Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/O0T2HbDDLXToVBgQvakFVm0WBM8.roa
File: O0T2HbDDLXToVBgQvakFVm0WBM8.roa (raw, json)
Hash identifier: j4M5mhMKjocJHlnRMyKx/Jo55Alu9WqNqQzzA+GKZ+8=
Subject key identifier: 3B:44:F6:1D:B0:C3:2D:74:E8:54:18:10:BD:A9:05:56:6D:16:04:CF
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 0194266C0B088B58AC713B71311A37D47DBC
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/O0T2HbDDLXToVBgQvakFVm0WBM8.roa
Signing time: Thu 02 Jan 2025 09:50:02 +0000
ROA not before: Thu 02 Jan 2025 09:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209105
IP address blocks: 2001:67c:99c::/48 maxlen: 48
2001:67c:9a0::/48 maxlen: 48
2001:67c:9a4::/48 maxlen: 48
2001:67c:9a8::/48 maxlen: 48
2001:67c:9ac::/48 maxlen: 48
2001:67c:9b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:0b:08:8b:58:ac:71:3b:71:31:1a:37:d4:7d:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Jan 2 09:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b44f61db0c32d74e8541810bda905566d1604cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:dc:ee:06:1e:17:ac:14:73:51:d0:43:08:
91:1d:5e:cc:ec:c0:d1:a1:23:bf:a8:a2:36:7f:7d:
dc:03:06:8b:43:94:9c:93:ab:3e:7d:9f:d1:02:65:
ec:62:b1:83:4a:13:7b:60:3d:ab:06:0b:0d:d3:d4:
fb:1a:73:b9:5a:5b:8b:42:5c:d1:cd:34:af:09:68:
68:d0:1b:20:38:ed:39:aa:d4:9e:56:98:bd:ca:b9:
82:b6:c7:01:51:8e:92:ee:fd:cc:81:64:a1:e4:d9:
b4:1e:78:c2:e3:78:90:e8:08:71:4a:52:c3:2e:d7:
10:e5:a2:93:52:71:2d:c3:f3:87:29:0e:4b:b5:7d:
35:ed:40:74:87:f3:60:ef:90:08:a9:eb:cb:a0:78:
6a:0e:f5:ee:ef:c2:b8:b0:f0:b6:78:a2:76:0c:2a:
c9:55:40:02:5c:fa:ab:de:bb:6e:0b:ce:7b:61:d8:
43:35:ed:f9:b4:6f:18:f4:54:e0:04:b0:c3:7c:03:
76:de:7e:2b:83:cd:f5:d8:aa:d1:bf:a7:8d:60:85:
b4:7d:5e:14:11:69:31:a9:e7:d9:02:47:72:9f:53:
21:d2:b8:c0:83:ec:f3:2e:88:24:93:3d:a1:3d:4a:
01:79:70:de:e3:48:c7:ec:44:cf:5c:a3:3b:f3:4a:
f3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:44:F6:1D:B0:C3:2D:74:E8:54:18:10:BD:A9:05:56:6D:16:04:CF
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/O0T2HbDDLXToVBgQvakFVm0WBM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:99c::/48
2001:67c:9a0::/48
2001:67c:9a4::/48
2001:67c:9a8::/48
2001:67c:9ac::/48
2001:67c:9b0::/48
Signature Algorithm: sha256WithRSAEncryption
7c:a2:89:61:26:58:07:98:4c:eb:94:2f:e4:65:0e:64:a8:36:
db:5e:84:43:6b:c2:01:e0:65:2c:17:66:5e:16:95:13:08:37:
72:86:c1:3e:bb:f6:4c:0c:9e:7a:dc:2e:8e:bc:53:91:30:8a:
63:38:53:14:bc:c3:de:50:17:88:40:ce:72:90:80:c7:c3:99:
4d:10:a4:60:9b:67:71:6f:07:9c:1c:4e:a2:08:63:b0:73:66:
a9:15:e8:21:1f:f8:94:59:75:8d:e8:25:7f:33:fd:d3:2c:35:
50:18:13:94:d9:c5:38:2b:82:33:59:0b:d2:55:a3:70:2a:ff:
e2:8f:f0:e4:02:6b:6d:49:3c:27:50:df:89:0a:95:74:36:ff:
9c:7f:1a:9a:81:35:7f:60:dd:a1:73:07:d3:c9:58:85:88:74:
e4:42:05:f4:86:ec:8d:f9:11:a2:a0:13:0f:54:11:7c:ea:61:
3b:14:12:bc:ab:ab:3b:cc:4f:e8:6e:52:2f:2a:1b:32:22:bd:
06:e8:16:05:81:8a:85:2e:cc:23:17:b5:bd:12:d3:c1:9b:ec:
58:c6:85:00:b2:70:a0:e2:ca:fa:2a:09:c1:1b:29:b7:e5:1f:
e3:bb:8e:70:a9:13:b2:ea:cb:c8:7d:94:1f:fe:73:bb:79:c8:
6e:2a:46:1a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQmbAsIi1iscTtxMRo31H28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjUwMTAyMDk1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ0ZjYxZGIwYzMyZDc0ZTg1NDE4MTBiZGE5MDU1NjZkMTYwNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNzc7gYeF6wUc1HQQwiRHV7M7MDR
oSO/qKI2f33cAwaLQ5Sck6s+fZ/RAmXsYrGDShN7YD2rBgsN09T7GnO5WluLQlzR
zTSvCWho0BsgOO05qtSeVpi9yrmCtscBUY6S7v3MgWSh5Nm0HnjC43iQ6AhxSlLD
LtcQ5aKTUnEtw/OHKQ5LtX017UB0h/Ng75AIqevLoHhqDvXu78K4sPC2eKJ2DCrJ
VUACXPqr3rtuC857YdhDNe35tG8Y9FTgBLDDfAN23n4rg8312KrRv6eNYIW0fV4U
EWkxqefZAkdyn1Mh0rjAg+zzLogkkz2hPUoBeXDe40jH7ETPXKM780rzYwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDtE9h2wwy106FQYEL2pBVZtFgTPMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEvTzBUMkhiRERMWFRvVkJnUXZha0ZWbTBXQk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAIAEGfAmc
AwcAIAEGfAmgAwcAIAEGfAmkAwcAIAEGfAmoAwcAIAEGfAmsAwcAIAEGfAmwMA0G
CSqGSIb3DQEBCwUAA4IBAQB8oolhJlgHmEzrlC/kZQ5kqDbbXoRDa8IB4GUsF2Ze
FpUTCDdyhsE+u/ZMDJ563C6OvFORMIpjOFMUvMPeUBeIQM5ykIDHw5lNEKRgm2dx
bwecHE6iCGOwc2apFeghH/iUWXWN6CV/M/3TLDVQGBOU2cU4K4IzWQvSVaNwKv/i
j/DkAmttSTwnUN+JCpV0Nv+cfxqagTV/YN2hcwfTyViFiHTkQgX0huyN+RGioBMP
VBF86mE7FBK8q6s7zE/oblIvKhsyIr0G6BYFgYqFLswjF7W9EtPBm+xYxoUAsnCg
4sr6KgnBGym35R/ju45wqROy6svIfZQf/nO7echuKkYa
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:44:07 2025 by rpki-client