Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1-RGITW7t7RVjPIVDGK8sdPILfFw.roa
File: 1-RGITW7t7RVjPIVDGK8sdPILfFw.roa (raw, json)
Hash identifier: P/HUFSepVVEwfEporYNsH1D4aGgLnKavmwTt0gggDZk=
Subject key identifier: F9:11:88:4D:6E:ED:ED:15:63:3C:85:43:18:AF:2C:74:F2:0B:7C:5C
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 019422FB7D2A18CB2C28F17954CC45704FD9
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1-RGITW7t7RVjPIVDGK8sdPILfFw.roa
Signing time: Wed 01 Jan 2025 17:48:14 +0000
ROA not before: Wed 01 Jan 2025 17:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a06:d643::/32 maxlen: 32
2a09:e305::/32 maxlen: 32
2a09:ef03::/32 maxlen: 32
2a0a:b380::/32 maxlen: 32
2a0d:95c4::/32 maxlen: 32
2a0f:3107::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 12:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:7d:2a:18:cb:2c:28:f1:79:54:cc:45:70:4f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 17:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f911884d6eeded15633c854318af2c74f20b7c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3e:66:03:49:8f:ca:43:dc:f5:17:e7:26:72:
9c:47:96:10:63:ec:44:aa:9b:7c:5d:bd:0e:95:da:
7f:10:f9:f2:9a:e9:f4:13:41:8d:54:74:b6:a4:2d:
37:23:91:3f:ff:ee:a1:8c:4e:5a:c8:8d:d6:be:b3:
d3:05:01:4f:5b:aa:f3:8e:fb:94:e2:1e:52:84:bd:
0f:d4:b1:5b:d7:2e:47:df:d5:2a:e9:9e:df:1d:08:
1e:92:e1:97:77:f9:3c:6f:27:d7:56:5c:96:2a:16:
fc:86:76:57:26:4f:20:54:23:22:51:f7:dd:ed:de:
aa:1a:48:c0:96:72:f9:2f:40:5e:e5:0e:55:00:42:
16:2c:78:4f:ce:78:5c:34:32:fd:b5:49:45:ab:c7:
03:3d:b5:19:d0:56:07:a1:ff:b5:ef:2f:55:8d:c2:
4b:f5:cb:f4:2b:d8:34:67:1a:96:31:03:55:c1:e0:
90:a5:1f:34:19:bd:54:20:54:5f:f7:60:8e:67:de:
91:1c:32:cc:db:b9:ae:30:73:83:aa:f7:92:a6:35:
0f:bd:24:d2:50:50:41:5e:7d:e2:fd:52:d4:89:fc:
61:a5:d3:97:f3:4b:5a:84:fb:86:f7:4f:10:17:29:
21:c9:0f:e8:2a:1f:ce:02:aa:05:4f:ca:ec:b7:47:
45:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:11:88:4D:6E:ED:ED:15:63:3C:85:43:18:AF:2C:74:F2:0B:7C:5C
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1-RGITW7t7RVjPIVDGK8sdPILfFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d643::/32
2a09:e305::/32
2a09:ef03::/32
2a0a:b380::/32
2a0d:95c4::/32
2a0f:3107::/32
Signature Algorithm: sha256WithRSAEncryption
4d:18:12:2e:5d:c3:da:70:50:91:8b:47:43:68:2b:10:1f:45:
17:88:53:8a:cb:94:98:de:d6:1a:d8:aa:95:18:d0:e8:3b:d1:
c4:bb:c6:3e:e4:33:5f:8b:57:6a:e0:76:9e:97:36:b0:08:f9:
52:2e:52:20:15:56:13:ec:ef:2a:94:b0:15:a8:a9:a4:f6:31:
08:ba:83:12:6e:5d:39:aa:06:cf:49:82:64:61:3b:3c:bc:1e:
16:6a:d0:d5:21:f1:d9:86:f8:d0:18:ce:00:56:49:1c:a0:6f:
7f:16:b3:a2:f7:52:b9:48:a8:53:b7:df:f3:b1:6c:59:b5:99:
4e:24:09:9b:dc:2b:0d:84:76:82:08:82:fa:d3:f2:7b:2c:71:
fc:8e:bc:91:db:16:0b:dc:4f:06:1e:04:72:c6:90:bb:f8:a2:
26:7f:8e:bd:43:34:90:9a:79:ce:52:c0:a1:b3:c2:26:41:a2:
24:d0:08:e7:e6:78:94:73:14:9f:57:99:5d:e2:af:b6:3d:a8:
82:65:9d:90:6e:a4:23:e1:15:7a:12:d8:a8:7d:1c:0e:1e:f8:
bf:73:2e:1f:15:f6:e1:8b:9e:d7:14:d6:e1:fa:a7:15:03:bb:
c9:f2:e8:82:51:c5:b7:02:e3:f2:6c:7a:1c:54:1c:60:ad:a5:
11:1b:23:e6
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQi+30qGMssKPF5VMxFcE/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMTAxMTc0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTExODg0ZDZlZWRlZDE1NjMzYzg1NDMxOGFmMmM3NGYyMGI3YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT5mA0mPykPc9RfnJnKcR5YQY+xE
qpt8Xb0Oldp/EPnymun0E0GNVHS2pC03I5E//+6hjE5ayI3WvrPTBQFPW6rzjvuU
4h5ShL0P1LFb1y5H39Uq6Z7fHQgekuGXd/k8byfXVlyWKhb8hnZXJk8gVCMiUffd
7d6qGkjAlnL5L0Be5Q5VAEIWLHhPznhcNDL9tUlFq8cDPbUZ0FYHof+17y9VjcJL
9cv0K9g0ZxqWMQNVweCQpR80Gb1UIFRf92COZ96RHDLM27muMHODqveSpjUPvSTS
UFBBXn3i/VLUifxhpdOX80tahPuG908QFykhyQ/oKh/OAqoFT8rst0dFLQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPkRiE1u7e0VYzyFQxivLHTyC3xcMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvMS1SR0lUVzd0N1JWalBJVkRHSzhzZFBJTGZGdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5
MS8xL3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAIwKgMFACoG1kMD
BQAqCeMFAwUAKgnvAwMFACoKs4ADBQAqDZXEAwUAKg8xBzANBgkqhkiG9w0BAQsF
AAOCAQEATRgSLl3D2nBQkYtHQ2grEB9FF4hTisuUmN7WGtiqlRjQ6DvRxLvGPuQz
X4tXauB2npc2sAj5Ui5SIBVWE+zvKpSwFaippPYxCLqDEm5dOaoGz0mCZGE7PLwe
FmrQ1SHx2Yb40BjOAFZJHKBvfxazovdSuUioU7ff87FsWbWZTiQJm9wrDYR2ggiC
+tPyeyxx/I68kdsWC9xPBh4EcsaQu/iiJn+OvUM0kJp5zlLAobPCJkGiJNAI5+Z4
lHMUn1eZXeKvtj2ogmWdkG6kI+EVehLYqH0cDh74v3MuHxX24Yue1xTW4fqnFQO7
yfLoglHFtwLj8mx6HFQcYK2lERsj5g==
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:55:25 2025 by rpki-client