Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/nTg06Xuaoov5emPDb5qo0AhHcXI.roa
File: nTg06Xuaoov5emPDb5qo0AhHcXI.roa (raw, json)
Hash identifier: sxM+tjocIPeu4DOdcT+0o31NCC6XWsc08As8H8WQbTc=
Subject key identifier: 9D:38:34:E9:7B:9A:A2:8B:F9:7A:63:C3:6F:9A:A8:D0:08:47:71:72
Certificate issuer: /CN=a122d6d21bd04c46224653a49be029e3c024b846
Certificate serial: 0194614530C6D941A5602ED3B351D3FBF693
Authority key identifier: A1:22:D6:D2:1B:D0:4C:46:22:46:53:A4:9B:E0:29:E3:C0:24:B8:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSLW0hvQTEYiRlOkm-Ap48AkuEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/nTg06Xuaoov5emPDb5qo0AhHcXI.roa
Signing time: Mon 13 Jan 2025 20:05:11 +0000
ROA not before: Mon 13 Jan 2025 20:05:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398892
IP address blocks: 2a14:af00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/oSLW0hvQTEYiRlOkm-Ap48AkuEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/oSLW0hvQTEYiRlOkm-Ap48AkuEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/oSLW0hvQTEYiRlOkm-Ap48AkuEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:45:30:c6:d9:41:a5:60:2e:d3:b3:51:d3:fb:f6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a122d6d21bd04c46224653a49be029e3c024b846
Validity
Not Before: Jan 13 20:05:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d3834e97b9aa28bf97a63c36f9aa8d008477172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:92:8e:7a:45:10:13:92:84:77:83:f9:60:
12:02:1e:a4:19:71:1b:62:dc:32:fe:74:38:44:9f:
87:8d:67:56:77:92:e1:2a:82:47:85:41:69:41:65:
cd:0a:bd:6c:09:75:85:22:a5:57:f5:98:0b:ea:46:
45:41:8f:4d:fc:b0:aa:59:79:21:75:f3:d6:de:08:
b5:a5:fe:d4:8f:40:51:c2:0c:b0:ad:17:ee:d9:9d:
fc:83:ee:4d:34:ee:ee:db:d0:98:83:a7:2a:22:31:
b9:c1:74:7c:75:35:2f:97:33:17:7a:a6:05:06:31:
d4:05:64:d0:2c:d1:d8:85:5e:ed:d9:22:8d:55:2f:
cd:1d:88:d9:fa:38:08:c4:ce:fe:00:92:49:2e:55:
ee:6b:7d:5e:e3:6b:dd:3a:c1:9a:97:1c:8e:06:ad:
97:52:ed:9c:77:fd:76:56:ec:e2:78:d4:48:a3:de:
3d:5b:c2:b1:c9:e8:89:a9:6f:e2:42:90:64:c0:c4:
4e:60:8b:b5:1d:2e:93:25:87:7b:45:20:a8:c2:ce:
7f:c5:af:89:60:3b:db:15:79:de:9d:40:36:01:30:
73:96:78:c9:ee:66:10:48:44:3a:52:fd:5e:fa:9f:
94:67:ff:25:33:21:e2:4c:8c:43:f5:85:d3:de:49:
08:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:38:34:E9:7B:9A:A2:8B:F9:7A:63:C3:6F:9A:A8:D0:08:47:71:72
X509v3 Authority Key Identifier:
keyid:A1:22:D6:D2:1B:D0:4C:46:22:46:53:A4:9B:E0:29:E3:C0:24:B8:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSLW0hvQTEYiRlOkm-Ap48AkuEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/nTg06Xuaoov5emPDb5qo0AhHcXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/048afc-d2cc-4e33-8607-5f251a03fa2b/1/oSLW0hvQTEYiRlOkm-Ap48AkuEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:af00::/29
Signature Algorithm: sha256WithRSAEncryption
1d:8f:04:da:c9:c2:58:14:59:43:25:7f:fa:89:87:ea:5c:a0:
c3:43:44:ee:cf:84:25:88:9d:92:57:96:49:7e:c5:a2:6f:40:
92:a1:c5:46:09:6b:6c:56:a0:67:be:ed:98:f3:aa:af:1b:f7:
1d:6e:82:66:9a:08:d8:02:20:5b:0f:19:7c:04:db:7b:41:23:
af:ae:b1:d8:a8:48:c9:a3:f9:5a:38:cc:7d:e0:39:8b:d8:9d:
0b:e5:45:a4:60:06:d5:3b:1c:e0:f6:fa:38:d1:18:09:3c:9f:
a8:1f:f6:2f:c7:dd:12:8f:10:35:41:9a:b9:95:27:73:e4:50:
52:3e:9f:62:ec:ff:1a:b1:f3:59:03:1a:ff:b8:49:cc:e7:75:
d3:d0:2a:08:ae:9a:06:6c:83:83:53:32:a9:66:e6:57:c5:b1:
66:9f:49:a5:d7:96:2c:93:90:fc:62:96:d7:0f:f3:73:73:bf:
5d:21:42:dd:50:d3:03:fc:8b:3d:d3:b6:63:a1:7e:d1:5c:4e:
a7:ba:a8:82:31:ba:60:47:ae:ff:de:b6:b9:e3:2d:61:13:46:
f7:a4:40:15:8f:e2:39:71:0f:da:7b:e2:53:dd:99:51:b7:e3:
46:31:8b:ea:40:ca:45:9f:68:ff:44:19:b5:2f:f7:f0:14:c3:
4f:50:87:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRhRTDG2UGlYC7Ts1HT+/aTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjJkNmQyMWJkMDRjNDYyMjQ2NTNhNDliZTAyOWUzYzAy
NGI4NDYwHhcNMjUwMTEzMjAwNTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDM4MzRlOTdiOWFhMjhiZjk3YTYzYzM2ZjlhYThkMDA4NDc3MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQOSjnpFEBOShHeD+WASAh6kGXEb
Ytwy/nQ4RJ+HjWdWd5LhKoJHhUFpQWXNCr1sCXWFIqVX9ZgL6kZFQY9N/LCqWXkh
dfPW3gi1pf7Uj0BRwgywrRfu2Z38g+5NNO7u29CYg6cqIjG5wXR8dTUvlzMXeqYF
BjHUBWTQLNHYhV7t2SKNVS/NHYjZ+jgIxM7+AJJJLlXua31e42vdOsGalxyOBq2X
Uu2cd/12VuzieNRIo949W8KxyeiJqW/iQpBkwMROYIu1HS6TJYd7RSCows5/xa+J
YDvbFXnenUA2ATBzlnjJ7mYQSEQ6Uv1e+p+UZ/8lMyHiTIxD9YXT3kkI3QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ04NOl7mqKL+Xpjw2+aqNAIR3FyMB8GA1UdIwQY
MBaAFKEi1tIb0ExGIkZTpJvgKePAJLhGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NMVzBodlFURVlpUmxPa20tQXA0OEFrdUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wNDhhZmMtZDJjYy00ZTMzLTg2MDct
NWYyNTFhMDNmYTJiLzEvblRnMDZYdWFvb3Y1ZW1QRGI1cW8wQWhIY1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wNDhhZmMtZDJjYy00ZTMzLTg2MDctNWYyNTFhMDNmYTJi
LzEvb1NMVzBodlFURVlpUmxPa20tQXA0OEFrdUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSvADAN
BgkqhkiG9w0BAQsFAAOCAQEAHY8E2snCWBRZQyV/+omH6lygw0NE7s+EJYidkleW
SX7Fom9AkqHFRglrbFagZ77tmPOqrxv3HW6CZpoI2AIgWw8ZfATbe0Ejr66x2KhI
yaP5WjjMfeA5i9idC+VFpGAG1Tsc4Pb6ONEYCTyfqB/2L8fdEo8QNUGauZUnc+RQ
Uj6fYuz/GrHzWQMa/7hJzOd109AqCK6aBmyDg1MyqWbmV8WxZp9JpdeWLJOQ/GKW
1w/zc3O/XSFC3VDTA/yLPdO2Y6F+0VxOp7qogjG6YEeu/962ueMtYRNG96RAFY/i
OXEP2nviU92ZUbfjRjGL6kDKRZ9o/0QZtS/38BTDT1CHUw==
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:47:05 2025 by rpki-client