Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/69EZo_UvSYLCIwLzPyqCblCyZzI.roa
File: 69EZo_UvSYLCIwLzPyqCblCyZzI.roa (raw, json)
Hash identifier: 2naW8CuEgpZKAi+BoeweFMMKRLa2fsvkiMt8udbwEtM=
Subject key identifier: EB:D1:19:A3:F5:2F:49:82:C2:23:02:F3:3F:2A:82:6E:50:B2:67:32
Certificate issuer: /CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35
Certificate serial: 01942444CEF1B8138C4D1DE45E10547C78EA
Authority key identifier: 4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/69EZo_UvSYLCIwLzPyqCblCyZzI.roa
Signing time: Wed 01 Jan 2025 23:47:56 +0000
ROA not before: Wed 01 Jan 2025 23:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 786
IP address blocks: 161.76.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ce:f1:b8:13:8c:4d:1d:e4:5e:10:54:7c:78:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35
Validity
Not Before: Jan 1 23:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebd119a3f52f4982c22302f33f2a826e50b26732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4d:92:32:ef:05:25:89:33:49:73:c4:a8:0a:
2e:b4:4e:54:9a:48:27:e4:03:fe:d9:54:47:37:d1:
5d:e1:87:2d:1c:92:9b:5d:74:b8:a1:8f:1d:bb:05:
ad:b0:07:8f:11:5a:fa:08:5e:63:d9:74:1c:c9:aa:
73:73:68:e9:db:fd:33:d3:5c:36:58:37:ca:26:87:
53:e7:b6:f6:fa:de:2c:38:83:a4:e8:13:e2:3c:0b:
25:72:20:3f:81:15:9e:93:42:7a:51:49:4c:80:1f:
4d:01:5e:74:03:6f:50:b1:94:2a:9f:6d:4c:fd:c2:
9d:13:18:fe:4f:90:50:b0:82:37:32:6f:b8:e9:ca:
ed:a8:8e:30:db:d6:af:7e:54:fe:04:74:f4:91:65:
be:ca:c1:e5:b3:bd:8c:c4:d0:eb:51:ab:48:52:63:
ea:04:77:6e:ff:49:b6:6f:c3:2d:d9:f2:92:42:f9:
c7:ca:d6:a0:3d:c1:c4:d7:cc:24:24:00:9d:11:2b:
46:21:d2:be:5e:19:35:f4:9b:c1:f1:25:80:5f:50:
0e:53:81:06:5e:d3:be:30:ad:e5:31:b6:60:23:88:
6f:e7:19:87:32:a8:9e:e3:20:29:37:dc:fc:9e:7c:
c4:af:ba:49:ec:43:10:85:07:83:b7:ec:bd:94:39:
92:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D1:19:A3:F5:2F:49:82:C2:23:02:F3:3F:2A:82:6E:50:B2:67:32
X509v3 Authority Key Identifier:
keyid:4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/69EZo_UvSYLCIwLzPyqCblCyZzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:fd:89:9b:39:b8:80:ee:87:bd:ef:2a:66:12:3c:37:52:7e:
52:e6:f3:ee:b3:99:9a:0c:a7:a1:9a:35:22:35:d7:c1:1f:f3:
27:55:91:b6:fc:d6:91:e0:19:f0:41:31:fb:4b:e1:92:dd:02:
d3:d0:e7:20:5e:37:e7:37:25:b2:1c:93:43:46:d1:46:17:5d:
26:09:d3:d9:68:40:36:19:8d:8a:0b:e2:1b:4d:fc:f9:e8:31:
54:02:ea:f0:07:25:a3:2a:e9:72:8a:ed:1c:bf:0a:0a:67:4b:
65:50:58:93:8c:e2:d7:f0:81:c0:19:ee:ca:6f:c5:19:dc:01:
3a:7e:10:0b:4e:e0:fc:31:1a:ea:66:5e:68:15:a6:0b:cb:43:
f2:ad:51:1c:e7:10:09:96:36:d6:4a:9e:e6:0c:8a:72:41:9d:
89:4e:ce:af:ab:09:69:2a:19:aa:3c:e4:74:3e:0b:ed:19:38:
4f:67:44:58:42:79:58:31:c2:0e:2e:47:35:dd:a8:3f:fd:3f:
52:ac:f6:a2:d1:fa:d1:56:5a:cf:2e:d2:0a:f4:c3:d5:fb:a3:
bf:9a:55:21:5a:ae:7e:b9:83:c6:db:d7:ae:45:eb:07:4a:49:
07:9a:80:07:42:92:6b:80:b3:b4:51:c6:3a:ab:73:cd:19:43:
54:92:c5:3f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQkRM7xuBOMTR3kXhBUfHjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiM2U1OTZhMjRkNDM2NTBjYjYwZThmY2M5ZTQ0ZDZmOGM5
MjlkMzUwHhcNMjUwMTAxMjM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmQxMTlhM2Y1MmY0OTgyYzIyMzAyZjMzZjJhODI2ZTUwYjI2NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk2SMu8FJYkzSXPEqAoutE5Umkgn
5AP+2VRHN9Fd4YctHJKbXXS4oY8duwWtsAePEVr6CF5j2XQcyapzc2jp2/0z01w2
WDfKJodT57b2+t4sOIOk6BPiPAslciA/gRWek0J6UUlMgB9NAV50A29QsZQqn21M
/cKdExj+T5BQsII3Mm+46crtqI4w29avflT+BHT0kWW+ysHls72MxNDrUatIUmPq
BHdu/0m2b8Mt2fKSQvnHytagPcHE18wkJACdEStGIdK+Xhk19JvB8SWAX1AOU4EG
XtO+MK3lMbZgI4hv5xmHMqie4yApN9z8nnzEr7pJ7EMQhQeDt+y9lDmSewIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFOvRGaP1L0mCwiMC8z8qgm5QsmcyMB8GA1UdIwQY
MBaAFEs+WWok1DZQy2Do/MnkTW+Mkp01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEt
MzNkMThiZjZkZjU1LzEvNjlFWm9fVXZTWUxDSXdMelB5cUNibEN5WnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEtMzNkMThiZjZkZjU1
LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoUwwDQYJ
KoZIhvcNAQELBQADggEBABj9iZs5uIDuh73vKmYSPDdSflLm8+6zmZoMp6GaNSI1
18Ef8ydVkbb81pHgGfBBMftL4ZLdAtPQ5yBeN+c3JbIck0NG0UYXXSYJ09loQDYZ
jYoL4htN/PnoMVQC6vAHJaMq6XKK7Ry/CgpnS2VQWJOM4tfwgcAZ7spvxRncATp+
EAtO4PwxGupmXmgVpgvLQ/KtURznEAmWNtZKnuYMinJBnYlOzq+rCWkqGao85HQ+
C+0ZOE9nRFhCeVgxwg4uRzXdqD/9P1Ks9qLR+tFWWs8u0gr0w9X7o7+aVSFarn65
g8bb165F6wdKSQeagAdCkmuAs7RRxjqrc80ZQ1SSxT8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:15:37 2025 by rpki-client