Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/1-g-A4hn_DsUBjrSOtmwbaV2sjfc.roa
File: 1-g-A4hn_DsUBjrSOtmwbaV2sjfc.roa (raw, json)
Hash identifier: H/p8gImyoUDaEoDvhM9gHqspIznQXZjV/layX0BmypQ=
Subject key identifier: FA:0F:80:E2:19:FF:0E:C5:01:8E:B4:8E:B6:6C:1B:69:5D:AC:8D:F7
Certificate issuer: /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial: 019424B3C1AD18382EAE93EE3B578D784133
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/1-g-A4hn_DsUBjrSOtmwbaV2sjfc.roa
Signing time: Thu 02 Jan 2025 01:49:07 +0000
ROA not before: Thu 02 Jan 2025 01:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42905
IP address blocks: 2a02:680:9100::/40 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c1:ad:18:38:2e:ae:93:ee:3b:57:8d:78:41:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Validity
Not Before: Jan 2 01:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa0f80e219ff0ec5018eb48eb66c1b695dac8df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f6:c0:8a:7f:b4:88:af:03:a7:9b:56:e1:57:
3f:00:ba:b2:56:1e:81:b5:cc:0a:33:27:9a:ac:c6:
50:0c:a0:30:ab:ef:d0:1f:2d:b2:a8:3f:66:30:2a:
37:24:f7:17:f2:27:8d:d1:c0:86:0b:fd:1b:5e:00:
c5:a3:ca:53:b5:72:73:b7:c2:db:85:d7:a0:a5:5f:
21:39:83:c7:be:d9:37:3c:95:91:54:f5:b3:04:ea:
6e:cb:18:39:6a:62:0d:51:29:68:e1:1a:4e:e9:30:
c1:79:b2:28:da:a7:05:a7:3c:76:1e:da:3f:61:e0:
38:48:4b:40:82:0d:4e:f3:fc:17:3e:df:21:ce:7e:
03:cb:18:ff:ae:ab:3b:02:eb:54:05:4e:50:c0:02:
37:0f:47:86:91:d9:95:de:d8:c7:53:79:50:1f:50:
9f:ff:9b:d1:47:7e:e0:7d:f5:91:d5:c3:15:3d:52:
9a:7d:c8:14:b1:21:ca:b3:d9:c7:d9:20:7e:cc:6e:
d1:cf:c7:1b:66:a9:d9:7e:fc:17:03:bb:36:94:86:
ce:7a:50:85:56:2b:fb:76:d1:d2:2e:ac:67:92:e3:
e7:24:08:0d:c0:b8:10:70:f1:7a:56:bc:e5:3c:27:
c3:6a:ae:2a:6e:c3:81:58:c2:bd:a5:a5:c8:68:b0:
37:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0F:80:E2:19:FF:0E:C5:01:8E:B4:8E:B6:6C:1B:69:5D:AC:8D:F7
X509v3 Authority Key Identifier:
keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/1-g-A4hn_DsUBjrSOtmwbaV2sjfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:680:9100::/40
Signature Algorithm: sha256WithRSAEncryption
6b:b6:f4:a3:83:98:d0:2c:eb:a9:0f:db:7d:20:19:17:1e:97:
2d:9b:74:00:93:3b:60:d5:76:15:0c:5c:34:56:f8:26:0b:9a:
6f:9f:22:8b:28:ff:b8:e2:60:d0:57:17:de:04:99:fb:2c:a4:
d6:43:34:9b:25:be:4b:52:ed:a4:19:9d:67:9c:6c:b7:6c:11:
85:eb:ce:db:9a:88:17:56:27:78:15:78:63:c3:3d:a9:70:f5:
4a:30:69:bc:df:49:15:8b:1b:d6:fc:26:97:18:34:a6:9a:f8:
b7:b0:e3:40:ff:78:c7:d4:96:78:6f:d0:8b:18:f7:7e:3a:c9:
7e:cc:33:84:60:a6:96:9d:14:46:3b:2e:d7:91:89:12:1d:66:
2e:2f:86:20:30:0f:f0:60:f8:28:ad:c7:20:24:b4:1e:96:38:
fb:20:fd:26:d6:b5:4b:d8:c8:51:42:49:ac:4e:12:ec:20:27:
bc:83:4a:22:d4:08:cd:6a:42:87:ef:f1:a0:2a:da:91:27:68:
44:33:14:2a:71:53:ec:7a:3d:01:d2:1c:7a:17:95:03:39:26:
9b:e7:85:26:da:8d:58:af:98:83:60:84:0f:3e:d2:72:e0:ab:
b4:05:69:41:ba:2a:39:a0:29:82:81:49:fd:c6:6e:21:98:2e:
e9:cd:3f:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQks8GtGDgurpPuO1eNeEEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0
NDE5NzkwHhcNMjUwMTAyMDE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBmODBlMjE5ZmYwZWM1MDE4ZWI0OGViNjZjMWI2OTVkYWM4ZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPbAin+0iK8Dp5tW4Vc/ALqyVh6B
tcwKMyearMZQDKAwq+/QHy2yqD9mMCo3JPcX8ieN0cCGC/0bXgDFo8pTtXJzt8Lb
hdegpV8hOYPHvtk3PJWRVPWzBOpuyxg5amINUSlo4RpO6TDBebIo2qcFpzx2Hto/
YeA4SEtAgg1O8/wXPt8hzn4Dyxj/rqs7AutUBU5QwAI3D0eGkdmV3tjHU3lQH1Cf
/5vRR37gffWR1cMVPVKafcgUsSHKs9nH2SB+zG7Rz8cbZqnZfvwXA7s2lIbOelCF
Viv7dtHSLqxnkuPnJAgNwLgQcPF6VrzlPCfDaq4qbsOBWMK9paXIaLA3qwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPoPgOIZ/w7FAY60jrZsG2ldrI33MB8GA1UdIwQY
MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt
YjdkMWNhYzUxZTBjLzEvMS1nLUE0aG5fRHNVQmpyU090bXdiYVYyc2pmYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzkvMmIzOGIzLTEyZjEtNDI0Mi1hZGFlLWI3ZDFjYWM1MWUw
Yy8xL1RKRVRKT2hwdkV5bDdJdXREVDNmOW9WRUdYay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoCBoCR
MA0GCSqGSIb3DQEBCwUAA4IBAQBrtvSjg5jQLOupD9t9IBkXHpctm3QAkztg1XYV
DFw0VvgmC5pvnyKLKP+44mDQVxfeBJn7LKTWQzSbJb5LUu2kGZ1nnGy3bBGF687b
mogXVid4FXhjwz2pcPVKMGm830kVixvW/CaXGDSmmvi3sONA/3jH1JZ4b9CLGPd+
Osl+zDOEYKaWnRRGOy7XkYkSHWYuL4YgMA/wYPgorccgJLQeljj7IP0m1rVL2MhR
QkmsThLsICe8g0oi1AjNakKH7/GgKtqRJ2hEMxQqcVPsej0B0hx6F5UDOSab54Um
2o1Yr5iDYIQPPtJy4Ku0BWlBuio5oCmCgUn9xm4hmC7pzT/0
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:57:18 2025 by rpki-client