Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0f2266-b4f1-48fc-b293-67932656e594/1/59_xhKD0T6uSuFEYj3I2uhiqG1c.roa
File: 59_xhKD0T6uSuFEYj3I2uhiqG1c.roa (raw, json)
Hash identifier: MYVrtUe54xpHaYsIcVLfMIx5ZncQsO+bXIz8ZL41Ros=
Subject key identifier: E7:DF:F1:84:A0:F4:4F:AB:92:B8:51:18:8F:72:36:BA:18:AA:1B:57
Certificate issuer: /CN=603b31bc6e7f42f6303870f0234b40def71fa03d
Certificate serial: 019424B3A2A00DDBFB91ED4A5A28887F0A5F
Authority key identifier: 60:3B:31:BC:6E:7F:42:F6:30:38:70:F0:23:4B:40:DE:F7:1F:A0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDsxvG5_QvYwOHDwI0tA3vcfoD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/0f2266-b4f1-48fc-b293-67932656e594/1/59_xhKD0T6uSuFEYj3I2uhiqG1c.roa
Signing time: Thu 02 Jan 2025 01:48:59 +0000
ROA not before: Thu 02 Jan 2025 01:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215123
IP address blocks: 2a14:37c0::/32 maxlen: 32
2a14:37c0::/48 maxlen: 48
2a14:37c1::/32 maxlen: 32
2a14:37c2::/32 maxlen: 32
2a14:37c3::/32 maxlen: 32
2a14:37c4::/32 maxlen: 32
2a14:37c5::/32 maxlen: 32
2a14:37c6::/32 maxlen: 32
2a14:37c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/0f2266-b4f1-48fc-b293-67932656e594/1/YDsxvG5_QvYwOHDwI0tA3vcfoD0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/0f2266-b4f1-48fc-b293-67932656e594/1/YDsxvG5_QvYwOHDwI0tA3vcfoD0.mft
rsync://rpki.ripe.net/repository/DEFAULT/YDsxvG5_QvYwOHDwI0tA3vcfoD0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 20:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a2:a0:0d:db:fb:91:ed:4a:5a:28:88:7f:0a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=603b31bc6e7f42f6303870f0234b40def71fa03d
Validity
Not Before: Jan 2 01:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7dff184a0f44fab92b851188f7236ba18aa1b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:88:b7:47:87:80:ea:6e:7e:2b:59:79:16:e2:
99:56:11:9d:d6:1e:5a:7f:0f:2e:0f:f0:11:3b:55:
0b:81:35:b2:fb:34:2a:d6:b7:da:4f:f0:ed:d9:a1:
ad:ba:e7:8c:f0:67:6d:b7:8b:df:8e:ee:16:3b:59:
43:cc:e9:aa:0e:bf:48:ca:0e:8c:82:b0:2e:f2:40:
11:bf:39:7b:19:54:14:4d:b5:e0:95:5b:1a:9f:2a:
2d:55:86:92:e1:1c:db:04:10:33:11:5f:e5:26:3e:
1b:1a:13:87:4c:c2:b4:11:85:e2:b8:78:74:09:46:
d4:79:44:db:d8:d7:2a:d7:d2:c2:55:99:86:fc:20:
66:f8:d3:bd:41:fc:0d:62:08:87:3a:64:94:e0:7a:
5c:06:6d:ad:30:23:e0:ac:56:0f:30:3d:0a:f8:dd:
8c:24:84:79:cf:19:06:8e:b5:30:d1:8d:05:79:34:
8e:37:ba:f6:12:d5:3f:4d:bd:3f:73:2c:65:93:e2:
f0:cc:84:16:22:46:78:9c:8e:f7:42:1b:37:87:ba:
08:ed:93:1e:1c:2a:e4:c6:68:ce:9a:b8:a4:87:e3:
25:20:66:99:55:ef:d3:66:c5:53:66:8c:83:1d:62:
e9:50:3e:aa:6e:e6:e9:42:03:a9:74:9a:d5:34:aa:
0d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DF:F1:84:A0:F4:4F:AB:92:B8:51:18:8F:72:36:BA:18:AA:1B:57
X509v3 Authority Key Identifier:
keyid:60:3B:31:BC:6E:7F:42:F6:30:38:70:F0:23:4B:40:DE:F7:1F:A0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDsxvG5_QvYwOHDwI0tA3vcfoD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0f2266-b4f1-48fc-b293-67932656e594/1/59_xhKD0T6uSuFEYj3I2uhiqG1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0f2266-b4f1-48fc-b293-67932656e594/1/YDsxvG5_QvYwOHDwI0tA3vcfoD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:79:dc:57:ed:9e:64:f8:34:81:d5:52:7e:02:54:7b:50:4e:
ed:6e:20:61:79:aa:a4:ca:59:d3:30:1a:e4:51:94:cd:4c:e4:
07:c2:16:95:4c:92:05:8b:ad:86:c5:97:d9:67:44:ec:e3:b2:
1b:ff:0e:03:84:8a:96:4e:5a:7c:ea:2f:fc:fa:37:41:57:d4:
eb:ec:c6:76:2b:08:1f:ee:72:11:67:e8:ae:c9:1f:30:0b:b5:
d1:4d:10:38:44:99:c1:15:d5:4b:4e:57:b6:05:24:d7:79:31:
7b:d1:c6:2c:9c:5b:4f:f7:d3:ad:10:28:44:ca:1a:d0:b6:7a:
93:42:d1:43:17:bd:a5:87:1e:27:0a:27:dd:e6:43:42:c3:7d:
9a:28:80:30:eb:84:10:76:70:b8:71:b6:83:3c:2f:09:11:0d:
81:e7:c2:aa:96:13:9b:e2:08:5b:ae:a1:dc:dc:4d:c9:75:64:
d2:25:14:60:90:4d:ef:60:3a:ed:a8:95:47:df:79:f7:fd:a0:
b5:cc:00:3c:5a:0e:66:2e:8d:f6:14:d0:93:65:80:5b:33:8a:
a5:ed:36:f1:ad:bd:ef:6b:fc:ff:e0:ba:2f:ca:80:de:ee:d3:
d1:d4:29:3e:2e:c5:3c:6a:8e:d0:25:1a:1a:83:e3:15:d2:d3:
32:22:6d:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks6KgDdv7ke1KWiiIfwpfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwM2IzMWJjNmU3ZjQyZjYzMDM4NzBmMDIzNGI0MGRlZjcx
ZmEwM2QwHhcNMjUwMTAyMDE0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RmZjE4NGEwZjQ0ZmFiOTJiODUxMTg4ZjcyMzZiYTE4YWExYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIi3R4eA6m5+K1l5FuKZVhGd1h5a
fw8uD/ARO1ULgTWy+zQq1rfaT/Dt2aGtuueM8Gdtt4vfju4WO1lDzOmqDr9Iyg6M
grAu8kARvzl7GVQUTbXglVsanyotVYaS4RzbBBAzEV/lJj4bGhOHTMK0EYXiuHh0
CUbUeUTb2Ncq19LCVZmG/CBm+NO9QfwNYgiHOmSU4HpcBm2tMCPgrFYPMD0K+N2M
JIR5zxkGjrUw0Y0FeTSON7r2EtU/Tb0/cyxlk+LwzIQWIkZ4nI73Qhs3h7oI7ZMe
HCrkxmjOmrikh+MlIGaZVe/TZsVTZoyDHWLpUD6qbubpQgOpdJrVNKoN/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOff8YSg9E+rkrhRGI9yNroYqhtXMB8GA1UdIwQY
MBaAFGA7Mbxuf0L2MDhw8CNLQN73H6A9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURzeHZHNV9Rdll3T0hEd0kwdEEzdmNmb0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wZjIyNjYtYjRmMS00OGZjLWIyOTMt
Njc5MzI2NTZlNTk0LzEvNTlfeGhLRDBUNnVTdUZFWWozSTJ1aGlxRzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wZjIyNjYtYjRmMS00OGZjLWIyOTMtNjc5MzI2NTZlNTk0
LzEvWURzeHZHNV9Rdll3T0hEd0kwdEEzdmNmb0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQ3wDAN
BgkqhkiG9w0BAQsFAAOCAQEAhnncV+2eZPg0gdVSfgJUe1BO7W4gYXmqpMpZ0zAa
5FGUzUzkB8IWlUySBYuthsWX2WdE7OOyG/8OA4SKlk5afOov/Po3QVfU6+zGdisI
H+5yEWforskfMAu10U0QOESZwRXVS05XtgUk13kxe9HGLJxbT/fTrRAoRMoa0LZ6
k0LRQxe9pYceJwon3eZDQsN9miiAMOuEEHZwuHG2gzwvCRENgefCqpYTm+IIW66h
3NxNyXVk0iUUYJBN72A67aiVR9959/2gtcwAPFoOZi6N9hTQk2WAWzOKpe028a29
72v8/+C6L8qA3u7T0dQpPi7FPGqO0CUaGoPjFdLTMiJt4w==
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:45:59 2025 by rpki-client