Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/1-QRYDCk4GRkhhK94MTs5nmWBy_E.roa
File: 1-QRYDCk4GRkhhK94MTs5nmWBy_E.roa (raw, json)
Hash identifier: 0DMmysmCmz5ptQIzT31buoWW9naDewY16lMSk6nyNPM=
Subject key identifier: F9:04:58:0C:29:38:19:19:21:84:AF:78:31:3B:39:9E:65:81:CB:F1
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 0194236A329F876215B38A6B393BBE457405
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/1-QRYDCk4GRkhhK94MTs5nmWBy_E.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213246
IP address blocks: 2a01:b960:230f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:32:9f:87:62:15:b3:8a:6b:39:3b:be:45:74:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f904580c293819192184af78313b399e6581cbf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a3:98:f3:3b:0a:cb:d1:ce:a3:3c:40:1e:95:
5e:af:49:1d:ac:bf:a9:d9:67:5e:e4:00:c0:3b:91:
28:f3:79:20:90:c1:06:81:6f:c1:2f:a4:55:2a:de:
b6:6e:06:ef:03:2e:f5:39:4f:07:ca:69:84:cc:38:
c2:be:ff:43:67:15:db:44:77:37:db:8f:86:68:0f:
28:f1:5f:f4:60:ea:eb:f7:9a:ab:15:32:d0:47:d2:
ba:13:e1:7d:84:7b:34:0b:2a:95:d2:57:cf:c3:5e:
b2:4b:db:5e:45:51:1c:f0:db:9c:b9:0e:13:ba:09:
b8:33:98:a5:46:4d:5d:67:c7:90:6d:fc:f3:b8:9f:
78:2f:8e:58:e0:31:5c:0c:61:5b:66:ee:65:4b:a5:
a0:38:ca:10:db:83:91:b3:b4:4b:21:9b:9a:02:7c:
64:d8:04:0b:de:53:8d:3a:98:4f:ef:74:18:29:ed:
75:63:40:75:c9:d4:a7:4a:c3:c2:15:42:56:94:c0:
67:3f:b2:2f:36:9c:59:89:84:50:01:2b:a9:f6:56:
44:27:93:4b:d9:64:f9:ac:c8:91:41:c3:68:03:64:
61:8b:a8:71:e0:d1:ca:bb:9e:c6:c2:a9:46:21:95:
d0:51:32:16:0f:29:b1:40:d1:46:46:1b:35:fc:10:
e0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:04:58:0C:29:38:19:19:21:84:AF:78:31:3B:39:9E:65:81:CB:F1
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/1-QRYDCk4GRkhhK94MTs5nmWBy_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:230f::/48
Signature Algorithm: sha256WithRSAEncryption
14:f3:c5:ac:e1:ad:1e:4c:69:c3:24:8a:77:97:49:d3:6b:34:
94:8a:05:77:df:eb:4d:4c:bf:fa:56:7c:47:0c:fe:1d:97:1f:
2e:13:c9:de:f6:8e:9c:8a:04:5d:1a:98:f4:90:f2:72:03:20:
e1:9d:8a:54:10:cf:c6:c7:2a:8c:de:0a:cf:d3:05:a2:72:23:
bc:73:ff:5f:40:9b:35:4d:61:48:2b:40:0d:ae:0b:3e:b6:f4:
14:5a:cc:41:1f:c4:ae:d0:42:49:85:fb:1c:3f:ac:bb:4d:58:
90:1c:11:af:39:13:17:14:96:2b:1d:bb:47:24:14:ac:86:ae:
5a:24:84:36:a7:6c:3f:70:da:c8:74:ec:d4:5a:af:d7:db:60:
0b:09:26:e1:d4:8d:d9:13:f0:0f:85:9e:12:23:a5:a4:11:0c:
ac:63:80:17:d2:b9:de:d4:de:c0:e2:35:19:b0:7a:eb:ce:56:
54:e0:82:ef:3a:c6:0c:85:68:bc:ea:ce:8c:7c:6f:7b:a7:2b:
01:a1:cd:81:45:5d:45:c6:ba:7d:e4:2e:21:d5:ac:f0:6e:ba:
0e:8b:f0:68:fc:c4:33:7b:30:70:0d:dc:e4:96:a9:5a:fc:76:
fc:64:6c:1a:75:73:24:c0:3e:2b:3b:c2:bb:03:c6:a9:b0:7d:
74:9e:13:36
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQjajKfh2IVs4prOTu+RXQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA0NTgwYzI5MzgxOTE5MjE4NGFmNzgzMTNiMzk5ZTY1ODFjYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6OY8zsKy9HOozxAHpVer0kdrL+p
2Wde5ADAO5Eo83kgkMEGgW/BL6RVKt62bgbvAy71OU8HymmEzDjCvv9DZxXbRHc3
24+GaA8o8V/0YOrr95qrFTLQR9K6E+F9hHs0CyqV0lfPw16yS9teRVEc8NucuQ4T
ugm4M5ilRk1dZ8eQbfzzuJ94L45Y4DFcDGFbZu5lS6WgOMoQ24ORs7RLIZuaAnxk
2AQL3lONOphP73QYKe11Y0B1ydSnSsPCFUJWlMBnP7IvNpxZiYRQASup9lZEJ5NL
2WT5rMiRQcNoA2Rhi6hx4NHKu57GwqlGIZXQUTIWDymxQNFGRhs1/BDgkwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPkEWAwpOBkZIYSveDE7OZ5lgcvxMB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvMS1RUllEQ2s0R1JraGhLOTRNVHM1bm1XQnlfRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzUvZWY4ZTg0LTkxNjEtNDAyYy04MWFkLWU4ZThkMmZlNzBm
ZS8xL05QRnlicVM5YlR5QWthNE1pdEdnUHBIaldhSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBuWAj
DzANBgkqhkiG9w0BAQsFAAOCAQEAFPPFrOGtHkxpwySKd5dJ02s0lIoFd9/rTUy/
+lZ8Rwz+HZcfLhPJ3vaOnIoEXRqY9JDycgMg4Z2KVBDPxscqjN4Kz9MFonIjvHP/
X0CbNU1hSCtADa4LPrb0FFrMQR/ErtBCSYX7HD+su01YkBwRrzkTFxSWKx27RyQU
rIauWiSENqdsP3DayHTs1Fqv19tgCwkm4dSN2RPwD4WeEiOlpBEMrGOAF9K53tTe
wOI1GbB6685WVOCC7zrGDIVovOrOjHxve6crAaHNgUVdRca6feQuIdWs8G66Dovw
aPzEM3swcA3c5JapWvx2/GRsGnVzJMA+KzvCuwPGqbB9dJ4TNg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:18 2025 by rpki-client