Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/nvo5kYS5Gt5n8tNt2QdYcZApDBc.roa
File: nvo5kYS5Gt5n8tNt2QdYcZApDBc.roa (raw, json)
Hash identifier: zlWPVIjJT4fAh1Xfi/EWmZKxdKql19zmnHIxNlxz2Ss=
Subject key identifier: 9E:FA:39:91:84:B9:1A:DE:67:F2:D3:6D:D9:07:58:71:90:29:0C:17
Certificate issuer: /CN=c6ff541cf364193a2a00ada14244acd34c14038a
Certificate serial: 019426D9BDD90EBCF1D943D17255FD5EAEAD
Authority key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/nvo5kYS5Gt5n8tNt2QdYcZApDBc.roa
Signing time: Thu 02 Jan 2025 11:49:51 +0000
ROA not before: Thu 02 Jan 2025 11:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 2001:67c:1874::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.mft
rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:bd:d9:0e:bc:f1:d9:43:d1:72:55:fd:5e:ae:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Validity
Not Before: Jan 2 11:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9efa399184b91ade67f2d36dd907587190290c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:80:0a:da:ff:83:61:10:97:b1:8f:8d:f4:ee:
77:60:4c:bb:ea:2d:bc:c2:92:f1:b2:77:92:d0:49:
66:13:19:49:b5:c6:30:a1:b5:9a:31:a2:eb:67:ad:
46:77:3a:17:d9:98:d8:64:79:87:fb:9a:16:ee:6a:
43:2f:6a:55:da:05:9b:9b:af:ea:98:77:4a:25:20:
2a:4a:29:6a:86:36:dd:68:b2:3a:a6:55:27:13:c8:
ba:a2:86:22:7b:a5:e6:67:52:1e:08:b2:63:45:25:
71:89:46:40:ac:6c:e5:e9:b0:51:b8:de:15:2d:cb:
e3:b7:df:19:9f:ae:09:cb:7e:b1:d9:18:1d:74:ca:
d6:60:8c:66:bc:85:f4:87:0b:03:bc:6b:ff:a0:4f:
ef:b1:c1:32:b8:a1:22:b1:dc:50:59:f8:61:27:ed:
25:da:be:76:35:16:51:19:4f:6d:56:c3:03:4d:1e:
b3:71:1b:66:34:32:2b:a1:23:e4:e3:82:66:bc:27:
f5:43:ee:c2:4e:b3:8a:d3:a0:96:d4:5b:af:29:9d:
2c:5a:46:69:d8:2a:d3:8b:cb:4a:41:83:75:a2:22:
1e:34:ff:ad:a6:7f:3d:1c:3b:df:be:cb:f6:f4:5b:
9d:69:67:0c:49:2e:fd:6c:0d:3a:b8:de:ef:57:fd:
ce:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FA:39:91:84:B9:1A:DE:67:F2:D3:6D:D9:07:58:71:90:29:0C:17
X509v3 Authority Key Identifier:
keyid:C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/nvo5kYS5Gt5n8tNt2QdYcZApDBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1874::/48
Signature Algorithm: sha256WithRSAEncryption
8d:f5:f5:b5:58:8e:13:a4:db:4b:f3:c2:04:48:cc:7c:e2:55:
cb:03:6c:fd:b7:ad:01:09:5a:07:52:02:bc:22:26:2e:99:bc:
61:9c:b3:a2:79:6f:eb:bd:39:ef:2c:2a:58:cf:ab:b2:79:ca:
c5:5c:91:74:38:a3:d3:1f:35:68:ef:af:52:ff:02:b1:79:18:
eb:90:bf:54:7c:20:13:03:78:71:81:97:59:b9:ed:2f:02:23:
2e:0f:d4:0b:5d:a5:40:42:24:48:2e:40:6c:79:82:20:7c:2d:
e4:89:f5:10:3b:3e:09:15:54:31:1e:de:90:fa:fd:0c:73:f3:
53:6d:6f:a5:c3:66:96:8d:70:ed:29:16:fe:18:37:dc:d2:fa:
04:6d:99:0d:16:a3:3b:78:58:bc:22:91:83:08:60:e4:64:bc:
e7:2a:2f:04:15:47:ee:9b:44:34:62:8e:28:d9:1a:45:5f:8a:
c7:38:71:29:87:81:df:61:78:0c:af:0e:67:d9:56:69:b6:c7:
68:d2:93:6c:7a:f1:d1:68:69:14:2b:32:d9:0f:7e:4c:7c:1a:
df:b0:1f:e3:fb:09:8d:d4:8f:39:d7:61:ea:5a:a7:f3:94:78:
23:81:12:b3:7b:8e:57:95:3e:c6:a2:0a:5c:e0:e4:33:26:67:
05:d2:ea:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2b3ZDrzx2UPRclX9Xq6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZmY1NDFjZjM2NDE5M2EyYTAwYWRhMTQyNDRhY2QzNGMx
NDAzOGEwHhcNMjUwMTAyMTE0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWZhMzk5MTg0YjkxYWRlNjdmMmQzNmRkOTA3NTg3MTkwMjkwYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14AK2v+DYRCXsY+N9O53YEy76i28
wpLxsneS0ElmExlJtcYwobWaMaLrZ61GdzoX2ZjYZHmH+5oW7mpDL2pV2gWbm6/q
mHdKJSAqSilqhjbdaLI6plUnE8i6ooYie6XmZ1IeCLJjRSVxiUZArGzl6bBRuN4V
Lcvjt98Zn64Jy36x2RgddMrWYIxmvIX0hwsDvGv/oE/vscEyuKEisdxQWfhhJ+0l
2r52NRZRGU9tVsMDTR6zcRtmNDIroSPk44JmvCf1Q+7CTrOK06CW1FuvKZ0sWkZp
2CrTi8tKQYN1oiIeNP+tpn89HDvfvsv29FudaWcMSS79bA06uN7vV/3OpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ76OZGEuRreZ/LTbdkHWHGQKQwXMB8GA1UdIwQY
MBaAFMb/VBzzZBk6KgCtoUJErNNMFAOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYt
MmE1ZTk4YWJkMWYzLzEvbnZvNWtZUzVHdDVuOHROdDJRZFljWkFwREJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYtMmE1ZTk4YWJkMWYz
LzEveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBh0
MA0GCSqGSIb3DQEBCwUAA4IBAQCN9fW1WI4TpNtL88IESMx84lXLA2z9t60BCVoH
UgK8IiYumbxhnLOieW/rvTnvLCpYz6uyecrFXJF0OKPTHzVo769S/wKxeRjrkL9U
fCATA3hxgZdZue0vAiMuD9QLXaVAQiRILkBseYIgfC3kifUQOz4JFVQxHt6Q+v0M
c/NTbW+lw2aWjXDtKRb+GDfc0voEbZkNFqM7eFi8IpGDCGDkZLznKi8EFUfum0Q0
Yo4o2RpFX4rHOHEph4HfYXgMrw5n2VZptsdo0pNsevHRaGkUKzLZD35MfBrfsB/j
+wmN1I8512HqWqfzlHgjgRKze45XlT7Gogpc4OQzJmcF0uof
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:07:52 2025 by rpki-client