Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g7srAcmK9YdsnWY99fp7ELKlbSI.roa
File: g7srAcmK9YdsnWY99fp7ELKlbSI.roa (raw, json)
Hash identifier: SX6d3KxTzTSS3RnPiKxsY+voNtUoqKoYv68OiqZfZ3g=
Subject key identifier: 83:BB:2B:01:C9:8A:F5:87:6C:9D:66:3D:F5:FA:7B:10:B2:A5:6D:22
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521E4AC898DBABE4D80CFBBEF803029
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g7srAcmK9YdsnWY99fp7ELKlbSI.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140098
IP address blocks: 2a0e:b107:700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e4:ac:89:8d:ba:be:4d:80:cf:bb:ef:80:30:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83bb2b01c98af5876c9d663df5fa7b10b2a56d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0c:08:21:01:2d:af:14:41:9d:db:f7:31:a4:
02:14:b3:5e:de:5c:ef:7f:4b:cf:8d:19:fb:3e:37:
b6:ea:db:30:3f:40:72:05:fe:e0:23:78:00:fd:bb:
19:75:83:13:48:4e:13:b8:fe:d4:1e:21:35:02:81:
bf:f7:bd:a8:14:d5:f9:8d:9e:bc:44:7c:13:5f:ff:
80:54:f2:39:be:cf:13:ec:72:06:39:e6:b6:43:e0:
8d:aa:d7:6b:92:31:ef:2d:83:3f:d8:08:9d:b1:58:
a8:7e:3b:7b:80:c8:1f:d5:d0:4e:0f:0c:1e:6f:f5:
a0:e2:63:ef:a6:31:f6:24:25:73:2a:23:03:ca:70:
71:c7:55:7e:ea:91:d0:59:d8:37:7a:11:1d:37:f8:
cb:f3:02:0d:85:18:a9:c6:f4:5c:b0:ac:2d:37:22:
ae:05:b9:7b:f9:48:dc:13:3b:4c:a6:5c:6d:e1:a8:
dc:7f:2f:ef:83:29:13:fd:23:1d:ea:1f:48:30:89:
ed:cc:d0:f1:f1:82:5f:e5:02:e8:20:7d:6a:52:e0:
f2:ff:eb:5e:26:93:ed:fa:69:15:14:aa:da:18:08:
59:f9:e2:ad:dd:a6:df:35:72:93:af:74:d9:cc:06:
00:cc:3b:f5:42:d5:8c:91:58:6d:cc:40:dd:f4:44:
9a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BB:2B:01:C9:8A:F5:87:6C:9D:66:3D:F5:FA:7B:10:B2:A5:6D:22
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/g7srAcmK9YdsnWY99fp7ELKlbSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:700::/48
Signature Algorithm: sha256WithRSAEncryption
14:b4:18:60:65:9a:95:82:6a:88:16:de:3f:dc:61:9f:16:47:
40:54:92:e0:3d:ae:16:fc:46:60:37:a0:69:f5:b8:7c:db:40:
eb:b6:65:b1:3f:01:63:f4:30:20:05:d4:05:e1:99:7c:ce:e1:
61:6a:2e:4f:56:50:21:b1:f4:a2:fa:cc:82:4b:a1:40:23:fc:
18:09:e4:57:4c:da:f1:84:38:87:54:48:96:f9:87:09:f8:e9:
0a:d9:06:ea:aa:cd:16:41:fa:0c:d2:f9:82:30:db:da:8e:b7:
ba:bb:a6:d5:84:46:57:e5:02:06:73:6d:ad:19:12:32:00:81:
29:92:fd:ae:be:ff:3e:07:12:15:ba:48:8e:3a:79:3d:f1:50:
58:1d:5c:c3:21:8b:94:f4:03:22:87:fd:f7:ac:b7:bb:51:62:
d0:d4:b9:45:1a:a4:f1:ca:90:c0:85:9f:3c:fe:6b:ad:91:1a:
63:93:00:1e:1a:2a:ae:1d:79:e0:76:8f:ba:84:0c:28:7b:36:
fb:ee:18:bd:8f:73:0f:c8:2e:98:c0:84:29:e1:79:61:f0:24:
fd:c9:2a:e8:80:e9:4f:a9:be:a1:ae:16:1d:d6:9a:20:af:24:
0b:53:75:37:7e:b9:23:0a:42:09:da:e2:08:3c:88:f0:19:25:
2f:c0:d1:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIeSsiY26vk2Az7vvgDApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2JiMmIwMWM5OGFmNTg3NmM5ZDY2M2RmNWZhN2IxMGIyYTU2ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AwIIQEtrxRBndv3MaQCFLNe3lzv
f0vPjRn7Pje26tswP0ByBf7gI3gA/bsZdYMTSE4TuP7UHiE1AoG/972oFNX5jZ68
RHwTX/+AVPI5vs8T7HIGOea2Q+CNqtdrkjHvLYM/2AidsViofjt7gMgf1dBODwwe
b/Wg4mPvpjH2JCVzKiMDynBxx1V+6pHQWdg3ehEdN/jL8wINhRipxvRcsKwtNyKu
Bbl7+UjcEztMplxt4ajcfy/vgykT/SMd6h9IMIntzNDx8YJf5QLoIH1qUuDy/+te
JpPt+mkVFKraGAhZ+eKt3abfNXKTr3TZzAYAzDv1QtWMkVhtzEDd9ESaAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIO7KwHJivWHbJ1mPfX6exCypW0iMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZzdzckFjbUs5WWRzbldZOTlmcDdFTEtsYlNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwcA
MA0GCSqGSIb3DQEBCwUAA4IBAQAUtBhgZZqVgmqIFt4/3GGfFkdAVJLgPa4W/EZg
N6Bp9bh820DrtmWxPwFj9DAgBdQF4Zl8zuFhai5PVlAhsfSi+syCS6FAI/wYCeRX
TNrxhDiHVEiW+YcJ+OkK2Qbqqs0WQfoM0vmCMNvajre6u6bVhEZX5QIGc22tGRIy
AIEpkv2uvv8+BxIVukiOOnk98VBYHVzDIYuU9AMih/33rLe7UWLQ1LlFGqTxypDA
hZ88/mutkRpjkwAeGiquHXngdo+6hAwoezb77hi9j3MPyC6YwIQp4Xlh8CT9ySro
gOlPqb6hrhYd1pogryQLU3U3frkjCkIJ2uIIPIjwGSUvwNFN
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:28:25 2025 by rpki-client