Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/dfffc5-cb6d-44ce-8472-777ee9556210/1/1-Mg08ooGsj9VN-8i0khJXBw3jVQ.roa
File: 1-Mg08ooGsj9VN-8i0khJXBw3jVQ.roa (raw, json)
Hash identifier: cP0po0zW+LQnzjrZSQHX9u1ecovx/li0WZt0UNimdaw=
Subject key identifier: F8:C8:34:F2:8A:06:B2:3F:55:37:EF:22:D2:48:49:5C:1C:37:8D:54
Certificate issuer: /CN=b2c5f74df4520d341da348a700a03b97caf07735
Certificate serial: 019423D6D09877788FF5D75D59DF4FF071B8
Authority key identifier: B2:C5:F7:4D:F4:52:0D:34:1D:A3:48:A7:00:A0:3B:97:CA:F0:77:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssX3TfRSDTQdo0inAKA7l8rwdzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/dfffc5-cb6d-44ce-8472-777ee9556210/1/1-Mg08ooGsj9VN-8i0khJXBw3jVQ.roa
Signing time: Wed 01 Jan 2025 21:47:48 +0000
ROA not before: Wed 01 Jan 2025 21:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28727
IP address blocks: 2001:67c:628::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/dfffc5-cb6d-44ce-8472-777ee9556210/1/ssX3TfRSDTQdo0inAKA7l8rwdzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/dfffc5-cb6d-44ce-8472-777ee9556210/1/ssX3TfRSDTQdo0inAKA7l8rwdzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ssX3TfRSDTQdo0inAKA7l8rwdzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d0:98:77:78:8f:f5:d7:5d:59:df:4f:f0:71:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c5f74df4520d341da348a700a03b97caf07735
Validity
Not Before: Jan 1 21:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8c834f28a06b23f5537ef22d248495c1c378d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2f:7f:3a:8c:38:8a:b1:85:18:98:9c:9d:7b:
f1:4b:c2:42:06:fd:b7:15:6b:ce:d4:2c:1f:97:d8:
64:c0:19:0d:e5:b5:b8:f1:e0:9d:3e:83:88:cc:40:
56:fa:76:84:b4:35:b1:18:5a:12:20:c2:f1:50:c1:
4d:e1:bc:8c:3f:42:dc:ab:03:3a:9c:13:8e:5e:71:
0e:6f:77:2b:d4:ab:5f:42:23:f2:d6:90:25:5a:9d:
23:5a:91:65:ac:96:97:79:6f:52:6a:1f:d9:34:ef:
07:38:6d:e9:ed:2e:66:0d:2d:ed:75:3c:09:22:44:
e8:69:46:8d:aa:ff:eb:96:79:e5:3b:17:e7:6c:89:
82:c6:b1:8d:14:39:b1:56:5c:82:54:00:1b:ff:8a:
49:89:94:f2:90:2f:49:2b:ad:e7:17:cc:33:82:1d:
9a:c1:26:2c:16:f7:2b:4a:a7:50:e5:68:5f:20:d8:
36:a0:10:84:84:50:c0:e5:fe:7b:d8:ea:09:51:be:
ee:0e:88:14:46:ab:fb:94:52:c0:56:3d:bb:72:8d:
93:3f:e9:07:5f:4c:2c:71:c0:7f:59:94:27:2c:da:
fb:45:9f:2a:b3:18:f8:a9:5d:6c:ea:e5:d8:3a:dc:
75:64:29:fe:d1:4e:4d:b4:04:5a:21:3a:e3:82:ef:
4b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C8:34:F2:8A:06:B2:3F:55:37:EF:22:D2:48:49:5C:1C:37:8D:54
X509v3 Authority Key Identifier:
keyid:B2:C5:F7:4D:F4:52:0D:34:1D:A3:48:A7:00:A0:3B:97:CA:F0:77:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssX3TfRSDTQdo0inAKA7l8rwdzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dfffc5-cb6d-44ce-8472-777ee9556210/1/1-Mg08ooGsj9VN-8i0khJXBw3jVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/dfffc5-cb6d-44ce-8472-777ee9556210/1/ssX3TfRSDTQdo0inAKA7l8rwdzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:628::/48
Signature Algorithm: sha256WithRSAEncryption
aa:7c:3b:15:0e:01:63:fe:0d:7e:bf:6f:bf:2d:0c:82:e4:34:
46:ce:9b:69:06:64:de:16:3e:a6:0c:eb:92:01:e5:7e:1b:2e:
55:4d:89:50:5f:a7:83:ec:78:ad:52:83:9d:3e:49:a4:3b:32:
be:95:20:b8:c8:87:5f:cb:a2:e3:89:19:2c:fe:8a:3c:3e:89:
b1:1a:40:1e:f4:ae:ac:8b:7b:bf:36:50:27:5a:18:2f:a6:54:
97:c9:5c:d4:b6:a8:55:d9:35:fb:44:d3:61:d6:8c:d4:9e:aa:
be:dd:b4:c1:aa:3e:4d:19:ae:29:b3:e8:af:4d:10:ec:d7:20:
95:f6:4c:dd:36:9b:fa:b6:ba:62:08:ef:80:c3:f9:5b:58:3a:
f1:56:b9:32:08:eb:41:86:69:56:30:ce:a7:e5:08:0b:ae:29:
07:91:28:2d:bf:5b:08:d9:79:f7:fa:06:4d:bb:a9:16:fc:12:
74:50:0a:ee:2f:c7:71:15:d4:96:af:dc:7a:5f:fd:25:aa:4a:
7d:d0:94:f7:88:75:29:3a:f5:8a:00:96:c9:81:b3:50:a7:6e:
81:4f:48:8a:27:4d:30:dc:8c:79:cb:1d:13:f5:c7:58:77:2c:
fc:19:4e:d3:58:09:c0:52:10:bd:d5:e5:df:4f:2e:f8:11:e1:
a2:3e:31:b1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQj1tCYd3iP9dddWd9P8HG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzVmNzRkZjQ1MjBkMzQxZGEzNDhhNzAwYTAzYjk3Y2Fm
MDc3MzUwHhcNMjUwMTAxMjE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGM4MzRmMjhhMDZiMjNmNTUzN2VmMjJkMjQ4NDk1YzFjMzc4ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i9/Oow4irGFGJicnXvxS8JCBv23
FWvO1Cwfl9hkwBkN5bW48eCdPoOIzEBW+naEtDWxGFoSIMLxUMFN4byMP0LcqwM6
nBOOXnEOb3cr1KtfQiPy1pAlWp0jWpFlrJaXeW9Sah/ZNO8HOG3p7S5mDS3tdTwJ
IkToaUaNqv/rlnnlOxfnbImCxrGNFDmxVlyCVAAb/4pJiZTykC9JK63nF8wzgh2a
wSYsFvcrSqdQ5WhfINg2oBCEhFDA5f572OoJUb7uDogURqv7lFLAVj27co2TP+kH
X0wsccB/WZQnLNr7RZ8qsxj4qV1s6uXYOtx1ZCn+0U5NtARaITrjgu9LXQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPjINPKKBrI/VTfvItJISVwcN41UMB8GA1UdIwQY
MBaAFLLF9030Ug00HaNIpwCgO5fK8Hc1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NYM1RmUlNEVFFkbzBpbkFLQTdsOHJ3ZHpVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kZmZmYzUtY2I2ZC00NGNlLTg0NzIt
Nzc3ZWU5NTU2MjEwLzEvMS1NZzA4b29Hc2o5Vk4tOGkwa2hKWEJ3M2pWUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2EvZGZmZmM1LWNiNmQtNDRjZS04NDcyLTc3N2VlOTU1NjIx
MC8xL3NzWDNUZlJTRFRRZG8waW5BS0E3bDhyd2R6VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwG
KDANBgkqhkiG9w0BAQsFAAOCAQEAqnw7FQ4BY/4Nfr9vvy0MguQ0Rs6baQZk3hY+
pgzrkgHlfhsuVU2JUF+ng+x4rVKDnT5JpDsyvpUguMiHX8ui44kZLP6KPD6JsRpA
HvSurIt7vzZQJ1oYL6ZUl8lc1LaoVdk1+0TTYdaM1J6qvt20wao+TRmuKbPor00Q
7NcglfZM3Tab+ra6YgjvgMP5W1g68Va5MgjrQYZpVjDOp+UIC64pB5EoLb9bCNl5
9/oGTbupFvwSdFAK7i/HcRXUlq/cel/9JapKfdCU94h1KTr1igCWyYGzUKdugU9I
iidNMNyMecsdE/XHWHcs/BlO01gJwFIQvdXl308u+BHhoj4xsQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:36 2025 by rpki-client