Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/j0Asbb5ngsOWlyvv7kth_3yoBYM.roa
File: j0Asbb5ngsOWlyvv7kth_3yoBYM.roa (raw, json)
Hash identifier: O/JfF/netiv5OyRHt3hhhICYzLbMzCW+fJQdQl7HVfM=
Subject key identifier: 8F:40:2C:6D:BE:67:82:C3:96:97:2B:EF:EE:4B:61:FF:7C:A8:05:83
Certificate issuer: /CN=9a4daa4f6ac0e6bc102b68840a2ac6bb541b40fc
Certificate serial: 019427480B12ADBB1FDDF715433A0CB588E1
Authority key identifier: 9A:4D:AA:4F:6A:C0:E6:BC:10:2B:68:84:0A:2A:C6:BB:54:1B:40:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mk2qT2rA5rwQK2iECirGu1QbQPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/j0Asbb5ngsOWlyvv7kth_3yoBYM.roa
Signing time: Thu 02 Jan 2025 13:50:20 +0000
ROA not before: Thu 02 Jan 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215805
IP address blocks: 2001:67c:2404::/48 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.mft
rsync://rpki.ripe.net/repository/DEFAULT/mk2qT2rA5rwQK2iECirGu1QbQPw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:0b:12:ad:bb:1f:dd:f7:15:43:3a:0c:b5:88:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a4daa4f6ac0e6bc102b68840a2ac6bb541b40fc
Validity
Not Before: Jan 2 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f402c6dbe6782c396972befee4b61ff7ca80583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0c:38:7c:cf:69:6d:56:1c:82:6b:8d:39:07:
0e:50:6c:8f:7b:87:9f:f5:b8:b9:9c:c7:68:78:4f:
14:68:48:c8:da:6a:02:42:fd:a7:83:80:5a:81:f4:
39:29:7b:66:bb:16:30:d4:dc:ff:db:fd:6c:50:b5:
40:d6:47:0b:32:c3:a9:0f:19:e6:e8:ac:4b:df:20:
e7:54:eb:28:48:b0:03:f9:c3:94:6a:1a:26:06:3b:
d6:7a:29:11:6b:70:9e:61:fa:94:80:55:bc:d1:dd:
71:1c:c7:84:7f:02:2c:34:93:32:5d:16:89:50:9b:
50:0c:65:85:2f:03:49:9f:7c:b6:c1:53:2f:a0:7f:
a9:4f:16:77:3f:c9:a9:c4:e4:50:58:e5:ac:01:f9:
ee:28:9e:df:73:0d:53:12:dd:da:e7:6d:31:32:2d:
d3:81:cf:e4:24:fe:e6:71:88:e5:e6:6d:f2:4d:6f:
e6:bf:08:95:ec:ff:12:c8:d7:03:e6:0f:7b:02:8c:
ad:6c:6f:20:f0:36:9b:84:f5:f7:be:df:52:51:54:
89:fd:53:6b:ad:90:a7:a9:e5:41:c5:80:3a:93:d7:
f5:92:6b:9d:b7:9c:10:a3:07:bf:07:26:95:be:24:
71:d9:7d:4e:35:ab:c4:a7:a9:97:e3:42:e9:d6:f3:
4e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:40:2C:6D:BE:67:82:C3:96:97:2B:EF:EE:4B:61:FF:7C:A8:05:83
X509v3 Authority Key Identifier:
keyid:9A:4D:AA:4F:6A:C0:E6:BC:10:2B:68:84:0A:2A:C6:BB:54:1B:40:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mk2qT2rA5rwQK2iECirGu1QbQPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/j0Asbb5ngsOWlyvv7kth_3yoBYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/cd4624-620a-4cb2-a416-6be92b1aa8b3/1/mk2qT2rA5rwQK2iECirGu1QbQPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2404::/48
Signature Algorithm: sha256WithRSAEncryption
6d:32:1a:95:76:22:6e:28:18:ca:66:08:71:c7:69:5b:24:54:
1b:55:05:07:4a:70:4e:d9:4d:73:13:18:b4:01:cb:5f:94:69:
bc:11:01:58:47:a4:f9:73:37:35:bf:cb:be:f3:5e:84:8f:73:
96:1e:38:6c:5c:62:e9:a0:8c:19:ac:00:79:45:bf:50:61:a5:
0d:bf:4c:fd:27:73:be:b8:5a:7d:cd:ac:c6:68:d8:97:67:62:
71:33:76:9c:f6:d5:34:af:4b:87:b4:7b:ce:c8:bc:87:11:e5:
87:ee:33:c0:d0:2f:80:a6:42:90:b7:74:e5:11:ad:50:d9:9f:
bf:7f:71:f3:49:2a:b6:3a:24:06:76:17:1e:ce:7d:3e:ca:ba:
be:eb:6c:ad:40:27:d9:14:a2:25:32:e6:a0:2e:c5:de:21:6d:
5f:48:86:06:40:d9:0b:66:45:fc:96:81:f8:2f:3d:f1:7a:82:
b5:e5:9d:6c:96:d4:aa:46:20:51:73:3a:47:bb:82:7e:1b:58:
34:6b:9b:46:5c:54:d7:d4:64:f2:40:57:74:f9:e1:80:9e:a3:
ec:fd:d4:ca:4d:93:e8:39:f9:5c:a8:76:3e:86:93:87:4a:5f:
b8:89:75:8d:d7:8d:61:52:11:46:17:23:58:81:25:df:c3:ab:
8d:7d:88:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnSAsSrbsf3fcVQzoMtYjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNGRhYTRmNmFjMGU2YmMxMDJiNjg4NDBhMmFjNmJiNTQx
YjQwZmMwHhcNMjUwMTAyMTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQwMmM2ZGJlNjc4MmMzOTY5NzJiZWZlZTRiNjFmZjdjYTgwNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQw4fM9pbVYcgmuNOQcOUGyPe4ef
9bi5nMdoeE8UaEjI2moCQv2ng4BagfQ5KXtmuxYw1Nz/2/1sULVA1kcLMsOpDxnm
6KxL3yDnVOsoSLAD+cOUahomBjvWeikRa3CeYfqUgFW80d1xHMeEfwIsNJMyXRaJ
UJtQDGWFLwNJn3y2wVMvoH+pTxZ3P8mpxORQWOWsAfnuKJ7fcw1TEt3a520xMi3T
gc/kJP7mcYjl5m3yTW/mvwiV7P8SyNcD5g97AoytbG8g8DabhPX3vt9SUVSJ/VNr
rZCnqeVBxYA6k9f1kmudt5wQowe/ByaVviRx2X1ONavEp6mX40Lp1vNOhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI9ALG2+Z4LDlpcr7+5LYf98qAWDMB8GA1UdIwQY
MBaAFJpNqk9qwOa8ECtohAoqxrtUG0D8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWsycVQyckE1cndRSzJpRUNpckd1MVFiUVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jZDQ2MjQtNjIwYS00Y2IyLWE0MTYt
NmJlOTJiMWFhOGIzLzEvajBBc2JiNW5nc09XbHl2djdrdGhfM3lvQllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9jZDQ2MjQtNjIwYS00Y2IyLWE0MTYtNmJlOTJiMWFhOGIz
LzEvbWsycVQyckE1cndRSzJpRUNpckd1MVFiUVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCQE
MA0GCSqGSIb3DQEBCwUAA4IBAQBtMhqVdiJuKBjKZghxx2lbJFQbVQUHSnBO2U1z
Exi0ActflGm8EQFYR6T5czc1v8u+816Ej3OWHjhsXGLpoIwZrAB5Rb9QYaUNv0z9
J3O+uFp9zazGaNiXZ2JxM3ac9tU0r0uHtHvOyLyHEeWH7jPA0C+ApkKQt3TlEa1Q
2Z+/f3HzSSq2OiQGdhcezn0+yrq+62ytQCfZFKIlMuagLsXeIW1fSIYGQNkLZkX8
loH4Lz3xeoK15Z1sltSqRiBRczpHu4J+G1g0a5tGXFTX1GTyQFd0+eGAnqPs/dTK
TZPoOflcqHY+hpOHSl+4iXWN141hUhFGFyNYgSXfw6uNfYip
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:38 2025 by rpki-client