Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/keiUHgNWXQG1tCnd_1r6jW3ByFc.roa
File: keiUHgNWXQG1tCnd_1r6jW3ByFc.roa (raw, json)
Hash identifier: UWHI9ulMx4qU9scGVCWFH3JBiygO7K8ZUkSeDS3PRRY=
Subject key identifier: 91:E8:94:1E:03:56:5D:01:B5:B4:29:DD:FF:5A:FA:8D:6D:C1:C8:57
Certificate issuer: /CN=be3f74f2b6e4e28e9ff6ca3cca3a5d78ca2cad6a
Certificate serial: 01941FFA7A8BC2B23BE7EC627FC27BCD7879
Authority key identifier: BE:3F:74:F2:B6:E4:E2:8E:9F:F6:CA:3C:CA:3A:5D:78:CA:2C:AD:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vj908rbk4o6f9so8yjpdeMosrWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/keiUHgNWXQG1tCnd_1r6jW3ByFc.roa
Signing time: Wed 01 Jan 2025 03:48:16 +0000
ROA not before: Wed 01 Jan 2025 03:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2001:678:934::/48 maxlen: 48
2001:67c:bf0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/vj908rbk4o6f9so8yjpdeMosrWo.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/vj908rbk4o6f9so8yjpdeMosrWo.mft
rsync://rpki.ripe.net/repository/DEFAULT/vj908rbk4o6f9so8yjpdeMosrWo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:7a:8b:c2:b2:3b:e7:ec:62:7f:c2:7b:cd:78:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be3f74f2b6e4e28e9ff6ca3cca3a5d78ca2cad6a
Validity
Not Before: Jan 1 03:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91e8941e03565d01b5b429ddff5afa8d6dc1c857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:18:bc:9c:a2:71:7c:78:d7:f1:e8:cb:5f:38:
49:1f:2c:9d:29:1b:a3:e9:34:2f:3f:7b:22:c0:5b:
13:af:3f:62:78:9f:31:83:9f:56:4e:fe:e6:c8:1f:
cf:17:28:47:1a:bd:42:e7:2d:87:49:9b:20:63:29:
72:2c:62:d6:70:11:01:92:90:73:0a:eb:34:4a:dc:
0c:df:24:db:5b:2e:e2:ae:cf:f7:3c:35:fd:13:b5:
e4:81:dd:bf:6b:b5:a2:46:93:72:b0:ad:f3:fa:38:
e2:f6:02:28:16:ac:c5:0e:79:db:7b:1d:51:b2:74:
8c:40:1d:1c:7e:0c:26:58:2f:de:68:bf:8b:32:40:
73:0a:d1:d3:04:8d:7b:d9:77:54:41:c7:5a:7b:cb:
a8:7e:65:e7:cb:4b:94:64:87:ba:d7:18:a7:1d:38:
78:d4:32:c1:bb:6c:27:11:72:0b:f3:1b:30:74:cc:
3f:92:7e:ba:cc:35:ad:6e:f5:7d:58:9f:df:56:f0:
bf:24:99:59:80:0b:0d:cc:95:de:cb:1b:f4:01:3c:
21:0c:5d:92:1e:94:5b:5d:4f:46:94:46:52:d0:54:
63:b6:00:84:4e:c2:17:a7:5d:92:fe:67:4f:ea:38:
c5:44:5f:4a:80:de:27:6b:a7:90:fc:61:97:33:1e:
8e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E8:94:1E:03:56:5D:01:B5:B4:29:DD:FF:5A:FA:8D:6D:C1:C8:57
X509v3 Authority Key Identifier:
keyid:BE:3F:74:F2:B6:E4:E2:8E:9F:F6:CA:3C:CA:3A:5D:78:CA:2C:AD:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vj908rbk4o6f9so8yjpdeMosrWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/keiUHgNWXQG1tCnd_1r6jW3ByFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/005a47-b13c-42d7-8332-d099617beb56/1/vj908rbk4o6f9so8yjpdeMosrWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:934::/48
2001:67c:bf0::/48
Signature Algorithm: sha256WithRSAEncryption
0d:32:06:7a:f9:1e:44:69:fc:85:c2:1b:ea:2d:b7:cc:d8:97:
3c:0c:99:9a:09:9c:55:19:2b:be:57:a8:93:86:aa:f4:88:53:
fa:c0:da:2c:a6:c4:08:bf:24:a4:0c:0f:ba:63:6d:3e:f7:fd:
a1:9d:13:b9:4e:19:ae:59:7f:b3:2d:b4:65:3f:63:2e:80:9a:
e5:61:ce:1d:7d:eb:92:bd:b6:28:81:f8:71:0d:03:c5:7a:78:
a4:e9:e1:bf:58:62:80:b5:4b:b3:33:a9:b2:b6:7c:ae:db:10:
f2:25:e6:ab:b8:0c:94:fc:1a:79:52:3b:e9:35:95:d1:3e:72:
56:4a:32:31:e2:40:31:a7:78:6a:6f:28:8b:77:b2:78:35:61:
3b:25:eb:2b:d7:a4:c9:7b:52:23:d3:00:90:b6:06:84:e4:e0:
41:0f:11:ea:be:b5:7d:7a:dd:95:17:c3:a5:4f:0c:f7:8a:12:
a7:f6:cb:f3:32:11:3c:a2:53:5a:29:ee:5d:bd:0d:16:96:9a:
80:98:1a:14:78:c6:2c:ec:2b:3c:dd:85:28:e4:be:59:8e:84:
45:84:56:fd:8a:52:c6:ee:1c:85:87:f0:21:6d:7c:d8:6a:8f:
8c:77:69:d6:e2:08:99:e1:bb:92:be:88:ca:1f:37:8b:f6:00:
a3:84:ce:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+nqLwrI75+xif8J7zXh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlM2Y3NGYyYjZlNGUyOGU5ZmY2Y2EzY2NhM2E1ZDc4Y2Ey
Y2FkNmEwHhcNMjUwMTAxMDM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU4OTQxZTAzNTY1ZDAxYjViNDI5ZGRmZjVhZmE4ZDZkYzFjODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxi8nKJxfHjX8ejLXzhJHyydKRuj
6TQvP3siwFsTrz9ieJ8xg59WTv7myB/PFyhHGr1C5y2HSZsgYylyLGLWcBEBkpBz
Cus0StwM3yTbWy7irs/3PDX9E7Xkgd2/a7WiRpNysK3z+jji9gIoFqzFDnnbex1R
snSMQB0cfgwmWC/eaL+LMkBzCtHTBI172XdUQcdae8uofmXny0uUZIe61xinHTh4
1DLBu2wnEXIL8xswdMw/kn66zDWtbvV9WJ/fVvC/JJlZgAsNzJXeyxv0ATwhDF2S
HpRbXU9GlEZS0FRjtgCETsIXp12S/mdP6jjFRF9KgN4na6eQ/GGXMx6OtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJHolB4DVl0BtbQp3f9a+o1twchXMB8GA1UdIwQY
MBaAFL4/dPK25OKOn/bKPMo6XXjKLK1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmo5MDhyYms0bzZmOXNvOHlqcGRlTW9zcldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8wMDVhNDctYjEzYy00MmQ3LTgzMzIt
ZDA5OTYxN2JlYjU2LzEva2VpVUhnTldYUUcxdENuZF8xcjZqVzNCeUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8wMDVhNDctYjEzYy00MmQ3LTgzMzItZDA5OTYxN2JlYjU2
LzEvdmo5MDhyYms0bzZmOXNvOHlqcGRlTW9zcldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAk0
AwcAIAEGfAvwMA0GCSqGSIb3DQEBCwUAA4IBAQANMgZ6+R5EafyFwhvqLbfM2Jc8
DJmaCZxVGSu+V6iThqr0iFP6wNospsQIvySkDA+6Y20+9/2hnRO5ThmuWX+zLbRl
P2MugJrlYc4dfeuSvbYogfhxDQPFenik6eG/WGKAtUuzM6mytnyu2xDyJearuAyU
/Bp5UjvpNZXRPnJWSjIx4kAxp3hqbyiLd7J4NWE7Jesr16TJe1Ij0wCQtgaE5OBB
DxHqvrV9et2VF8OlTwz3ihKn9svzMhE8olNaKe5dvQ0WlpqAmBoUeMYs7Cs83YUo
5L5ZjoRFhFb9ilLG7hyFh/AhbXzYao+Md2nW4giZ4buSvojKHzeL9gCjhM7T
-----END CERTIFICATE-----
Generated at Wed Apr 9 08:44:28 2025 by rpki-client