Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aVvsRyfrESAO0zSkgqG8VtXI2kk.roa
File: aVvsRyfrESAO0zSkgqG8VtXI2kk.roa (raw, json)
Hash identifier: xZ4ZV0bJuA4eojKsMLTXBkqPg5Xm/dhzTeKCiiynbhQ=
Subject key identifier: 69:5B:EC:47:27:EB:11:20:0E:D3:34:A4:82:A1:BC:56:D5:C8:DA:49
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01942445382156E183A553470A3BDCF37EF5
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aVvsRyfrESAO0zSkgqG8VtXI2kk.roa
Signing time: Wed 01 Jan 2025 23:48:23 +0000
ROA not before: Wed 01 Jan 2025 23:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215158
IP address blocks: 2a11:8c40::/29 maxlen: 29
2a11:a0c0::/29 maxlen: 29
2a11:a800::/29 maxlen: 29
2a12:20c0::/29 maxlen: 29
2a12:d180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:38:21:56:e1:83:a5:53:47:0a:3b:dc:f3:7e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=695bec4727eb11200ed334a482a1bc56d5c8da49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2a:8f:c3:4a:3a:0b:bb:dc:b4:1f:e6:9e:7a:
29:62:4e:62:1e:c2:85:3d:e9:8c:e5:6a:70:bc:b6:
b1:94:9e:c5:25:83:48:58:c2:93:e1:4f:0c:d9:45:
11:ba:45:67:7d:4c:70:e5:4e:a6:ee:81:b5:ab:7b:
89:cd:fe:1f:2b:8d:8c:9c:74:bd:2a:49:3e:76:73:
b3:26:55:8d:b5:ab:fc:fd:03:6f:76:8c:46:7a:55:
c9:1a:ce:b0:6c:69:8e:a7:40:17:bd:af:4e:e7:b1:
0f:89:a8:9b:99:43:5d:de:98:c9:5e:5a:08:22:a6:
ed:aa:99:d4:39:11:c4:42:56:e4:0b:a2:2b:34:92:
fa:50:a9:39:68:f2:0d:6a:5b:ac:1a:e0:a7:88:fd:
18:6a:57:90:7b:8e:16:c2:e4:5f:86:23:48:9d:b0:
bf:7f:6e:05:5a:85:bc:e8:62:68:6d:c6:56:2d:55:
40:f1:d3:ff:ae:fe:bf:4b:88:9e:39:b8:20:5d:5c:
5b:e8:85:5a:59:e8:ac:ef:bc:c1:3f:5e:e2:2b:8c:
1a:ae:a9:4b:1e:d9:19:77:65:aa:3e:25:b0:6d:d8:
37:12:f4:d9:54:03:c2:a0:c5:4d:bc:0c:12:dd:1a:
cb:52:b0:55:11:93:75:00:05:cc:56:e7:b5:f9:a6:
3b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5B:EC:47:27:EB:11:20:0E:D3:34:A4:82:A1:BC:56:D5:C8:DA:49
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aVvsRyfrESAO0zSkgqG8VtXI2kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:8c40::/29
2a11:a0c0::/29
2a11:a800::/29
2a12:20c0::/29
2a12:d180::/29
Signature Algorithm: sha256WithRSAEncryption
2f:32:97:5c:fb:23:87:b5:96:2c:af:40:e8:6e:e1:b5:81:3c:
2f:15:e9:74:09:87:e7:12:9d:58:a7:30:9a:d0:f1:02:56:f4:
a1:ee:07:cc:c1:b5:6d:b5:3a:fe:33:f4:6b:b5:4e:45:88:34:
fa:c8:6b:ee:31:16:b3:07:de:21:d9:6a:83:d8:c9:ef:da:82:
3e:28:5a:1d:8b:5a:4b:a8:d5:19:85:94:d3:10:ed:55:7d:27:
52:7c:dd:f7:04:fd:10:b3:b9:f9:e9:c2:11:a9:e1:89:21:30:
2f:db:67:6c:9f:c2:bb:23:0f:df:aa:4e:80:f8:1b:0f:8f:6c:
04:2e:70:45:c5:1b:08:3e:bd:35:9a:d9:e2:2b:82:1e:12:b1:
78:b9:34:14:78:42:99:25:14:31:9a:1e:7c:91:12:51:7b:ad:
f7:5d:a3:af:0e:37:37:7b:cf:35:9b:32:0e:c9:bb:3d:8f:66:
6f:f7:e8:cf:99:b2:74:0a:3a:51:7d:fd:e1:c4:01:1d:5c:87:
4e:fd:db:25:8c:46:76:47:c1:ec:bc:ed:80:57:13:6d:ad:a9:
38:9e:fc:81:e7:5f:21:9a:4b:0a:9a:f7:bd:f6:7f:b4:2a:17:
f7:ca:40:84:9a:ee:4a:de:4a:00:b0:7b:3d:ee:2b:78:44:d4:
4a:b4:8a:41
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQkRTghVuGDpVNHCjvc8371MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTViZWM0NzI3ZWIxMTIwMGVkMzM0YTQ4MmExYmM1NmQ1YzhkYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliqPw0o6C7vctB/mnnopYk5iHsKF
PemM5WpwvLaxlJ7FJYNIWMKT4U8M2UURukVnfUxw5U6m7oG1q3uJzf4fK42MnHS9
Kkk+dnOzJlWNtav8/QNvdoxGelXJGs6wbGmOp0AXva9O57EPiaibmUNd3pjJXloI
IqbtqpnUORHEQlbkC6IrNJL6UKk5aPINalusGuCniP0YaleQe44WwuRfhiNInbC/
f24FWoW86GJobcZWLVVA8dP/rv6/S4ieObggXVxb6IVaWeis77zBP17iK4warqlL
HtkZd2WqPiWwbdg3EvTZVAPCoMVNvAwS3RrLUrBVEZN1AAXMVue1+aY7VQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGlb7Ecn6xEgDtM0pIKhvFbVyNpJMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvYVZ2c1J5ZnJFU0FPMHpTa2dxRzhWdFhJMmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhGMQAMF
AyoRoMADBQMqEagAAwUDKhIgwAMFAyoS0YAwDQYJKoZIhvcNAQELBQADggEBAC8y
l1z7I4e1liyvQOhu4bWBPC8V6XQJh+cSnVinMJrQ8QJW9KHuB8zBtW21Ov4z9Gu1
TkWINPrIa+4xFrMH3iHZaoPYye/agj4oWh2LWkuo1RmFlNMQ7VV9J1J83fcE/RCz
ufnpwhGp4YkhMC/bZ2yfwrsjD9+qToD4Gw+PbAQucEXFGwg+vTWa2eIrgh4SsXi5
NBR4QpklFDGaHnyRElF7rfddo68ONzd7zzWbMg7Juz2PZm/36M+ZsnQKOlF9/eHE
AR1ch0792yWMRnZHwey87YBXE22tqTie/IHnXyGaSwqa9732f7QqF/fKQISa7kre
SgCwez3uK3hE1Eq0ikE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:36:41 2025 by rpki-client