Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/yqIKBNfi5omJAzcXnoCsrE6snzo.roa
File: yqIKBNfi5omJAzcXnoCsrE6snzo.roa (raw, json)
Hash identifier: Opdk7PUfzB/ZuCfmlT3r82TvrvdyJuMBr+txoxstkgU=
Subject key identifier: CA:A2:0A:04:D7:E2:E6:89:89:03:37:17:9E:80:AC:AC:4E:AC:9F:3A
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 01942521A3577B3E67FE6F7CFE50CD88730C
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/yqIKBNfi5omJAzcXnoCsrE6snzo.roa
Signing time: Thu 02 Jan 2025 03:49:09 +0000
ROA not before: Thu 02 Jan 2025 03:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214050
IP address blocks: 2a13:a5c7:2400::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a3:57:7b:3e:67:fe:6f:7c:fe:50:cd:88:73:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 2 03:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=caa20a04d7e2e689890337179e80acac4eac9f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:66:35:e0:3e:61:12:cf:04:2f:f9:fd:2a:4c:
b5:0c:db:0c:85:6c:ac:f6:04:5e:2c:9e:95:f8:9a:
4a:bd:80:84:06:1b:ca:91:c3:42:67:6a:31:26:45:
7a:15:6e:67:c0:db:1e:c0:c6:22:97:9e:b2:6c:61:
cb:07:cc:6f:0a:3a:97:3c:56:0d:b4:a1:39:f8:56:
0c:0d:0f:3e:d4:89:01:60:5b:57:fc:51:67:92:bf:
2d:4a:23:63:46:a8:43:3f:3d:91:27:ab:40:9c:e4:
f6:3e:53:44:74:95:e6:c7:30:a7:7a:4b:10:8d:10:
f1:25:81:60:36:3f:33:26:b0:19:a4:a6:4c:1c:e5:
f2:35:01:a1:8e:79:d8:79:f4:aa:75:da:85:0e:b2:
28:76:c2:1f:00:dc:0a:fe:39:07:ff:37:66:ae:e4:
8e:5d:4c:54:a2:84:0c:b3:95:6f:23:80:90:b5:26:
87:0a:e3:ec:ed:46:40:64:c6:da:a7:53:5f:a2:ce:
92:56:2e:f9:40:4f:4c:0e:80:a7:ac:f6:0c:93:c0:
85:78:b4:32:a0:f4:84:39:1d:56:a7:92:06:29:ca:
bc:2f:45:af:aa:13:80:8b:91:7f:45:44:88:93:29:
59:49:30:fa:bf:73:2d:1b:1f:62:b7:b6:35:b9:dd:
74:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A2:0A:04:D7:E2:E6:89:89:03:37:17:9E:80:AC:AC:4E:AC:9F:3A
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/yqIKBNfi5omJAzcXnoCsrE6snzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c7:2400::/40
Signature Algorithm: sha256WithRSAEncryption
4d:c3:54:8a:e3:42:2d:ff:af:05:42:c2:de:cf:b7:88:7f:75:
ec:2e:85:4d:0e:d0:de:bd:56:8b:74:94:68:0c:28:fd:7b:c4:
9a:26:9a:bd:9b:4e:19:97:69:80:76:e2:6c:ed:1c:20:09:bc:
b1:50:26:0e:2f:0e:eb:50:81:2f:74:5a:5b:df:c2:ee:ea:b0:
df:81:81:4f:77:a8:33:08:aa:ef:81:3f:d8:1b:84:5d:62:cf:
36:a7:94:85:2d:9e:c2:8a:4f:a1:a5:c3:e7:f0:d9:f9:01:1b:
d2:9e:10:45:2c:ea:ee:25:77:c8:5b:cc:93:6c:68:ed:e0:2b:
00:dd:ac:84:e2:fb:48:01:7e:76:14:b1:a0:58:0d:6a:f9:1b:
ad:e4:fa:bd:e6:e4:64:14:b6:ec:47:51:16:0c:a3:a3:b7:98:
cd:ba:2a:3b:57:93:ee:77:16:0f:ce:90:9f:f1:2d:24:49:1a:
f5:bd:d2:82:29:c0:85:dd:35:33:40:1c:20:29:8d:c8:f2:f6:
3f:5a:12:26:88:e5:db:04:a3:df:3f:ec:d3:10:f5:6a:94:81:
91:c2:83:30:04:65:90:70:0d:fa:66:09:90:23:88:ef:60:fa:
26:fc:11:77:fd:fd:78:e4:c6:54:b7:1c:9c:fa:a0:a7:77:04:
bd:c6:cf:b2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIaNXez5n/m98/lDNiHMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjUwMTAyMDM0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWEyMGEwNGQ3ZTJlNjg5ODkwMzM3MTc5ZTgwYWNhYzRlYWM5ZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGY14D5hEs8EL/n9Kky1DNsMhWys
9gReLJ6V+JpKvYCEBhvKkcNCZ2oxJkV6FW5nwNsewMYil56ybGHLB8xvCjqXPFYN
tKE5+FYMDQ8+1IkBYFtX/FFnkr8tSiNjRqhDPz2RJ6tAnOT2PlNEdJXmxzCneksQ
jRDxJYFgNj8zJrAZpKZMHOXyNQGhjnnYefSqddqFDrIodsIfANwK/jkH/zdmruSO
XUxUooQMs5VvI4CQtSaHCuPs7UZAZMbap1Nfos6SVi75QE9MDoCnrPYMk8CFeLQy
oPSEOR1Wp5IGKcq8L0WvqhOAi5F/RUSIkylZSTD6v3MtGx9it7Y1ud10rQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMqiCgTX4uaJiQM3F56ArKxOrJ86MB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEveXFJS0JOZmk1b21KQXpjWG5vQ3NyRTZzbnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxyQw
DQYJKoZIhvcNAQELBQADggEBAE3DVIrjQi3/rwVCwt7Pt4h/dewuhU0O0N69Vot0
lGgMKP17xJommr2bThmXaYB24mztHCAJvLFQJg4vDutQgS90Wlvfwu7qsN+BgU93
qDMIqu+BP9gbhF1izzanlIUtnsKKT6Glw+fw2fkBG9KeEEUs6u4ld8hbzJNsaO3g
KwDdrITi+0gBfnYUsaBYDWr5G63k+r3m5GQUtuxHURYMo6O3mM26KjtXk+53Fg/O
kJ/xLSRJGvW90oIpwIXdNTNAHCApjcjy9j9aEiaI5dsEo98/7NMQ9WqUgZHCgzAE
ZZBwDfpmCZAjiO9g+ib8EXf9/XjkxlS3HJz6oKd3BL3Gz7I=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:26:05 2025 by rpki-client