Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/lVxazzssSIQktTuekaP8gaWWHmA.roa
File: lVxazzssSIQktTuekaP8gaWWHmA.roa (raw, json)
Hash identifier: XZofJOcbbYfDn8B1ukHfJuS3+okkzKxPP+y/thGcTl0=
Subject key identifier: 95:5C:5A:CF:3B:2C:48:84:24:B5:3B:9E:91:A3:FC:81:A5:96:1E:60
Certificate issuer: /CN=080702932802c2743d335f67d47a4238c3324533
Certificate serial: 019424B30FE254CF6D84AACFA800348CBD59
Authority key identifier: 08:07:02:93:28:02:C2:74:3D:33:5F:67:D4:7A:42:38:C3:32:45:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAcCkygCwnQ9M19n1HpCOMMyRTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/lVxazzssSIQktTuekaP8gaWWHmA.roa
Signing time: Thu 02 Jan 2025 01:48:22 +0000
ROA not before: Thu 02 Jan 2025 01:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29670
IP address blocks: 2001:67c:fb8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/CAcCkygCwnQ9M19n1HpCOMMyRTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/CAcCkygCwnQ9M19n1HpCOMMyRTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAcCkygCwnQ9M19n1HpCOMMyRTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:0f:e2:54:cf:6d:84:aa:cf:a8:00:34:8c:bd:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=080702932802c2743d335f67d47a4238c3324533
Validity
Not Before: Jan 2 01:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=955c5acf3b2c488424b53b9e91a3fc81a5961e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f4:22:74:4c:ab:75:eb:89:56:69:86:a7:21:
7c:5f:21:03:20:40:53:6a:43:36:c7:95:8a:d8:09:
30:9c:a9:1c:b6:df:34:d1:7e:1f:64:5c:0c:48:9c:
a4:23:1c:5c:f9:6a:32:3c:bf:dc:4c:84:36:87:e3:
54:0c:15:7d:10:7e:87:ee:b3:c8:f8:aa:d4:8a:31:
b9:68:55:5c:1d:cd:1d:2c:8a:e0:af:a6:53:1c:14:
ed:6f:46:04:7f:11:f2:6c:7f:d1:c5:01:a4:91:00:
04:97:72:f4:b2:60:98:35:79:7b:f2:7b:09:c0:fa:
22:53:00:65:10:3c:25:27:a1:fc:eb:02:b9:c4:fb:
d0:d6:47:11:40:f1:15:ed:0f:bd:59:56:24:cc:59:
85:8a:18:e6:a1:09:ff:14:df:5d:c2:86:f6:ec:8e:
f6:0a:ca:13:84:37:82:f1:bc:96:64:10:fa:98:7c:
6c:e1:c5:30:3b:7b:36:33:9a:02:21:67:38:47:df:
d0:fe:02:a9:7f:f6:e0:85:c9:73:31:b5:4b:4d:28:
da:18:ec:8f:74:d0:64:d7:25:d0:76:ea:4a:c1:e8:
7f:e5:1b:ce:c7:0a:ae:e1:66:56:28:2e:2f:ed:7c:
75:ad:68:59:8e:b0:e9:49:dc:67:40:3f:e6:5a:37:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5C:5A:CF:3B:2C:48:84:24:B5:3B:9E:91:A3:FC:81:A5:96:1E:60
X509v3 Authority Key Identifier:
keyid:08:07:02:93:28:02:C2:74:3D:33:5F:67:D4:7A:42:38:C3:32:45:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAcCkygCwnQ9M19n1HpCOMMyRTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/lVxazzssSIQktTuekaP8gaWWHmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f532fd-91e2-4fb6-be87-480feb92d718/1/CAcCkygCwnQ9M19n1HpCOMMyRTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:fb8::/48
Signature Algorithm: sha256WithRSAEncryption
3a:76:a1:3f:4e:73:eb:4c:aa:7f:bc:fa:a8:d9:32:ea:1e:88:
dd:a1:7a:c8:33:03:a6:55:37:e7:3c:e9:77:2f:5c:96:60:13:
42:07:c5:2a:9b:cb:40:8d:ef:50:1e:bd:03:df:05:34:33:d4:
be:6a:9a:d5:e3:3b:f7:db:2e:a9:2a:93:a0:4c:4b:1c:f0:20:
5c:6a:3d:6f:35:44:ad:88:2a:c9:38:8f:b2:29:7f:d5:58:ce:
79:76:f2:49:65:6e:b2:bf:fd:5b:f2:13:8e:00:c1:28:82:bd:
2f:23:2a:d0:15:50:e3:26:78:b5:39:a4:da:ff:1b:8c:43:f9:
e4:07:5a:7f:e3:5a:c6:0a:e3:b4:3b:c2:ac:05:ea:e3:ff:e1:
02:bf:76:fb:69:82:f8:3d:c0:e2:87:e5:cc:53:bb:e2:47:21:
d6:b5:44:6f:d2:1b:2b:84:f1:9e:8d:a4:e8:64:59:3d:cb:e5:
5c:73:7a:d7:ff:c6:3a:3b:cc:12:27:7d:b6:4c:17:d5:29:23:
bc:d5:b8:c2:a9:18:d8:a5:fe:1e:b0:d4:e6:f8:7f:4f:7a:7a:
0f:a5:47:35:7f:d3:54:29:e3:05:18:94:d6:f5:a4:77:14:81:
50:73:e4:b1:e2:27:22:a9:a9:fc:03:28:5e:75:67:8c:be:b0:
99:7b:bd:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQksw/iVM9thKrPqAA0jL1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDcwMjkzMjgwMmMyNzQzZDMzNWY2N2Q0N2E0MjM4YzMz
MjQ1MzMwHhcNMjUwMTAyMDE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVjNWFjZjNiMmM0ODg0MjRiNTNiOWU5MWEzZmM4MWE1OTYxZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vQidEyrdeuJVmmGpyF8XyEDIEBT
akM2x5WK2AkwnKkctt800X4fZFwMSJykIxxc+WoyPL/cTIQ2h+NUDBV9EH6H7rPI
+KrUijG5aFVcHc0dLIrgr6ZTHBTtb0YEfxHybH/RxQGkkQAEl3L0smCYNXl78nsJ
wPoiUwBlEDwlJ6H86wK5xPvQ1kcRQPEV7Q+9WVYkzFmFihjmoQn/FN9dwob27I72
CsoThDeC8byWZBD6mHxs4cUwO3s2M5oCIWc4R9/Q/gKpf/bghclzMbVLTSjaGOyP
dNBk1yXQdupKweh/5RvOxwqu4WZWKC4v7Xx1rWhZjrDpSdxnQD/mWjf4OQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJVcWs87LEiEJLU7npGj/IGllh5gMB8GA1UdIwQY
MBaAFAgHApMoAsJ0PTNfZ9R6QjjDMkUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FjQ2t5Z0N3blE5TTE5bjFIcENPTU15UlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNTMyZmQtOTFlMi00ZmI2LWJlODct
NDgwZmViOTJkNzE4LzEvbFZ4YXp6c3NTSVFrdFR1ZWthUDhnYVdXSG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNTMyZmQtOTFlMi00ZmI2LWJlODctNDgwZmViOTJkNzE4
LzEvQ0FjQ2t5Z0N3blE5TTE5bjFIcENPTU15UlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA+4
MA0GCSqGSIb3DQEBCwUAA4IBAQA6dqE/TnPrTKp/vPqo2TLqHojdoXrIMwOmVTfn
POl3L1yWYBNCB8Uqm8tAje9QHr0D3wU0M9S+aprV4zv32y6pKpOgTEsc8CBcaj1v
NUStiCrJOI+yKX/VWM55dvJJZW6yv/1b8hOOAMEogr0vIyrQFVDjJni1OaTa/xuM
Q/nkB1p/41rGCuO0O8KsBerj/+ECv3b7aYL4PcDih+XMU7viRyHWtURv0hsrhPGe
jaToZFk9y+Vcc3rX/8Y6O8wSJ322TBfVKSO81bjCqRjYpf4esNTm+H9PenoPpUc1
f9NUKeMFGJTW9aR3FIFQc+Sx4iciqan8AyhedWeMvrCZe70z
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:57:37 2025 by rpki-client