Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/1-P9YegJEgTTrNaAEU3IIuc08RmY.roa
File: 1-P9YegJEgTTrNaAEU3IIuc08RmY.roa (raw, json)
Hash identifier: VMR860mh90RZ0uHCWx/O5Sa1yv7ih7Q2heb0CHOeN9M=
Subject key identifier: F8:FF:58:7A:02:44:81:34:EB:35:A0:04:53:72:08:B9:CD:3C:46:66
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 0195816FC1BFE07569EA151400FB32038678
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/1-P9YegJEgTTrNaAEU3IIuc08RmY.roa
Signing time: Mon 10 Mar 2025 19:02:19 +0000
ROA not before: Mon 10 Mar 2025 19:02:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80::/29 maxlen: 29
2a09:2b80:2::/48 maxlen: 48
2a09:2b80:3::/48 maxlen: 48
2a09:2b80:4::/48 maxlen: 48
2a09:2b80:5::/48 maxlen: 48
2a09:2b80:6::/48 maxlen: 48
2a09:2b80:7::/48 maxlen: 48
2a09:2b80:8::/48 maxlen: 48
2a09:2b80:9::/48 maxlen: 48
2a09:2b80:10::/48 maxlen: 48
2a09:2b80:12::/48 maxlen: 48
2a09:2b80:13::/48 maxlen: 48
2a09:2b80:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:6f:c1:bf:e0:75:69:ea:15:14:00:fb:32:03:86:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Mar 10 19:02:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8ff587a02448134eb35a004537208b9cd3c4666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:09:8d:4f:30:e5:81:b0:55:e2:e5:28:9b:57:
7a:e7:d7:be:6a:82:d1:cf:7e:15:57:f6:8e:5b:74:
7e:23:bd:8b:af:8a:70:70:9d:5c:e9:28:53:e1:32:
e6:2e:ce:6d:20:d1:44:4d:3f:30:be:97:0a:83:26:
bb:e4:87:43:c8:42:eb:97:07:0b:bf:64:08:57:3a:
dd:1c:d9:76:47:17:e4:ba:db:29:27:d6:c4:4b:cf:
4d:48:44:5e:e0:42:7f:96:1f:91:c3:75:b5:7f:76:
dd:e9:d8:49:e1:7a:ad:f4:53:67:28:8f:30:4c:58:
1d:d4:46:8f:2b:2b:17:d7:53:0d:e9:c9:b3:8d:4b:
a7:d1:b5:cd:07:f4:a1:48:e5:7b:da:59:e4:3b:e3:
89:c6:be:1f:d2:6b:bb:15:c9:dc:32:b9:67:d1:68:
2e:22:a6:2b:2c:71:b2:9b:26:5e:7b:58:98:61:35:
6b:a9:4c:4e:18:24:79:b8:4b:d5:cd:77:0f:6a:42:
ed:69:3a:62:c9:6f:a6:5f:74:18:e7:8e:25:5e:72:
c7:9b:a4:4f:fd:74:d0:93:bb:8f:44:32:84:8a:05:
f3:84:04:c5:51:ed:19:5a:7c:6e:f4:68:f4:ce:26:
3d:39:27:66:cf:57:c5:11:9b:a6:6f:db:a0:29:ef:
28:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:FF:58:7A:02:44:81:34:EB:35:A0:04:53:72:08:B9:CD:3C:46:66
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/1-P9YegJEgTTrNaAEU3IIuc08RmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
10:1c:6c:fb:e0:19:18:de:91:98:b2:cd:1d:2a:b1:a5:d3:53:
0c:97:4d:84:96:de:bb:03:9e:b5:08:2a:af:13:42:06:ec:71:
aa:74:42:1a:a8:d1:37:61:b8:28:64:5d:e8:b7:60:83:06:92:
1d:67:57:04:24:b9:ae:26:6b:b6:9b:c4:ea:10:c3:17:f1:83:
fc:5b:b5:ae:34:5a:e6:a5:83:41:47:09:cc:94:bf:97:bf:0a:
2e:6e:78:63:00:8e:c1:7c:c6:33:4b:a2:c9:9d:d0:b2:2a:02:
b7:dd:c0:89:3d:08:3b:b9:71:d2:ca:24:6e:5d:74:16:fd:5c:
3e:a9:01:a9:62:d4:00:db:10:5b:aa:ba:11:80:cb:e7:37:e8:
14:5d:e2:0f:07:39:63:66:ec:ac:c3:1c:cc:3e:c2:90:77:c7:
e8:81:db:60:30:32:29:5b:81:f7:e8:f8:c9:e7:0b:c8:8f:5c:
2d:08:b4:5e:52:fc:1c:91:7f:5e:10:08:79:99:52:da:da:9e:
7e:9d:ba:50:f5:c8:89:61:80:bd:aa:a0:40:52:1b:7a:31:48:
7a:26:41:94:31:40:37:e4:75:6e:2e:1b:66:a9:f7:a7:36:ed:
6a:0e:5c:38:aa:e2:58:f5:b7:d8:2f:8c:a7:6c:7b:b0:6f:8a:
3d:9a:0a:0d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZWBb8G/4HVp6hUUAPsyA4Z4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjUwMzEwMTkwMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGZmNTg3YTAyNDQ4MTM0ZWIzNWEwMDQ1MzcyMDhiOWNkM2M0NjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgmNTzDlgbBV4uUom1d659e+aoLR
z34VV/aOW3R+I72Lr4pwcJ1c6ShT4TLmLs5tINFETT8wvpcKgya75IdDyELrlwcL
v2QIVzrdHNl2RxfkutspJ9bES89NSERe4EJ/lh+Rw3W1f3bd6dhJ4Xqt9FNnKI8w
TFgd1EaPKysX11MN6cmzjUun0bXNB/ShSOV72lnkO+OJxr4f0mu7FcncMrln0Wgu
IqYrLHGymyZee1iYYTVrqUxOGCR5uEvVzXcPakLtaTpiyW+mX3QY544lXnLHm6RP
/XTQk7uPRDKEigXzhATFUe0ZWnxu9Gj0ziY9OSdmz1fFEZumb9ugKe8oawIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPj/WHoCRIE06zWgBFNyCLnNPEZmMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvMS1QOVllZ0pFZ1RUck5hQUVVM0lJdWMwOFJtWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGEvZTZkODgwLTM5MDMtNGExMS1iYTI3LWM5NDU3ZWM4MTE1
MS8xL1phWmx1UUJwdlhHRkJnTG5RQXhTbDVNbW5qay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoJK4Aw
DQYJKoZIhvcNAQELBQADggEBABAcbPvgGRjekZiyzR0qsaXTUwyXTYSW3rsDnrUI
Kq8TQgbscap0Qhqo0TdhuChkXei3YIMGkh1nVwQkua4ma7abxOoQwxfxg/xbta40
Wualg0FHCcyUv5e/Ci5ueGMAjsF8xjNLosmd0LIqArfdwIk9CDu5cdLKJG5ddBb9
XD6pAali1ADbEFuquhGAy+c36BRd4g8HOWNm7KzDHMw+wpB3x+iB22AwMilbgffo
+MnnC8iPXC0ItF5S/ByRf14QCHmZUtrann6dulD1yIlhgL2qoEBSG3oxSHomQZQx
QDfkdW4uG2ap96c27WoOXDiq4lj1t9gvjKdse7Bvij2aCg0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:32:14 2025 by rpki-client