Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/8nba-exF3ZHVESE2CvVjIKuU3UQ.roa
File: 8nba-exF3ZHVESE2CvVjIKuU3UQ.roa (raw, json)
Hash identifier: jxvFl3q0Zgzzo4QwCA+FiBdsIMPCA+I2+5CHXaI0+OI=
Subject key identifier: F2:76:DA:F9:EC:45:DD:91:D5:11:21:36:0A:F5:63:20:AB:94:DD:44
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019427B668265868C7ABBFEED47BD51AE355
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/8nba-exF3ZHVESE2CvVjIKuU3UQ.roa
Signing time: Thu 02 Jan 2025 15:50:53 +0000
ROA not before: Thu 02 Jan 2025 15:50:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51659
IP address blocks: 2a0e:7f46::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 03:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:68:26:58:68:c7:ab:bf:ee:d4:7b:d5:1a:e3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Jan 2 15:50:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f276daf9ec45dd91d51121360af56320ab94dd44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:6d:ac:16:68:8c:05:90:46:02:9f:ac:38:5b:
2c:f3:78:85:de:49:c2:f7:0c:d7:0d:de:bb:ae:ef:
08:60:c3:63:6f:5f:7d:d9:68:91:da:f2:b9:8b:15:
49:47:dc:fe:93:a7:e9:2b:cc:42:ae:90:33:46:da:
32:41:43:a1:2a:a5:cb:0c:86:6d:b3:16:f9:0a:d8:
83:3b:63:64:bc:6b:03:61:03:f4:02:a3:5a:32:dd:
c1:05:52:6a:10:3e:6f:c8:6f:d1:66:89:ad:30:ea:
19:c8:15:4f:fd:66:5f:28:fa:62:dd:08:59:1b:99:
05:78:65:fa:80:d0:18:2e:a0:dc:e7:c9:a4:7e:df:
c0:a5:ac:14:a8:3a:5a:56:a5:55:a3:4b:e1:ae:9b:
83:0b:6d:68:a8:c3:d6:4d:94:6a:0c:c3:bc:6b:a2:
3f:c0:83:d2:7a:43:fd:b4:1d:1d:d7:dd:7f:39:2c:
42:5a:db:98:32:7e:0e:a2:73:b4:c4:cd:65:a5:67:
f6:d0:45:51:cf:24:18:89:84:25:9b:0d:1b:38:95:
49:ae:cc:1e:24:60:9f:65:84:19:cd:db:55:32:a7:
a3:0a:54:24:7f:24:49:57:15:e9:f4:00:b4:2f:38:
df:00:ac:f4:1d:16:12:9e:07:4c:b8:ec:c8:4a:2a:
2d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:76:DA:F9:EC:45:DD:91:D5:11:21:36:0A:F5:63:20:AB:94:DD:44
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/8nba-exF3ZHVESE2CvVjIKuU3UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f46::/32
Signature Algorithm: sha256WithRSAEncryption
08:1c:ee:cf:22:73:f0:0b:82:e2:08:99:84:1e:38:94:e7:84:
1b:58:4e:35:63:c9:88:6f:47:53:eb:45:f0:13:a3:6f:6e:52:
90:9c:1c:34:1e:23:72:02:ad:00:0b:5d:14:d5:fc:27:14:48:
0a:d3:a8:a8:e5:7a:26:75:a7:49:6a:38:83:a2:b7:53:b9:62:
27:e9:cb:52:e8:e8:66:b6:87:84:b3:b9:96:95:cc:4d:9a:06:
f1:8e:9c:bd:93:85:b4:db:b0:82:27:e5:d6:e0:1b:f4:a7:8b:
1b:32:6a:b0:a6:10:e2:a1:53:02:95:60:e8:4d:45:50:43:a3:
58:05:02:d1:24:e0:07:1d:45:7f:67:b6:85:d1:dd:cb:40:9e:
0c:a8:e9:21:d9:90:8b:da:b4:83:d4:c4:a8:df:25:f4:87:b3:
21:fe:37:d5:51:26:56:16:00:b5:27:8e:54:d0:25:6c:60:20:
46:7c:de:1d:08:73:1d:df:ea:8e:b6:e4:5f:91:4b:de:ea:b9:
56:75:b7:ec:71:9f:1c:cc:db:94:bb:d8:50:c4:9f:e6:2b:95:
e1:ae:38:e2:27:50:63:be:82:be:e8:7a:45:0a:a8:21:1d:c3:
54:b2:58:eb:11:63:16:a2:2d:14:2d:82:fe:91:e8:c2:18:49:
bf:72:a0:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntmgmWGjHq7/u1HvVGuNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMTAyMTU1MDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjc2ZGFmOWVjNDVkZDkxZDUxMTIxMzYwYWY1NjMyMGFiOTRkZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6W2sFmiMBZBGAp+sOFss83iF3knC
9wzXDd67ru8IYMNjb1992WiR2vK5ixVJR9z+k6fpK8xCrpAzRtoyQUOhKqXLDIZt
sxb5CtiDO2NkvGsDYQP0AqNaMt3BBVJqED5vyG/RZomtMOoZyBVP/WZfKPpi3QhZ
G5kFeGX6gNAYLqDc58mkft/ApawUqDpaVqVVo0vhrpuDC21oqMPWTZRqDMO8a6I/
wIPSekP9tB0d191/OSxCWtuYMn4OonO0xM1lpWf20EVRzyQYiYQlmw0bOJVJrswe
JGCfZYQZzdtVMqejClQkfyRJVxXp9AC0LzjfAKz0HRYSngdMuOzISiotBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPJ22vnsRd2R1REhNgr1YyCrlN1EMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvOG5iYS1leEYzWkhWRVNFMkN2VmpJS3VVM1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5/RjAN
BgkqhkiG9w0BAQsFAAOCAQEACBzuzyJz8AuC4giZhB44lOeEG1hONWPJiG9HU+tF
8BOjb25SkJwcNB4jcgKtAAtdFNX8JxRICtOoqOV6JnWnSWo4g6K3U7liJ+nLUujo
ZraHhLO5lpXMTZoG8Y6cvZOFtNuwgifl1uAb9KeLGzJqsKYQ4qFTApVg6E1FUEOj
WAUC0STgBx1Ff2e2hdHdy0CeDKjpIdmQi9q0g9TEqN8l9IezIf431VEmVhYAtSeO
VNAlbGAgRnzeHQhzHd/qjrbkX5FL3uq5VnW37HGfHMzblLvYUMSf5iuV4a444idQ
Y76Cvuh6RQqoIR3DVLJY6xFjFqItFC2C/pHowhhJv3KgFg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:33:19 2025 by rpki-client