Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/68E6bn0hVePr0xGHmIxiALHVplw.roa
File: 68E6bn0hVePr0xGHmIxiALHVplw.roa (raw, json)
Hash identifier: RTyJubUMJWoye01qJ5pHvztooF0m1t5g64s97nwns3E=
Subject key identifier: EB:C1:3A:6E:7D:21:55:E3:EB:D3:11:87:98:8C:62:00:B1:D5:A6:5C
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 019425FD940AE4A7490C6872DA0770B8803B
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/68E6bn0hVePr0xGHmIxiALHVplw.roa
Signing time: Thu 02 Jan 2025 07:49:22 +0000
ROA not before: Thu 02 Jan 2025 07:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a02:569::/32 maxlen: 32
2a02:56a::/32 maxlen: 32
2a02:56b::/32 maxlen: 32
2a02:56c::/32 maxlen: 32
2a02:56d::/32 maxlen: 32
2a02:56e::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 16:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:94:0a:e4:a7:49:0c:68:72:da:07:70:b8:80:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: Jan 2 07:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebc13a6e7d2155e3ebd31187988c6200b1d5a65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d9:10:2d:df:1d:cd:9b:98:6d:1a:54:f6:5b:
71:a2:8c:da:3c:7b:6b:04:05:58:d9:22:3a:b6:20:
fd:74:8f:e4:6d:51:3d:dc:a7:65:83:e6:97:3d:e5:
0c:d6:b2:7d:9f:13:b5:79:09:d5:0c:4b:34:d2:b0:
94:72:19:14:60:45:92:05:bc:04:fa:64:e6:92:dc:
ff:1a:a9:3d:f7:e8:07:75:f7:c0:2b:82:f2:97:da:
87:ec:a7:e7:ee:85:9c:6c:d9:0d:a3:dc:09:d0:9c:
05:e3:19:5a:74:1a:42:2e:71:1c:fc:72:cc:c6:1e:
95:fd:29:51:8a:1b:dd:23:71:22:c3:05:e5:cb:58:
3f:f5:96:d5:c2:b8:4f:6f:8a:02:d6:69:aa:62:02:
eb:43:d3:19:9d:0c:9f:f8:d0:a6:51:c1:74:15:19:
a9:fc:65:e8:14:5e:8d:27:14:39:81:82:87:d5:a2:
5a:20:58:c4:60:7b:00:43:1d:83:e5:eb:a4:5f:b8:
cc:b7:9c:54:89:84:a0:68:45:14:13:fa:f4:10:a7:
13:60:57:af:1f:e7:bc:86:4e:5c:90:8f:b3:c4:61:
f6:67:65:2f:c6:f9:2b:d5:13:db:38:8b:0b:12:e8:
d2:46:2b:d8:1f:11:4c:be:c9:29:ac:00:cf:1b:ef:
79:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C1:3A:6E:7D:21:55:E3:EB:D3:11:87:98:8C:62:00:B1:D5:A6:5C
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/68E6bn0hVePr0xGHmIxiALHVplw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:569::-2a02:56e:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:cf:6f:19:aa:69:3f:78:81:4f:b5:65:4a:96:14:34:c0:7b:
dd:0d:3e:69:e8:39:04:c6:7d:57:d2:6d:14:3d:1d:2b:b7:50:
1c:be:e4:48:03:4c:94:74:7e:94:1f:f3:f1:21:49:95:36:dc:
77:6f:64:4e:df:7f:8e:90:79:a1:b5:e7:55:c2:68:5f:dc:62:
98:96:38:a7:81:3f:f5:e2:f2:1b:49:cc:2a:4d:2c:6b:6d:ba:
6a:ac:e8:00:7a:ae:0b:1d:f7:51:82:e4:23:ac:f1:0a:ea:9e:
4b:7c:df:09:a5:d6:c0:51:4a:83:72:93:3c:9b:77:1e:fa:dc:
73:50:b4:e1:2f:f2:5e:30:c3:10:d7:1f:49:a9:56:29:8c:24:
06:01:75:df:ef:b7:5f:1f:e9:68:66:23:a4:4f:b0:93:b0:f0:
76:b5:2b:59:97:da:09:a8:4e:fa:e3:12:76:c4:eb:45:00:22:
e8:be:e6:60:65:54:61:a9:d5:eb:b8:c3:dd:77:c1:67:90:0c:
b9:4f:32:11:01:68:af:2c:8f:7d:bb:bf:67:dc:ce:22:ac:6a:
a5:40:eb:13:81:b9:8d:06:8b:15:77:33:37:64:00:d2:5b:fe:
27:92:46:25:94:0b:56:42:4e:1c:df:6b:19:92:16:65:5d:0b:
a7:48:40:ca
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQl/ZQK5KdJDGhy2gdwuIA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2
YzkzYzcwHhcNMjUwMTAyMDc0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmMxM2E2ZTdkMjE1NWUzZWJkMzExODc5ODhjNjIwMGIxZDVhNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9kQLd8dzZuYbRpU9ltxoozaPHtr
BAVY2SI6tiD9dI/kbVE93Kdlg+aXPeUM1rJ9nxO1eQnVDEs00rCUchkUYEWSBbwE
+mTmktz/Gqk99+gHdffAK4Lyl9qH7Kfn7oWcbNkNo9wJ0JwF4xladBpCLnEc/HLM
xh6V/SlRihvdI3EiwwXly1g/9ZbVwrhPb4oC1mmqYgLrQ9MZnQyf+NCmUcF0FRmp
/GXoFF6NJxQ5gYKH1aJaIFjEYHsAQx2D5eukX7jMt5xUiYSgaEUUE/r0EKcTYFev
H+e8hk5ckI+zxGH2Z2Uvxvkr1RPbOIsLEujSRivYHxFMvskprADPG+95uwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFOvBOm59IVXj69MRh5iMYgCx1aZcMB8GA1UdIwQY
MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt
ZGQ2Y2M5N2M5YmRkLzEvNjhFNmJuMGhWZVByMHhHSG1JeGlBTEhWcGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk
LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqAgVp
AwUAKgIFbjANBgkqhkiG9w0BAQsFAAOCAQEAa89vGappP3iBT7VlSpYUNMB73Q0+
aeg5BMZ9V9JtFD0dK7dQHL7kSANMlHR+lB/z8SFJlTbcd29kTt9/jpB5obXnVcJo
X9ximJY4p4E/9eLyG0nMKk0sa226aqzoAHquCx33UYLkI6zxCuqeS3zfCaXWwFFK
g3KTPJt3Hvrcc1C04S/yXjDDENcfSalWKYwkBgF13++3Xx/paGYjpE+wk7DwdrUr
WZfaCahO+uMSdsTrRQAi6L7mYGVUYanV67jD3XfBZ5AMuU8yEQForyyPfbu/Z9zO
IqxqpUDrE4G5jQaLFXczN2QA0lv+J5JGJZQLVkJOHN9rGZIWZV0Lp0hAyg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:32:15 2025 by rpki-client