Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d5f14f-2705-42ec-900f-6934cafb6bcd/1/YRcPB026UNAbaic7bC0XnagQJ_8.roa
File: YRcPB026UNAbaic7bC0XnagQJ_8.roa (raw, json)
Hash identifier: F5LbuOIZKUKKLsIhj9ecbNiDMJqNxgANq1yR2w3iRxE=
Subject key identifier: 61:17:0F:07:4D:BA:50:D0:1B:6A:27:3B:6C:2D:17:9D:A8:10:27:FF
Certificate issuer: /CN=6a5d410f425d35e74d456f7f87bae8ed92b3c829
Certificate serial: 019427B49A4D217BFD0422503935592520B5
Authority key identifier: 6A:5D:41:0F:42:5D:35:E7:4D:45:6F:7F:87:BA:E8:ED:92:B3:C8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/al1BD0JdNedNRW9_h7ro7ZKzyCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d5f14f-2705-42ec-900f-6934cafb6bcd/1/YRcPB026UNAbaic7bC0XnagQJ_8.roa
Signing time: Thu 02 Jan 2025 15:48:54 +0000
ROA not before: Thu 02 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 553
IP address blocks: 144.41.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/d5f14f-2705-42ec-900f-6934cafb6bcd/1/al1BD0JdNedNRW9_h7ro7ZKzyCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/d5f14f-2705-42ec-900f-6934cafb6bcd/1/al1BD0JdNedNRW9_h7ro7ZKzyCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/al1BD0JdNedNRW9_h7ro7ZKzyCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:9a:4d:21:7b:fd:04:22:50:39:35:59:25:20:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5d410f425d35e74d456f7f87bae8ed92b3c829
Validity
Not Before: Jan 2 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61170f074dba50d01b6a273b6c2d179da81027ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:5f:35:fe:da:71:0d:8c:a8:a8:6a:9a:eb:
52:d6:42:84:68:88:ae:ef:f3:ae:2a:cf:10:8d:8e:
b1:ef:7f:56:92:d1:fc:bb:85:9f:e7:14:c0:a1:7d:
a1:e0:45:e1:cd:df:cb:f2:e3:f7:28:39:84:c6:07:
eb:01:2a:47:28:25:7a:a2:f3:e7:c9:75:cf:d1:65:
65:f1:e4:12:8f:53:80:14:b5:7b:4f:b4:85:ea:41:
87:93:de:65:57:0e:db:e5:03:4f:3e:0e:96:95:df:
81:a5:05:76:9a:82:23:aa:e9:03:27:bf:3f:06:33:
3f:5e:b2:53:ea:fa:eb:be:eb:cd:f9:23:30:92:5e:
5b:99:6f:8d:fe:95:9f:11:39:23:8a:71:63:8e:5f:
cd:32:b0:32:a2:b7:8c:28:1f:0f:7b:62:16:4c:fe:
ec:96:6c:ca:c4:91:3e:17:f6:a0:bc:7c:ae:0c:6c:
2e:a1:66:f5:6f:1e:91:e2:ce:98:52:65:d6:a7:ea:
d3:ee:ef:08:6e:64:0c:3a:52:58:98:cf:25:4e:7e:
ec:5e:0a:f4:f7:9a:2c:e5:52:81:2f:4c:ad:fb:30:
ef:28:b8:4e:b7:e9:c8:6d:43:00:8f:28:e3:1b:8c:
af:e1:ac:a5:d8:b9:6e:5b:9f:ec:b7:5e:d9:59:e7:
d4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:17:0F:07:4D:BA:50:D0:1B:6A:27:3B:6C:2D:17:9D:A8:10:27:FF
X509v3 Authority Key Identifier:
keyid:6A:5D:41:0F:42:5D:35:E7:4D:45:6F:7F:87:BA:E8:ED:92:B3:C8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/al1BD0JdNedNRW9_h7ro7ZKzyCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d5f14f-2705-42ec-900f-6934cafb6bcd/1/YRcPB026UNAbaic7bC0XnagQJ_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d5f14f-2705-42ec-900f-6934cafb6bcd/1/al1BD0JdNedNRW9_h7ro7ZKzyCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.41.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:53:58:59:b8:95:31:b0:9a:7c:c6:00:41:44:b3:b5:ef:d2:
c1:01:52:c9:b8:fa:8a:d9:6c:c3:d1:6f:98:77:26:1d:d3:cf:
3c:3b:aa:16:69:19:25:cc:13:f8:da:47:93:cd:f6:20:3b:e1:
2a:6e:7e:36:2e:55:00:91:22:0b:5c:6f:5f:6b:3f:bb:d3:ec:
2b:27:21:44:88:92:d5:08:a1:2d:59:0f:c2:f8:d0:5e:86:16:
18:b5:4d:a9:87:15:62:4e:b3:90:66:bd:98:a1:79:86:93:d7:
fe:21:8a:52:34:af:f5:2b:7b:c0:38:02:86:4d:f1:bf:0d:8c:
d2:ba:12:1c:9e:84:34:c5:62:29:48:93:e7:b5:94:ba:25:16:
c4:25:30:be:6f:47:b5:4b:65:4e:04:82:40:0a:0e:6b:4a:27:
0e:98:19:74:9b:1f:9b:6c:9f:0d:be:39:15:9f:ca:e8:23:5b:
f0:b9:ee:1c:9d:04:cd:72:a7:17:9f:fa:03:e6:37:63:5f:83:
c7:2e:ac:aa:cf:20:09:92:76:f3:77:31:4d:c0:da:ff:bd:f8:
7d:f5:6f:f7:29:d1:a8:4d:f3:6a:49:5e:eb:e2:97:ac:aa:34:
53:f3:ef:26:8d:7f:2c:d0:ec:b8:58:6b:03:9d:7a:0d:ab:26:
4b:08:c4:86
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQntJpNIXv9BCJQOTVZJSC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNWQ0MTBmNDI1ZDM1ZTc0ZDQ1NmY3Zjg3YmFlOGVkOTJi
M2M4MjkwHhcNMjUwMTAyMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTE3MGYwNzRkYmE1MGQwMWI2YTI3M2I2YzJkMTc5ZGE4MTAyN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZhfNf7acQ2MqKhqmutS1kKEaIiu
7/OuKs8QjY6x739WktH8u4Wf5xTAoX2h4EXhzd/L8uP3KDmExgfrASpHKCV6ovPn
yXXP0WVl8eQSj1OAFLV7T7SF6kGHk95lVw7b5QNPPg6Wld+BpQV2moIjqukDJ78/
BjM/XrJT6vrrvuvN+SMwkl5bmW+N/pWfETkjinFjjl/NMrAyoreMKB8Pe2IWTP7s
lmzKxJE+F/agvHyuDGwuoWb1bx6R4s6YUmXWp+rT7u8IbmQMOlJYmM8lTn7sXgr0
95os5VKBL0yt+zDvKLhOt+nIbUMAjyjjG4yv4ayl2LluW5/st17ZWefUpQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGEXDwdNulDQG2onO2wtF52oECf/MB8GA1UdIwQY
MBaAFGpdQQ9CXTXnTUVvf4e66O2Ss8gpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWwxQkQwSmROZWROUlc5X2g3cm83Wkt6eUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kNWYxNGYtMjcwNS00MmVjLTkwMGYt
NjkzNGNhZmI2YmNkLzEvWVJjUEIwMjZVTkFiYWljN2JDMFhuYWdRSl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kNWYxNGYtMjcwNS00MmVjLTkwMGYtNjkzNGNhZmI2YmNk
LzEvYWwxQkQwSmROZWROUlc5X2g3cm83Wkt6eUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkCkwDQYJ
KoZIhvcNAQELBQADggEBAEdTWFm4lTGwmnzGAEFEs7Xv0sEBUsm4+orZbMPRb5h3
Jh3Tzzw7qhZpGSXME/jaR5PN9iA74SpufjYuVQCRIgtcb19rP7vT7CsnIUSIktUI
oS1ZD8L40F6GFhi1TamHFWJOs5BmvZiheYaT1/4hilI0r/Ure8A4AoZN8b8NjNK6
EhyehDTFYilIk+e1lLolFsQlML5vR7VLZU4EgkAKDmtKJw6YGXSbH5tsnw2+ORWf
yugjW/C57hydBM1ypxef+gPmN2Nfg8curKrPIAmSdvN3MU3A2v+9+H31b/cp0ahN
82pJXuvil6yqNFPz7yaNfyzQ7LhYawOdeg2rJksIxIY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:36:51 2025 by rpki-client