Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/a50aa4-e092-4d8c-9d83-0e0df68cde03/1/YyT2XNVLd1WyCxtwc8XjqhwP3s4.roa
File: YyT2XNVLd1WyCxtwc8XjqhwP3s4.roa (raw, json)
Hash identifier: vmLIxrmSzRhBjR//CR1+0NyG35ecgKl2ei7ZqRd06oY=
Subject key identifier: 63:24:F6:5C:D5:4B:77:55:B2:0B:1B:70:73:C5:E3:AA:1C:0F:DE:CE
Certificate issuer: /CN=5814d41cfa943da19f2778a0d373dd2a7741d06d
Certificate serial: 0195B031D1853890F365AF05DEBF3A882C9D
Authority key identifier: 58:14:D4:1C:FA:94:3D:A1:9F:27:78:A0:D3:73:DD:2A:77:41:D0:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WBTUHPqUPaGfJ3ig03PdKndB0G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/a50aa4-e092-4d8c-9d83-0e0df68cde03/1/YyT2XNVLd1WyCxtwc8XjqhwP3s4.roa
Signing time: Wed 19 Mar 2025 20:56:49 +0000
ROA not before: Wed 19 Mar 2025 20:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197450
IP address blocks: 2a12:e680::/48 maxlen: 48
2a12:e680:1::/48 maxlen: 48
2a12:e680:2::/48 maxlen: 48
2a12:e680:3::/48 maxlen: 48
2a12:e680:4::/48 maxlen: 48
2a12:e680:5::/48 maxlen: 48
2a12:e680:6::/48 maxlen: 48
2a12:e680:7::/48 maxlen: 48
2a12:e680:8::/48 maxlen: 48
2a12:e680:9::/48 maxlen: 48
2a12:e681::/32 maxlen: 32
2a12:e682::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/a50aa4-e092-4d8c-9d83-0e0df68cde03/1/WBTUHPqUPaGfJ3ig03PdKndB0G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/a50aa4-e092-4d8c-9d83-0e0df68cde03/1/WBTUHPqUPaGfJ3ig03PdKndB0G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/WBTUHPqUPaGfJ3ig03PdKndB0G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b0:31:d1:85:38:90:f3:65:af:05:de:bf:3a:88:2c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5814d41cfa943da19f2778a0d373dd2a7741d06d
Validity
Not Before: Mar 19 20:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6324f65cd54b7755b20b1b7073c5e3aa1c0fdece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:96:8d:2a:b1:94:39:13:4c:c9:47:4a:bc:21:
94:d1:24:5e:9e:83:5a:17:85:a5:b8:3a:fe:37:bf:
a4:54:b7:75:a6:2c:bf:92:48:7b:04:08:4c:ae:7f:
67:fd:25:03:1e:8d:d2:68:d6:3b:02:cf:4f:13:f1:
64:48:6a:49:79:46:39:44:a4:22:b7:06:11:00:50:
3f:9d:f2:42:dc:f4:dd:a5:9e:ad:6d:2f:7f:37:f6:
3a:d8:3d:dd:84:00:8c:0f:a3:9f:71:32:69:ba:9b:
80:b4:54:f0:e3:f8:b7:14:6d:69:59:05:f5:a0:51:
14:2d:2f:5d:2e:9f:27:f5:f6:f6:ca:a7:52:9d:90:
e3:0f:27:a1:d4:fa:4f:76:65:85:4d:3f:9a:10:19:
3c:2a:13:c0:e1:06:44:7f:52:59:96:11:fd:46:a3:
c0:b3:d9:50:04:01:77:a5:92:a6:03:b3:a0:dd:c6:
59:35:2e:86:4d:cb:31:ec:66:cf:9c:60:8d:a1:41:
d7:b1:3d:d2:40:c7:55:b5:21:25:3a:d1:60:aa:b7:
f6:2e:ea:da:f0:30:bb:69:f7:37:0e:0b:c3:0a:db:
a3:ac:1e:a5:f7:86:1f:9c:7e:76:8f:09:29:a1:d4:
1c:af:0c:e5:00:7e:69:e6:6b:a0:f8:7a:5e:52:74:
2c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:24:F6:5C:D5:4B:77:55:B2:0B:1B:70:73:C5:E3:AA:1C:0F:DE:CE
X509v3 Authority Key Identifier:
keyid:58:14:D4:1C:FA:94:3D:A1:9F:27:78:A0:D3:73:DD:2A:77:41:D0:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WBTUHPqUPaGfJ3ig03PdKndB0G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a50aa4-e092-4d8c-9d83-0e0df68cde03/1/YyT2XNVLd1WyCxtwc8XjqhwP3s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/a50aa4-e092-4d8c-9d83-0e0df68cde03/1/WBTUHPqUPaGfJ3ig03PdKndB0G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:e680::-2a12:e680:9:ffff:ffff:ffff:ffff:ffff
2a12:e681::-2a12:e682:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:33:1d:67:40:68:fa:51:60:bc:85:c8:ac:db:8b:d4:d1:ec:
d0:52:a2:a1:d1:64:86:02:c1:2a:5c:ad:70:6c:1c:c7:b4:01:
6b:63:72:1f:fc:6a:32:32:0a:80:f8:d8:9a:9b:dd:be:ff:6e:
cb:5a:0c:a5:02:67:ac:ea:e6:51:6c:ae:46:28:77:f2:30:73:
0a:22:22:3e:ca:a5:8a:b0:0e:cd:f0:5f:21:99:bf:cc:7d:7d:
43:ab:98:a6:c3:2b:ef:69:78:85:ec:f4:0a:c8:b3:59:96:e0:
d4:cf:f0:cb:ec:90:47:7e:03:eb:7c:27:56:d3:5d:bf:bb:d4:
07:f4:e7:bc:ea:8b:56:50:0d:b1:d3:51:45:e3:d2:4b:98:d0:
e5:f1:d0:ff:70:aa:94:e2:ec:a2:f8:d9:ff:61:0d:45:d4:76:
96:03:a5:dd:f8:23:1a:26:e7:9e:2f:85:99:f3:ca:73:30:7c:
6c:2f:f1:50:9d:60:62:1e:00:33:82:1b:1d:9b:60:c4:f2:79:
c6:46:71:fa:d5:24:e1:34:e0:e6:1c:69:be:8f:f4:43:41:9d:
68:18:61:ff:ed:fe:36:de:f8:ad:4b:65:a8:ea:67:41:e1:5c:
7f:e9:2f:0c:7c:ed:40:64:16:49:4e:80:8c:0b:86:2d:94:96:
a5:0b:41:93
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZWwMdGFOJDzZa8F3r86iCydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MTRkNDFjZmE5NDNkYTE5ZjI3NzhhMGQzNzNkZDJhNzc0
MWQwNmQwHhcNMjUwMzE5MjA1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzI0ZjY1Y2Q1NGI3NzU1YjIwYjFiNzA3M2M1ZTNhYTFjMGZkZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpaNKrGUORNMyUdKvCGU0SRenoNa
F4WluDr+N7+kVLd1piy/kkh7BAhMrn9n/SUDHo3SaNY7As9PE/FkSGpJeUY5RKQi
twYRAFA/nfJC3PTdpZ6tbS9/N/Y62D3dhACMD6OfcTJpupuAtFTw4/i3FG1pWQX1
oFEULS9dLp8n9fb2yqdSnZDjDyeh1PpPdmWFTT+aEBk8KhPA4QZEf1JZlhH9RqPA
s9lQBAF3pZKmA7Og3cZZNS6GTcsx7GbPnGCNoUHXsT3SQMdVtSElOtFgqrf2Lura
8DC7afc3DgvDCtujrB6l94YfnH52jwkpodQcrwzlAH5p5mug+HpeUnQsOwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGMk9lzVS3dVsgsbcHPF46ocD97OMB8GA1UdIwQY
MBaAFFgU1Bz6lD2hnyd4oNNz3Sp3QdBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0JUVUhQcVVQYUdmSjNpZzAzUGRLbmRCMEcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9hNTBhYTQtZTA5Mi00ZDhjLTlkODMt
MGUwZGY2OGNkZTAzLzEvWXlUMlhOVkxkMVd5Q3h0d2M4WGpxaHdQM3M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9hNTBhYTQtZTA5Mi00ZDhjLTlkODMtMGUwZGY2OGNkZTAz
LzEvV0JUVUhQcVVQYUdmSjNpZzAzUGRLbmRCMEcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiMBADBQcqEuaA
AwcBKhLmgAAIMA4DBQAqEuaBAwUAKhLmgjANBgkqhkiG9w0BAQsFAAOCAQEAljMd
Z0Bo+lFgvIXIrNuL1NHs0FKiodFkhgLBKlytcGwcx7QBa2NyH/xqMjIKgPjYmpvd
vv9uy1oMpQJnrOrmUWyuRih38jBzCiIiPsqlirAOzfBfIZm/zH19Q6uYpsMr72l4
hez0CsizWZbg1M/wy+yQR34D63wnVtNdv7vUB/TnvOqLVlANsdNRRePSS5jQ5fHQ
/3CqlOLsovjZ/2ENRdR2lgOl3fgjGibnni+FmfPKczB8bC/xUJ1gYh4AM4IbHZtg
xPJ5xkZx+tUk4TTg5hxpvo/0Q0GdaBhh/+3+Nt74rUtlqOpnQeFcf+kvDHztQGQW
SU6AjAuGLZSWpQtBkw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:15:12 2025 by rpki-client