Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/tlRgtWShtf4NCRA8IRgcZrxGH5w.roa
File: tlRgtWShtf4NCRA8IRgcZrxGH5w.roa (raw, json)
Hash identifier: vWrq/qn4dImxorSwjmmV3lM2Zem99YCBAV/uApBQcww=
Subject key identifier: B6:54:60:B5:64:A1:B5:FE:0D:09:10:3C:21:18:1C:66:BC:46:1F:9C
Certificate issuer: /CN=a32b618b508ec1365372c2aa675f3601293cc624
Certificate serial: 019425FD9A58B0B573EC105056B346398D72
Authority key identifier: A3:2B:61:8B:50:8E:C1:36:53:72:C2:AA:67:5F:36:01:29:3C:C6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oythi1COwTZTcsKqZ182ASk8xiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/tlRgtWShtf4NCRA8IRgcZrxGH5w.roa
Signing time: Thu 02 Jan 2025 07:49:24 +0000
ROA not before: Thu 02 Jan 2025 07:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58192
IP address blocks: 2a13:6340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/oythi1COwTZTcsKqZ182ASk8xiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/oythi1COwTZTcsKqZ182ASk8xiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/oythi1COwTZTcsKqZ182ASk8xiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:9a:58:b0:b5:73:ec:10:50:56:b3:46:39:8d:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a32b618b508ec1365372c2aa675f3601293cc624
Validity
Not Before: Jan 2 07:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b65460b564a1b5fe0d09103c21181c66bc461f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8b:e4:66:e7:ad:07:7e:7f:f4:19:76:80:7b:
89:49:64:a4:13:a1:1c:4c:64:62:da:3d:51:42:22:
ef:19:0a:fd:82:e2:c4:f9:a9:8a:d9:99:1a:17:5d:
d3:fc:fc:53:cd:12:c9:41:aa:ca:1a:84:9b:d1:01:
c5:09:f8:90:83:90:55:03:9b:98:5b:b7:db:e5:e2:
50:23:b3:03:27:9e:9e:93:36:c3:ad:8e:28:b3:29:
05:f1:3f:ae:73:9d:e0:27:0a:f3:63:d8:06:90:c8:
d5:55:89:12:16:e6:99:2a:d7:83:8a:f4:b2:64:05:
75:4c:8a:09:4d:90:30:ff:46:d1:2e:eb:0e:94:40:
14:72:9b:2b:e7:f2:bc:6e:28:fa:81:54:28:ba:7c:
c4:90:ea:f9:27:37:f3:88:cb:d7:f0:87:50:10:6c:
10:75:d8:ea:43:1d:c5:62:24:56:76:44:b2:8a:af:
e5:e1:a4:b0:4d:49:86:df:01:55:57:bb:d4:d1:52:
e5:b1:3e:94:1f:84:95:3a:58:24:88:65:9a:e2:40:
14:5c:7a:a6:f5:4d:8b:63:c1:0e:46:e0:f4:3a:b2:
18:1b:96:7d:02:d7:ec:c0:99:52:ef:44:d3:96:81:
3e:b9:be:70:9d:c2:48:a2:d3:78:14:24:0f:6f:4c:
50:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:54:60:B5:64:A1:B5:FE:0D:09:10:3C:21:18:1C:66:BC:46:1F:9C
X509v3 Authority Key Identifier:
keyid:A3:2B:61:8B:50:8E:C1:36:53:72:C2:AA:67:5F:36:01:29:3C:C6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oythi1COwTZTcsKqZ182ASk8xiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/tlRgtWShtf4NCRA8IRgcZrxGH5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cfed0d-0fb0-4598-b365-65096dbcac30/1/oythi1COwTZTcsKqZ182ASk8xiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:6340::/29
Signature Algorithm: sha256WithRSAEncryption
26:0a:9c:94:c2:61:e1:1a:81:ff:ce:95:a2:02:92:2c:78:18:
33:22:0c:66:e0:8c:55:fd:73:79:37:47:3f:31:f7:9d:82:f2:
bf:ff:2c:ff:98:79:71:70:a2:58:f3:36:3c:bb:34:9f:8f:a4:
91:17:a3:be:ad:b3:d7:12:b1:c2:83:54:1f:fd:c0:3e:ff:ad:
fa:60:93:48:78:93:d6:97:82:bb:fb:ce:55:91:b7:d4:5a:a8:
51:1b:71:90:a6:dc:31:54:c3:2f:88:72:28:26:57:c4:65:3c:
8d:f0:83:01:a7:ab:e5:60:87:e4:77:78:bb:b5:e6:09:0a:c6:
f8:03:86:e5:52:72:ff:6b:eb:94:73:47:15:76:72:64:56:88:
5f:42:12:89:ea:30:09:b3:39:0c:c0:6b:4e:9b:54:64:a4:b6:
0d:5a:0e:e0:f6:6e:98:6c:23:db:f9:49:bd:d4:f6:9c:ac:07:
ff:96:ec:14:f8:c6:2a:f4:6d:d1:80:33:94:bd:03:d7:9d:65:
4e:30:05:c9:0c:bc:46:b6:1d:53:72:b5:d7:af:3d:c7:5a:d4:
1b:9e:79:71:47:d9:12:55:19:90:64:72:91:9c:c0:3c:80:fa:
3c:fe:d5:6c:1f:9b:76:43:fd:7f:5b:9d:8a:af:0b:61:76:a3:
a3:3f:5b:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/ZpYsLVz7BBQVrNGOY1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMmI2MThiNTA4ZWMxMzY1MzcyYzJhYTY3NWYzNjAxMjkz
Y2M2MjQwHhcNMjUwMTAyMDc0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU0NjBiNTY0YTFiNWZlMGQwOTEwM2MyMTE4MWM2NmJjNDYxZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlovkZuetB35/9Bl2gHuJSWSkE6Ec
TGRi2j1RQiLvGQr9guLE+amK2ZkaF13T/PxTzRLJQarKGoSb0QHFCfiQg5BVA5uY
W7fb5eJQI7MDJ56ekzbDrY4osykF8T+uc53gJwrzY9gGkMjVVYkSFuaZKteDivSy
ZAV1TIoJTZAw/0bRLusOlEAUcpsr5/K8bij6gVQounzEkOr5JzfziMvX8IdQEGwQ
ddjqQx3FYiRWdkSyiq/l4aSwTUmG3wFVV7vU0VLlsT6UH4SVOlgkiGWa4kAUXHqm
9U2LY8EORuD0OrIYG5Z9AtfswJlS70TTloE+ub5wncJIotN4FCQPb0xQFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLZUYLVkobX+DQkQPCEYHGa8Rh+cMB8GA1UdIwQY
MBaAFKMrYYtQjsE2U3LCqmdfNgEpPMYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3l0aGkxQ093VFpUY3NLcVoxODJBU2s4eGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jZmVkMGQtMGZiMC00NTk4LWIzNjUt
NjUwOTZkYmNhYzMwLzEvdGxSZ3RXU2h0ZjROQ1JBOElSZ2NacnhHSDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jZmVkMGQtMGZiMC00NTk4LWIzNjUtNjUwOTZkYmNhYzMw
LzEvb3l0aGkxQ093VFpUY3NLcVoxODJBU2s4eGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNjQDAN
BgkqhkiG9w0BAQsFAAOCAQEAJgqclMJh4RqB/86VogKSLHgYMyIMZuCMVf1zeTdH
PzH3nYLyv/8s/5h5cXCiWPM2PLs0n4+kkRejvq2z1xKxwoNUH/3APv+t+mCTSHiT
1peCu/vOVZG31FqoURtxkKbcMVTDL4hyKCZXxGU8jfCDAaer5WCH5Hd4u7XmCQrG
+AOG5VJy/2vrlHNHFXZyZFaIX0ISieowCbM5DMBrTptUZKS2DVoO4PZumGwj2/lJ
vdT2nKwH/5bsFPjGKvRt0YAzlL0D151lTjAFyQy8RrYdU3K11689x1rUG555cUfZ
ElUZkGRykZzAPID6PP7VbB+bdkP9f1udiq8LYXajoz9bGg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:23:37 2025 by rpki-client