Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/26d28f-ff14-446d-99ea-fbadb98d688e/1/0finVNo0lgGLmMHX8y0NMdQlvgo.roa
File: 0finVNo0lgGLmMHX8y0NMdQlvgo.roa (raw, json)
Hash identifier: VL5jumDZUgGzHZ4meYBrIeRXBDi5ZJfsVbdIHMi7YoQ=
Subject key identifier: D1:F8:A7:54:DA:34:96:01:8B:98:C1:D7:F3:2D:0D:31:D4:25:BE:0A
Certificate issuer: /CN=9a980eed42aa546aab9e68cda96e2fbcf382f47a
Certificate serial: 019425FDE2458A85326653E4D199711A1223
Authority key identifier: 9A:98:0E:ED:42:AA:54:6A:AB:9E:68:CD:A9:6E:2F:BC:F3:82:F4:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpgO7UKqVGqrnmjNqW4vvPOC9Ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/26d28f-ff14-446d-99ea-fbadb98d688e/1/0finVNo0lgGLmMHX8y0NMdQlvgo.roa
Signing time: Thu 02 Jan 2025 07:49:43 +0000
ROA not before: Thu 02 Jan 2025 07:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213831
IP address blocks: 2a14:8000::/32 maxlen: 32
2a14:8000:1::/48 maxlen: 48
2a14:8000:10::/48 maxlen: 48
2a14:8000:11::/48 maxlen: 48
2a14:8000:12::/48 maxlen: 48
2a14:8000:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/26d28f-ff14-446d-99ea-fbadb98d688e/1/mpgO7UKqVGqrnmjNqW4vvPOC9Ho.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/26d28f-ff14-446d-99ea-fbadb98d688e/1/mpgO7UKqVGqrnmjNqW4vvPOC9Ho.mft
rsync://rpki.ripe.net/repository/DEFAULT/mpgO7UKqVGqrnmjNqW4vvPOC9Ho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e2:45:8a:85:32:66:53:e4:d1:99:71:1a:12:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a980eed42aa546aab9e68cda96e2fbcf382f47a
Validity
Not Before: Jan 2 07:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1f8a754da3496018b98c1d7f32d0d31d425be0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a1:03:01:39:19:fa:6e:4d:d5:69:62:3e:c5:
5c:38:7d:c8:ba:6c:6f:91:62:56:a8:c0:76:1d:ed:
a9:b2:5a:5c:a5:92:94:5c:88:37:62:5a:46:08:45:
02:a2:da:80:a8:8d:6d:e9:f4:d5:43:2a:8c:73:8a:
c0:6b:f5:66:5d:f3:b0:c9:49:f4:d2:67:95:3c:ef:
ec:5b:44:64:c4:6d:54:a0:3b:d5:82:69:6a:86:95:
96:39:f3:0c:f6:5f:d0:5b:39:1e:c2:b4:91:98:69:
42:3c:73:08:0a:f4:68:b8:38:bc:e5:c3:e9:49:f0:
b4:5f:67:09:8b:5c:c1:86:fe:89:9e:72:db:a5:fd:
19:f4:e4:87:44:c9:1d:a1:bd:db:6a:e1:74:03:62:
21:8f:bf:5f:e4:39:41:04:94:52:bd:70:3a:ae:45:
99:40:86:bb:10:9f:25:95:b0:15:a4:d5:28:8c:51:
fc:c5:8e:7c:85:8d:70:85:39:bd:49:20:0f:bb:06:
8d:4e:90:b9:c2:aa:47:99:a8:8e:18:0a:e3:87:23:
af:dd:34:7e:39:64:ad:0a:32:b2:7f:3b:e5:99:e0:
51:67:21:79:85:c8:bf:16:80:7d:f4:32:31:6d:d3:
e9:90:22:c0:9f:88:e5:2b:b9:a2:de:10:74:3f:34:
05:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F8:A7:54:DA:34:96:01:8B:98:C1:D7:F3:2D:0D:31:D4:25:BE:0A
X509v3 Authority Key Identifier:
keyid:9A:98:0E:ED:42:AA:54:6A:AB:9E:68:CD:A9:6E:2F:BC:F3:82:F4:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpgO7UKqVGqrnmjNqW4vvPOC9Ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/26d28f-ff14-446d-99ea-fbadb98d688e/1/0finVNo0lgGLmMHX8y0NMdQlvgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/26d28f-ff14-446d-99ea-fbadb98d688e/1/mpgO7UKqVGqrnmjNqW4vvPOC9Ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:8000::/32
Signature Algorithm: sha256WithRSAEncryption
b0:7d:30:ae:58:fb:cd:08:26:b3:b5:0b:d3:fe:14:8b:29:1e:
01:75:e0:f1:4d:eb:04:97:f6:22:0e:58:ae:f6:50:21:7e:48:
d2:66:4e:73:af:b1:6b:d5:08:a0:68:3c:85:68:e0:24:6e:2a:
28:48:5a:4d:b7:2a:30:b5:6a:d5:10:32:60:f3:8b:6c:e2:97:
ce:7d:3e:25:54:42:cb:30:7b:95:b7:da:83:d3:8c:f6:7a:48:
ef:62:4c:ae:47:d3:88:2e:19:7a:e4:7c:c5:af:f5:b9:2f:0b:
bf:9b:b7:4f:2a:1c:77:60:ae:7a:98:5a:4f:f5:e1:b3:f9:30:
90:7a:99:e7:1e:2f:73:c0:9e:23:18:0b:67:5e:14:b6:e6:0f:
85:a0:92:d6:3a:99:21:27:b3:cd:ca:41:cd:83:61:99:24:6a:
f4:6a:b8:43:e5:6b:84:d9:06:fc:37:b6:3e:c5:99:42:9a:5f:
4a:eb:e2:72:71:cd:d5:99:32:0d:96:fa:ea:40:df:80:4e:a5:
0f:8a:0e:d9:31:40:77:79:ac:3c:0b:6b:b2:2e:2d:4f:54:13:
1b:9e:3d:dc:6a:41:85:15:4c:50:c8:96:97:fe:60:21:bc:4d:
20:d5:47:68:8c:b0:29:68:46:65:b5:55:6e:dc:d9:88:76:97:
3b:06:82:55
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/eJFioUyZlPk0ZlxGhIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOTgwZWVkNDJhYTU0NmFhYjllNjhjZGE5NmUyZmJjZjM4
MmY0N2EwHhcNMjUwMTAyMDc0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY4YTc1NGRhMzQ5NjAxOGI5OGMxZDdmMzJkMGQzMWQ0MjViZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6EDATkZ+m5N1WliPsVcOH3Iumxv
kWJWqMB2He2pslpcpZKUXIg3YlpGCEUCotqAqI1t6fTVQyqMc4rAa/VmXfOwyUn0
0meVPO/sW0RkxG1UoDvVgmlqhpWWOfMM9l/QWzkewrSRmGlCPHMICvRouDi85cPp
SfC0X2cJi1zBhv6JnnLbpf0Z9OSHRMkdob3bauF0A2Ihj79f5DlBBJRSvXA6rkWZ
QIa7EJ8llbAVpNUojFH8xY58hY1whTm9SSAPuwaNTpC5wqpHmaiOGArjhyOv3TR+
OWStCjKyfzvlmeBRZyF5hci/FoB99DIxbdPpkCLAn4jlK7mi3hB0PzQFowIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNH4p1TaNJYBi5jB1/MtDTHUJb4KMB8GA1UdIwQY
MBaAFJqYDu1CqlRqq55ozaluL7zzgvR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBnTzdVS3FWR3Fybm1qTnFXNHZ2UE9DOUhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8yNmQyOGYtZmYxNC00NDZkLTk5ZWEt
ZmJhZGI5OGQ2ODhlLzEvMGZpblZObzBsZ0dMbU1IWDh5ME5NZFFsdmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8yNmQyOGYtZmYxNC00NDZkLTk5ZWEtZmJhZGI5OGQ2ODhl
LzEvbXBnTzdVS3FWR3Fybm1qTnFXNHZ2UE9DOUhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhSAADAN
BgkqhkiG9w0BAQsFAAOCAQEAsH0wrlj7zQgms7UL0/4UiykeAXXg8U3rBJf2Ig5Y
rvZQIX5I0mZOc6+xa9UIoGg8hWjgJG4qKEhaTbcqMLVq1RAyYPOLbOKXzn0+JVRC
yzB7lbfag9OM9npI72JMrkfTiC4ZeuR8xa/1uS8Lv5u3Tyocd2CuephaT/Xhs/kw
kHqZ5x4vc8CeIxgLZ14UtuYPhaCS1jqZISezzcpBzYNhmSRq9Gq4Q+VrhNkG/De2
PsWZQppfSuvicnHN1ZkyDZb66kDfgE6lD4oO2TFAd3msPAtrsi4tT1QTG5493GpB
hRVMUMiWl/5gIbxNINVHaIywKWhGZbVVbtzZiHaXOwaCVQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:55 2025 by rpki-client