Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/3i6rRzwRAyL8k-_zT-rTVQEK8XY.roa
File: 3i6rRzwRAyL8k-_zT-rTVQEK8XY.roa (raw, json)
Hash identifier: 4iT89VLbK4uPJ8JymUXHc+66RpPLsbOLFKoAxBgeg0c=
Subject key identifier: DE:2E:AB:47:3C:11:03:22:FC:93:EF:F3:4F:EA:D3:55:01:0A:F1:76
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 019427484B4254A41EABE2FDE14E27437E8C
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/3i6rRzwRAyL8k-_zT-rTVQEK8XY.roa
Signing time: Thu 02 Jan 2025 13:50:36 +0000
ROA not before: Thu 02 Jan 2025 13:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60703
IP address blocks: 2a02:a10::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:4b:42:54:a4:1e:ab:e2:fd:e1:4e:27:43:7e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de2eab473c110322fc93eff34fead355010af176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:08:bb:19:dd:54:1e:42:6c:66:f6:99:15:30:
50:e7:e9:92:b5:af:38:aa:45:d5:e0:45:23:20:58:
8e:f0:55:7f:a9:a1:f4:10:3d:ff:36:2c:e6:01:d2:
60:14:a1:1d:89:24:83:18:d2:3d:d7:3f:cb:c7:4f:
ed:27:bf:c1:54:04:77:b2:9b:c2:23:99:58:73:5f:
f6:d3:8d:d3:cc:dd:fe:e1:e6:6d:a0:3f:c6:43:23:
4f:61:b6:17:39:56:8a:d0:05:11:7c:fe:9e:87:49:
2e:51:8a:69:65:dd:c2:d8:ef:ac:19:86:d4:98:1d:
c3:74:5b:b5:d8:a0:52:1f:38:23:f2:95:43:8d:53:
89:1d:db:28:5b:77:8c:df:b5:31:30:14:d0:17:d1:
e5:27:5d:94:ce:fc:95:75:78:f6:e8:bf:d9:97:ab:
76:99:38:77:2b:9e:7c:11:bc:11:4e:16:95:39:10:
a3:32:af:2a:f4:f0:e8:41:a3:c7:8f:49:ca:09:ea:
10:3d:8e:d1:72:8d:8a:81:cc:5b:c8:27:f6:6d:8c:
2a:0c:5a:46:20:07:75:32:35:d1:77:44:d7:25:5a:
b3:21:21:c1:b7:d6:ed:af:eb:dd:d3:4d:08:d8:2a:
0c:50:97:19:4c:21:c8:d6:46:49:f8:7e:89:60:13:
36:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2E:AB:47:3C:11:03:22:FC:93:EF:F3:4F:EA:D3:55:01:0A:F1:76
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/3i6rRzwRAyL8k-_zT-rTVQEK8XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:a10::/32
Signature Algorithm: sha256WithRSAEncryption
8f:0b:35:aa:fc:ed:e2:12:bf:04:f8:c2:84:19:04:a4:f8:c9:
7c:6e:93:43:7b:f7:50:94:44:1e:56:9b:66:24:81:97:04:1a:
9a:27:0a:d7:87:e2:2e:3f:55:01:14:7c:35:17:f0:27:a9:95:
68:52:ab:4d:72:74:d6:f3:18:25:5d:77:a5:aa:1b:7a:9b:84:
ef:64:cd:7d:e3:7b:4b:4d:bb:25:1f:5d:42:b1:4a:bc:68:db:
c4:40:8b:1d:69:a4:5b:f9:08:f1:42:ad:2e:88:8c:2f:6b:9c:
08:12:50:f5:29:43:08:1f:28:1e:bf:78:b2:53:30:4c:a3:76:
a6:ed:7c:c9:6f:eb:e9:4b:9a:89:25:bc:10:07:0b:fb:6b:83:
28:a3:21:a4:93:b6:a3:24:dd:cc:39:04:ba:1b:2e:c1:e7:66:
53:6d:79:43:1f:19:a1:df:18:24:02:ea:f6:84:a7:2f:d9:57:
44:ea:91:ac:1d:60:6d:1b:30:1e:a2:05:cd:e7:42:79:b9:13:
64:7d:76:61:36:1d:c0:85:97:36:60:6a:ce:a4:de:53:a6:04:
a6:f4:1f:91:63:99:18:f5:22:da:84:19:0b:39:2a:79:b3:bd:
9b:3c:c4:d1:18:b9:0c:cb:b2:e4:44:c3:31:fa:55:51:40:8f:
46:7e:6f:8a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSEtCVKQeq+L94U4nQ36MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTJlYWI0NzNjMTEwMzIyZmM5M2VmZjM0ZmVhZDM1NTAxMGFmMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAi7Gd1UHkJsZvaZFTBQ5+mSta84
qkXV4EUjIFiO8FV/qaH0ED3/NizmAdJgFKEdiSSDGNI91z/Lx0/tJ7/BVAR3spvC
I5lYc1/2043TzN3+4eZtoD/GQyNPYbYXOVaK0AURfP6eh0kuUYppZd3C2O+sGYbU
mB3DdFu12KBSHzgj8pVDjVOJHdsoW3eM37UxMBTQF9HlJ12UzvyVdXj26L/Zl6t2
mTh3K558EbwRThaVORCjMq8q9PDoQaPHj0nKCeoQPY7Rco2KgcxbyCf2bYwqDFpG
IAd1MjXRd0TXJVqzISHBt9btr+vd000I2CoMUJcZTCHI1kZJ+H6JYBM2zQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN4uq0c8EQMi/JPv80/q01UBCvF2MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvM2k2clJ6d1JBeUw4ay1felQtclRWUUVLOFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIKEDAN
BgkqhkiG9w0BAQsFAAOCAQEAjws1qvzt4hK/BPjChBkEpPjJfG6TQ3v3UJREHlab
ZiSBlwQamicK14fiLj9VARR8NRfwJ6mVaFKrTXJ01vMYJV13paobepuE72TNfeN7
S027JR9dQrFKvGjbxECLHWmkW/kI8UKtLoiML2ucCBJQ9SlDCB8oHr94slMwTKN2
pu18yW/r6UuaiSW8EAcL+2uDKKMhpJO2oyTdzDkEuhsuwedmU215Qx8Zod8YJALq
9oSnL9lXROqRrB1gbRswHqIFzedCebkTZH12YTYdwIWXNmBqzqTeU6YEpvQfkWOZ
GPUi2oQZCzkqebO9mzzE0Ri5DMuy5ETDMfpVUUCPRn5vig==
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:54:31 2025 by rpki-client