Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jxag7pKmyJ5PehO1ZN9Svc1ohNE.roa
File: jxag7pKmyJ5PehO1ZN9Svc1ohNE.roa (raw, json)
Hash identifier: +tTR1GuQWPa84N8xSCUPftQupZ4bfNMX1wAvqK5Dni4=
Subject key identifier: 8F:16:A0:EE:92:A6:C8:9E:4F:7A:13:B5:64:DF:52:BD:CD:68:84:D1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521CED9657CA05DC7E990C65E61000B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jxag7pKmyJ5PehO1ZN9Svc1ohNE.roa
Signing time: Thu 02 Jan 2025 03:49:20 +0000
ROA not before: Thu 02 Jan 2025 03:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42394
IP address blocks: 2a0e:97c7:160::/44 maxlen: 48
2a0e:b107:ff0::/48 maxlen: 48
2a0e:b107:fff::/48 maxlen: 48
2a0e:b107:1110::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ce:d9:65:7c:a0:5d:c7:e9:90:c6:5e:61:00:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f16a0ee92a6c89e4f7a13b564df52bdcd6884d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a5:dd:71:22:40:51:32:e8:b7:c3:6d:73:af:
10:d9:96:f8:91:68:d8:04:31:11:90:0a:2b:2d:d4:
43:c2:99:75:42:4f:54:d9:fd:fe:cb:4c:1c:a2:91:
e3:36:f4:d8:2e:3b:77:5c:b1:3d:cc:10:bb:02:b6:
dd:46:3d:ee:1a:08:b7:ec:1b:ac:ea:44:a0:c7:98:
95:9e:ae:58:0c:08:33:1d:b0:5e:92:b0:60:65:20:
d5:07:65:87:aa:45:0e:a9:ca:fd:1d:f7:e4:3a:ca:
5a:ae:91:7e:38:b6:aa:b6:ff:b4:df:e2:46:dc:b3:
f9:e7:0c:f5:23:eb:da:69:c1:03:60:82:c5:89:2f:
aa:88:c0:8e:5c:da:eb:e6:6f:49:1f:19:a5:c0:b6:
d6:31:cf:8f:b6:79:2b:3a:f4:5b:49:a3:15:b2:be:
c2:f3:b8:ba:90:4b:1b:e7:12:d1:e3:12:f7:f4:4c:
ac:db:ef:ab:1d:93:f1:0e:ea:4a:4c:6d:34:19:46:
72:ee:57:6d:cd:21:2b:62:e4:9f:db:f0:fd:51:e2:
cf:af:db:52:4e:34:9a:1e:6c:e5:df:10:62:c0:17:
a5:52:68:8b:05:09:ee:b8:98:61:3d:dd:1c:11:77:
98:67:b7:d3:00:06:77:85:b2:ac:05:e1:17:8c:a5:
a6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:16:A0:EE:92:A6:C8:9E:4F:7A:13:B5:64:DF:52:BD:CD:68:84:D1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jxag7pKmyJ5PehO1ZN9Svc1ohNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c7:160::/44
2a0e:b107:ff0::/48
2a0e:b107:fff::/48
2a0e:b107:1110::/44
Signature Algorithm: sha256WithRSAEncryption
02:3f:c6:40:4c:9c:7c:b5:b8:90:14:6c:10:1a:2e:1b:55:b5:
0e:a5:78:4d:2b:07:21:a9:31:3c:31:4d:fb:fc:f0:92:ab:e9:
58:9e:3d:27:cf:de:04:47:7e:63:1d:4d:77:89:e4:bd:0f:ff:
59:14:bf:25:88:d1:74:4b:91:3c:bb:30:a4:c5:b2:6b:3b:9c:
f0:5a:1e:8d:f9:b0:38:61:bf:fe:98:bf:69:72:34:85:e1:80:
4a:de:96:9d:cb:87:6e:88:03:35:cf:4a:7d:0c:3c:11:a5:ae:
3c:07:83:b9:ea:8d:11:21:7c:6e:e6:bc:b2:1c:0c:04:00:f0:
a3:85:a8:aa:eb:9b:0c:24:60:bb:dc:8c:ae:77:cf:ad:e7:5b:
78:78:05:9c:ed:bd:76:db:98:f3:be:65:66:0e:f0:e9:b1:10:
fa:6a:bd:4b:6b:ef:0d:96:e4:bb:40:a5:16:c3:9f:d9:20:84:
35:46:b8:45:c0:b0:74:c5:bb:07:23:30:16:cf:7d:36:4d:75:
86:bc:e1:69:f8:b2:fe:41:22:2c:86:20:72:6e:40:57:8c:17:
77:19:e1:ec:cd:44:3f:c2:6a:4c:e8:ef:66:1e:d8:e3:16:ef:
ee:3c:c7:66:af:a1:94:18:9d:34:5e:fd:3d:44:a3:fe:21:ce:
7a:93:eb:41
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlIc7ZZXygXcfpkMZeYQALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjE2YTBlZTkyYTZjODllNGY3YTEzYjU2NGRmNTJiZGNkNjg4NGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qXdcSJAUTLot8Ntc68Q2Zb4kWjY
BDERkAorLdRDwpl1Qk9U2f3+y0wcopHjNvTYLjt3XLE9zBC7ArbdRj3uGgi37Bus
6kSgx5iVnq5YDAgzHbBekrBgZSDVB2WHqkUOqcr9HffkOsparpF+OLaqtv+03+JG
3LP55wz1I+vaacEDYILFiS+qiMCOXNrr5m9JHxmlwLbWMc+PtnkrOvRbSaMVsr7C
87i6kEsb5xLR4xL39Eys2++rHZPxDupKTG00GUZy7ldtzSErYuSf2/D9UeLPr9tS
TjSaHmzl3xBiwBelUmiLBQnuuJhhPd0cEXeYZ7fTAAZ3hbKsBeEXjKWmWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI8WoO6SpsieT3oTtWTfUr3NaITRMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvanhhZzdwS215SjVQZWhPMVpOOVN2YzFvaE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKg6XxwFg
AwcAKg6xBw/wAwcAKg6xBw//AwcEKg6xBxEQMA0GCSqGSIb3DQEBCwUAA4IBAQAC
P8ZATJx8tbiQFGwQGi4bVbUOpXhNKwchqTE8MU37/PCSq+lYnj0nz94ER35jHU13
ieS9D/9ZFL8liNF0S5E8uzCkxbJrO5zwWh6N+bA4Yb/+mL9pcjSF4YBK3pady4du
iAM1z0p9DDwRpa48B4O56o0RIXxu5ryyHAwEAPCjhaiq65sMJGC73Iyud8+t51t4
eAWc7b1225jzvmVmDvDpsRD6ar1La+8NluS7QKUWw5/ZIIQ1RrhFwLB0xbsHIzAW
z302TXWGvOFp+LL+QSIshiBybkBXjBd3GeHszUQ/wmpM6O9mHtjjFu/uPMdmr6GU
GJ00Xv09RKP+Ic56k+tB
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:58:22 2025 by rpki-client