a04:76c7:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:06:41:09:56:06:bb:b5:b8:fa:6b:f6:cb:10:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44542af022f4d08baae22fe3c7725dd22c0e2c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:50:92:97:9a:e0:80:d8:ae:78:6a:81:3c:
ba:47:29:4b:15:d2:20:57:26:b5:1b:b0:a5:4b:8c:
c7:0e:64:52:79:9e:15:9d:6d:93:90:46:1d:61:1c:
87:b7:cd:ee:47:1a:9c:a3:49:93:da:a6:51:83:03:
a2:68:45:ee:e7:4a:eb:52:c6:eb:b1:c4:9f:17:6e:
22:a7:25:74:4e:e7:f8:e0:a1:7a:b3:59:ca:89:a7:
b2:5a:32:6f:25:ec:dc:9c:10:81:d3:8c:f9:ce:9f:
a4:4e:6f:6f:df:2a:6a:3d:93:36:c1:af:1c:29:42:
91:ff:95:30:76:65:cd:e2:69:38:85:5b:23:ca:60:
32:ed:64:5b:dd:62:4f:95:b5:34:80:ff:86:a9:d0:
cf:dc:1e:40:c9:67:07:84:07:6d:b0:5c:70:60:09:
c4:ab:36:8d:f9:64:28:4e:25:98:9d:44:09:c5:7e:
cb:51:7b:61:6f:4a:81:aa:37:ea:93:75:b6:2d:bb:
51:fb:7b:f2:34:a9:1a:2e:d9:1a:d8:b9:88:38:67:
27:5a:55:e2:6d:c2:08:8a:0b:96:83:a8:f8:e0:cc:
bc:33:81:3b:79:58:b9:48:2a:11:d8:c8:21:fb:99:
e1:60:d5:8b:bb:42:cd:c0:04:9a:68:25:3a:26:d6:
7a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:54:2A:F0:22:F4:D0:8B:AA:E2:2F:E3:C7:72:5D:D2:2C:0E:2C:72
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/RFQq8CL00Iuq4i_jx3Jd0iwOLHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:76c7:200::/48
Signature Algorithm: sha256WithRSAEncryption
4b:2b:8f:1a:55:c6:db:f5:8c:7b:e4:ac:1a:34:85:57:77:d4:
f2:46:3b:77:03:9a:07:f3:4f:e9:6a:ed:e7:cb:c6:4a:1e:86:
05:28:44:1d:c1:4f:03:e7:28:79:6a:c4:51:8d:30:a8:9e:11:
0a:5e:b3:f7:03:57:f0:ab:a4:71:38:6d:01:2d:2a:8c:4e:e0:
2b:7b:64:af:63:aa:34:c1:8f:ba:79:f7:54:db:9e:82:11:a3:
7d:a9:b0:3d:a1:44:d2:fb:ef:d8:22:6f:2f:fd:44:9a:0a:f2:
57:f1:44:df:bd:43:a0:9d:a3:18:57:b0:2c:54:55:93:dd:ae:
b5:a2:6b:2c:2b:a6:46:f9:16:ff:75:bb:48:c5:73:62:87:c9:
03:db:71:cc:50:c6:f3:f9:73:1d:59:c3:99:ba:d1:40:64:11:
3f:e9:03:58:dd:ed:ca:e6:a6:19:5a:bf:e0:52:39:7e:f2:67:
df:54:8c:f1:3e:dc:44:d6:6b:54:8c:c5:ae:60:1f:13:e4:d8:
91:9f:07:82:22:04:84:c5:77:10:68:53:39:b1:05:00:93:b9:
ef:a3:6e:4b:db:5a:3d:9c:ba:d3:22:1b:3f:82:88:7f:08:4f:
9a:6e:1a:73:71:13:0f:b6:99:ff:53:df:ee:3d:5d:14:6a:ce:
e0:be:a9:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRAZBCVYGu7W4+mv2yxBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDU0MmFmMDIyZjRkMDhiYWFlMjJmZTNjNzcyNWRkMjJjMGUyYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzV1Qkpea4IDYrnhqgTy6RylLFdIg
Vya1G7ClS4zHDmRSeZ4VnW2TkEYdYRyHt83uRxqco0mT2qZRgwOiaEXu50rrUsbr
scSfF24ipyV0Tuf44KF6s1nKiaeyWjJvJezcnBCB04z5zp+kTm9v3ypqPZM2wa8c
KUKR/5UwdmXN4mk4hVsjymAy7WRb3WJPlbU0gP+GqdDP3B5AyWcHhAdtsFxwYAnE
qzaN+WQoTiWYnUQJxX7LUXthb0qBqjfqk3W2LbtR+3vyNKkaLtka2LmIOGcnWlXi
bcIIiguWg6j44My8M4E7eVi5SCoR2Mgh+5nhYNWLu0LNwASaaCU6JtZ69QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFERUKvAi9NCLquIv48dyXdIsDixyMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvUkZRcThDTDAwSXVxNGlfangzSmQwaXdPTEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgR2xwIA
MA0GCSqGSIb3DQEBCwUAA4IBAQBLK48aVcbb9Yx75KwaNIVXd9TyRjt3A5oH80/p
au3ny8ZKHoYFKEQdwU8D5yh5asRRjTConhEKXrP3A1fwq6RxOG0BLSqMTuAre2Sv
Y6o0wY+6efdU256CEaN9qbA9oUTS++/YIm8v/USaCvJX8UTfvUOgnaMYV7AsVFWT
3a61omssK6ZG+Rb/dbtIxXNih8kD23HMUMbz+XMdWcOZutFAZBE/6QNY3e3K5qYZ
Wr/gUjl+8mffVIzxPtxE1mtUjMWuYB8T5NiRnweCIgSExXcQaFM5sQUAk7nvo25L
21o9nLrTIhs/goh/CE+abhpzcRMPtpn/U9/uPV0Uas7gvqnJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:18:53 2025 by rpki-client