Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rOOgNKHtfWvtzw8kJolpHNlppOo.roa
File: rOOgNKHtfWvtzw8kJolpHNlppOo.roa (raw, json)
Hash identifier: qbVlMrqoVdl474b3B4MXncijGKYV6qvKjwOhvUi28Qs=
Subject key identifier: AC:E3:A0:34:A1:ED:7D:6B:ED:CF:0F:24:26:89:69:1C:D9:69:A4:EA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521CAA43C1373964A9F9ABF5EF4D953
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rOOgNKHtfWvtzw8kJolpHNlppOo.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34927
IP address blocks: 2a06:de01:170::/44 maxlen: 48
2a06:de01:170::/48 maxlen: 48
2a06:de01:171::/48 maxlen: 48
2a06:de01:172::/48 maxlen: 48
2a06:de01:173::/48 maxlen: 48
2a06:de01:174::/48 maxlen: 48
2a06:de01:175::/48 maxlen: 48
2a06:de01:176::/48 maxlen: 48
2a06:de01:177::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ca:a4:3c:13:73:96:4a:9f:9a:bf:5e:f4:d9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ace3a034a1ed7d6bedcf0f242689691cd969a4ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:05:d9:73:47:67:fd:99:cd:c6:9c:4e:1b:11:
34:7f:34:e2:e0:f7:94:66:c2:02:4f:61:61:43:6a:
c0:cd:16:5e:20:75:ec:e9:d8:85:3b:62:07:81:a9:
1c:10:d4:fd:f0:69:90:af:42:b8:91:3f:d0:72:82:
4d:f7:21:60:34:f9:cf:7e:84:f2:0e:6c:de:59:87:
a0:42:92:22:39:34:5c:2f:a3:ce:cc:34:bb:df:4e:
cf:7b:f6:63:37:4b:a9:42:4e:f1:91:2d:27:66:72:
f1:e6:10:12:12:2c:01:1f:3f:0e:09:a0:39:08:5a:
c8:ba:a8:62:26:07:7f:5b:cb:c0:a3:76:13:5e:7d:
0b:97:a0:2a:0b:3a:b5:59:61:84:ad:d6:1f:0e:06:
d0:a4:54:ce:c1:f5:b1:88:fd:d0:98:98:3e:3c:85:
c5:d8:6b:fc:fd:4d:7d:23:94:90:85:59:d8:8a:ab:
45:c2:32:d4:90:fd:bc:ed:c3:ae:ee:0d:a4:d3:af:
96:e5:06:36:64:a3:8b:5d:8c:6e:73:c1:1b:df:41:
95:b1:43:a6:91:b8:86:eb:3a:00:66:4a:da:38:a8:
dd:d8:77:b6:4d:31:49:13:67:96:15:c4:a6:bb:e0:
f0:8b:e2:12:bb:c0:92:f0:8e:42:07:10:ea:9e:18:
7a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E3:A0:34:A1:ED:7D:6B:ED:CF:0F:24:26:89:69:1C:D9:69:A4:EA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/rOOgNKHtfWvtzw8kJolpHNlppOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:170::/44
Signature Algorithm: sha256WithRSAEncryption
12:31:29:e9:b6:2a:10:df:24:fa:bb:7c:c3:20:32:61:8d:1f:
e3:6d:f4:88:b0:3b:02:e5:ab:85:84:53:d8:d5:f7:0b:4a:86:
d3:cc:71:53:4f:3c:27:6f:0d:0f:05:6d:26:fa:66:dd:0c:ad:
09:42:de:a3:d8:20:47:e0:89:0f:c8:c9:6f:09:93:b6:27:6a:
d7:bb:16:b4:b8:3a:9b:4d:5c:0e:40:e6:9d:26:e5:1d:1a:55:
69:52:d2:2f:67:7c:08:9d:7d:f4:9c:f5:e1:75:67:ce:7d:c4:
68:49:44:6f:18:a6:b9:90:bd:e8:60:83:10:82:f4:2e:95:10:
7f:d8:04:08:f7:80:45:62:d3:03:50:eb:84:ee:d1:b0:74:c4:
6b:f0:05:13:2e:1d:c5:db:18:33:3f:d6:0d:d2:a0:9a:a3:20:
09:8a:f1:1a:5f:96:66:81:ec:7c:9e:a2:a3:6d:6e:bf:85:d0:
0f:b8:4b:49:92:d1:63:fb:7c:55:98:e7:62:a7:9a:3a:38:25:
fa:99:f2:cd:8c:95:62:3e:89:f6:b6:a8:47:8c:41:d5:b9:0a:
20:81:6b:7e:cd:3c:a7:9f:22:91:73:bb:e9:3a:36:21:ba:16:
e7:d3:30:9a:7d:d6:75:dc:c0:1b:03:6f:80:de:fd:db:4d:ec:
b3:f7:ef:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIcqkPBNzlkqfmr9e9NlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2UzYTAzNGExZWQ3ZDZiZWRjZjBmMjQyNjg5NjkxY2Q5NjlhNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgXZc0dn/ZnNxpxOGxE0fzTi4PeU
ZsICT2FhQ2rAzRZeIHXs6diFO2IHgakcENT98GmQr0K4kT/QcoJN9yFgNPnPfoTy
DmzeWYegQpIiOTRcL6POzDS7307Pe/ZjN0upQk7xkS0nZnLx5hASEiwBHz8OCaA5
CFrIuqhiJgd/W8vAo3YTXn0Ll6AqCzq1WWGErdYfDgbQpFTOwfWxiP3QmJg+PIXF
2Gv8/U19I5SQhVnYiqtFwjLUkP287cOu7g2k06+W5QY2ZKOLXYxuc8Eb30GVsUOm
kbiG6zoAZkraOKjd2He2TTFJE2eWFcSmu+Dwi+ISu8CS8I5CBxDqnhh6ZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKzjoDSh7X1r7c8PJCaJaRzZaaTqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvck9PZ05LSHRmV3Z0enc4a0pvbHBITmxwcE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAQFw
MA0GCSqGSIb3DQEBCwUAA4IBAQASMSnptioQ3yT6u3zDIDJhjR/jbfSIsDsC5auF
hFPY1fcLSobTzHFTTzwnbw0PBW0m+mbdDK0JQt6j2CBH4IkPyMlvCZO2J2rXuxa0
uDqbTVwOQOadJuUdGlVpUtIvZ3wInX30nPXhdWfOfcRoSURvGKa5kL3oYIMQgvQu
lRB/2AQI94BFYtMDUOuE7tGwdMRr8AUTLh3F2xgzP9YN0qCaoyAJivEaX5Zmgex8
nqKjbW6/hdAPuEtJktFj+3xVmOdip5o6OCX6mfLNjJViPon2tqhHjEHVuQoggWt+
zTynnyKRc7vpOjYhuhbn0zCafdZ13MAbA2+A3v3bTeyz9++T
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:29:05 2025 by rpki-client