Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/QF4rR4F7HpcaZiknwA4tgKpftVg.roa
File: QF4rR4F7HpcaZiknwA4tgKpftVg.roa (raw, json)
Hash identifier: XiCBiHTD/9Mvk7CofJ1Duq2MXC4h5SkMeL+15pekdCE=
Subject key identifier: 40:5E:2B:47:81:7B:1E:97:1A:66:29:27:C0:0E:2D:80:AA:5F:B5:58
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0194274847C476D4E6788406E8F114F58CA7
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/QF4rR4F7HpcaZiknwA4tgKpftVg.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a03:60c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:47:c4:76:d4:e6:78:84:06:e8:f1:14:f5:8c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=405e2b47817b1e971a662927c00e2d80aa5fb558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:67:4e:01:4b:4e:f4:03:75:78:7b:d7:b6:04:
f2:6f:94:52:4d:c4:40:ac:18:cd:41:b2:05:a9:94:
5d:3e:de:82:f3:09:87:1d:2d:24:67:68:b7:7d:90:
ce:94:0b:31:2e:14:39:5a:fe:0b:39:b3:78:1c:c5:
f2:91:82:d7:8a:91:6b:75:a6:54:6b:79:d2:0f:b3:
fa:a8:df:27:50:86:1b:ad:4f:39:6e:98:15:22:c1:
73:7b:62:5a:9e:a0:e7:fc:2a:13:aa:63:ca:05:ac:
3f:fc:37:8f:d2:9c:47:43:84:89:ba:3d:35:71:80:
1d:b8:f6:35:d3:5e:cc:5a:9c:d7:1d:1e:b3:b0:6c:
df:7a:2e:40:66:e8:18:b8:f6:88:69:52:04:8f:0a:
94:f1:c7:58:50:c5:86:d8:94:67:ca:c5:49:35:dc:
0d:14:65:6a:97:1d:93:ce:7f:93:a9:9c:f7:0a:42:
97:37:3a:00:ff:a3:d1:36:c7:ba:ba:72:a7:e7:96:
44:7b:55:33:26:bc:14:5e:21:41:37:6e:10:00:1b:
b3:cb:a1:5d:2a:9b:b5:c8:87:22:96:ff:0f:e6:0f:
d2:5b:6e:65:06:21:1d:62:ea:4e:2f:41:7c:a1:ca:
40:66:1a:cd:12:72:bd:04:9d:16:49:d5:59:75:59:
94:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5E:2B:47:81:7B:1E:97:1A:66:29:27:C0:0E:2D:80:AA:5F:B5:58
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/QF4rR4F7HpcaZiknwA4tgKpftVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:cd:96:4e:56:af:80:9c:55:74:02:74:0f:17:3a:6b:cf:b6:
2e:44:10:cb:79:c4:a2:f6:6b:97:4e:a7:77:45:3e:4c:ba:64:
eb:26:f4:2b:21:c0:92:0f:09:08:36:da:d0:0c:34:b7:bb:8c:
20:8f:3a:39:09:22:40:a0:e3:a2:66:2c:ab:a1:e3:5e:bf:cd:
20:4a:db:91:f7:54:1f:45:ad:4c:31:81:33:c4:91:74:c4:83:
58:1e:ec:38:f0:0b:31:24:f4:64:09:74:f7:81:02:9a:9f:c2:
bb:54:13:c3:c6:34:5b:9f:a5:21:f6:80:8c:5f:e7:24:8b:78:
21:47:f8:13:bf:41:4b:9d:19:a8:f9:05:86:0c:02:46:9b:21:
6e:a6:f3:3f:9c:1f:c8:82:16:b0:65:dc:12:9d:3b:4d:9a:39:
86:17:25:fa:65:90:f1:32:44:68:f6:40:d0:2a:16:31:a9:ad:
a7:c8:f5:e3:e1:43:56:54:98:e7:40:44:f5:4c:14:16:21:39:
5d:d5:81:82:32:17:42:4b:da:50:0e:de:c0:50:52:17:af:16:
70:3a:cb:e8:e2:e6:a9:f5:bb:b7:20:6b:a8:4e:9e:c7:d6:b8:
35:23:85:ed:62:0f:6b:f2:47:2f:68:47:f1:65:8c:83:bb:9a:
d7:07:23:66
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSEfEdtTmeIQG6PEU9YynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDVlMmI0NzgxN2IxZTk3MWE2NjI5MjdjMDBlMmQ4MGFhNWZiNTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GdOAUtO9AN1eHvXtgTyb5RSTcRA
rBjNQbIFqZRdPt6C8wmHHS0kZ2i3fZDOlAsxLhQ5Wv4LObN4HMXykYLXipFrdaZU
a3nSD7P6qN8nUIYbrU85bpgVIsFze2JanqDn/CoTqmPKBaw//DeP0pxHQ4SJuj01
cYAduPY1017MWpzXHR6zsGzfei5AZugYuPaIaVIEjwqU8cdYUMWG2JRnysVJNdwN
FGVqlx2Tzn+TqZz3CkKXNzoA/6PRNse6unKn55ZEe1UzJrwUXiFBN24QABuzy6Fd
Kpu1yIcilv8P5g/SW25lBiEdYupOL0F8ocpAZhrNEnK9BJ0WSdVZdVmUzwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEBeK0eBex6XGmYpJ8AOLYCqX7VYMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvUUY0clI0RjdIcGNhWmlrbndBNHRnS3BmdFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgNgwDAN
BgkqhkiG9w0BAQsFAAOCAQEADs2WTlavgJxVdAJ0Dxc6a8+2LkQQy3nEovZrl06n
d0U+TLpk6yb0KyHAkg8JCDba0Aw0t7uMII86OQkiQKDjomYsq6HjXr/NIErbkfdU
H0WtTDGBM8SRdMSDWB7sOPALMST0ZAl094ECmp/Cu1QTw8Y0W5+lIfaAjF/nJIt4
IUf4E79BS50ZqPkFhgwCRpshbqbzP5wfyIIWsGXcEp07TZo5hhcl+mWQ8TJEaPZA
0CoWMamtp8j14+FDVlSY50BE9UwUFiE5XdWBgjIXQkvaUA7ewFBSF68WcDrL6OLm
qfW7tyBrqE6ex9a4NSOF7WIPa/JHL2hH8WWMg7ua1wcjZg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:03:34 2025 by rpki-client