Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/vQFumMlickMAeqfmQnyl7TY_Pzg.roa
File: vQFumMlickMAeqfmQnyl7TY_Pzg.roa (raw, json)
Hash identifier: fsxJlhkOiwS8utSdO9amMMp5rJDtdsaC3KUWPM6ffgg=
Subject key identifier: BD:01:6E:98:C9:62:72:43:00:7A:A7:E6:42:7C:A5:ED:36:3F:3F:38
Certificate issuer: /CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
Certificate serial: 019420D5BF309C2E251B5FD39718C763C571
Authority key identifier: 5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/vQFumMlickMAeqfmQnyl7TY_Pzg.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44529
IP address blocks: 2a14:4e80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 01:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:bf:30:9c:2e:25:1b:5f:d3:97:18:c7:63:c5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f5ed9921c63bf10db084bad332ea9ff9f8199e6
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd016e98c9627243007aa7e6427ca5ed363f3f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:c4:ff:bb:6b:5a:40:49:d6:23:12:6b:28:
d3:cc:6c:4a:91:2d:8b:33:c8:e8:18:c9:7e:8b:94:
69:5b:32:da:af:0a:aa:9f:8e:6f:16:43:b6:43:9b:
60:f8:c9:d3:54:69:6e:f1:45:68:a7:2e:69:09:4b:
6c:ab:2e:d7:73:b8:f1:86:33:64:35:e0:b4:69:19:
42:38:9c:34:a0:d4:fa:ac:39:69:29:ed:a2:d3:52:
80:01:cc:21:24:94:44:00:64:5f:8b:32:bb:47:75:
a0:ae:06:4c:87:df:5d:e7:a6:d7:f7:0a:75:a7:f4:
af:d5:30:72:5f:0e:46:1d:58:ec:41:bb:1b:e6:44:
78:e3:b5:d1:7c:5b:93:18:ec:12:5b:ad:83:0d:48:
ca:69:86:40:63:4c:8c:37:52:1d:90:67:e1:0e:a2:
ac:86:80:39:54:55:c2:8b:3b:09:fb:72:c5:1c:be:
6b:43:9e:bf:a8:6a:6a:d1:c7:a5:a3:27:ca:9f:dd:
0b:2f:32:d1:b2:7f:d8:9d:6c:ef:34:9f:cc:86:19:
86:48:9e:12:8e:5e:c1:04:a0:cc:68:bb:13:03:39:
7c:6a:63:2c:8c:30:f1:74:a3:52:0a:a5:5b:0d:81:
94:34:dc:03:69:db:c6:e3:ae:80:d1:a3:16:ba:05:
c3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:01:6E:98:C9:62:72:43:00:7A:A7:E6:42:7C:A5:ED:36:3F:3F:38
X509v3 Authority Key Identifier:
keyid:5F:5E:D9:92:1C:63:BF:10:DB:08:4B:AD:33:2E:A9:FF:9F:81:99:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X17ZkhxjvxDbCEutMy6p_5-BmeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/vQFumMlickMAeqfmQnyl7TY_Pzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/df0b7a-68b3-47d5-b671-df27f10c7097/1/X17ZkhxjvxDbCEutMy6p_5-BmeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4e80::/29
Signature Algorithm: sha256WithRSAEncryption
b2:8a:a9:87:8d:22:85:93:9a:39:7a:f0:f9:5d:4b:57:16:a0:
26:ac:4c:c6:cf:f5:a4:ac:bc:c6:0c:55:0e:4e:9f:00:ab:46:
aa:8d:1a:f1:7d:b0:a6:dd:15:ae:ff:38:d0:f7:45:ea:ae:90:
51:4d:01:f0:61:c2:6e:97:00:16:70:ed:8e:e5:03:16:ca:7d:
50:cd:38:b7:30:f0:ac:98:83:b2:e7:92:9b:f8:e2:2f:88:94:
40:a1:e5:52:db:f5:66:dc:ad:3a:44:98:5a:f1:2e:e5:e0:d9:
e0:11:57:d4:66:c0:18:67:a7:4a:55:bc:a1:3d:c7:ab:92:07:
d1:02:93:82:a7:45:c1:55:c0:ca:5d:77:23:44:b1:9e:8a:6f:
8c:18:91:ac:9c:6c:b0:d3:de:9c:10:f0:e9:3b:85:c9:37:21:
9e:32:49:0a:ed:3d:33:a3:0b:33:9c:14:17:07:51:b3:b4:cd:
4e:49:a4:1b:8a:23:9b:b8:d1:3b:34:2e:7d:4b:bf:40:4a:6d:
89:86:fc:a6:d9:58:22:4a:fa:2b:26:b3:90:fb:73:b9:63:ca:
f4:ba:85:3d:57:50:63:fc:47:5f:00:2d:fb:f5:9e:a3:fa:c2:
f1:32:17:12:5f:61:79:05:cc:2b:8a:4b:25:f2:9f:04:69:1c:
d5:0c:9a:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQg1b8wnC4lG1/TlxjHY8VxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNWVkOTkyMWM2M2JmMTBkYjA4NGJhZDMzMmVhOWZmOWY4
MTk5ZTYwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDAxNmU5OGM5NjI3MjQzMDA3YWE3ZTY0MjdjYTVlZDM2M2YzZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIDE/7trWkBJ1iMSayjTzGxKkS2L
M8joGMl+i5RpWzLarwqqn45vFkO2Q5tg+MnTVGlu8UVopy5pCUtsqy7Xc7jxhjNk
NeC0aRlCOJw0oNT6rDlpKe2i01KAAcwhJJREAGRfizK7R3WgrgZMh99d56bX9wp1
p/Sv1TByXw5GHVjsQbsb5kR447XRfFuTGOwSW62DDUjKaYZAY0yMN1IdkGfhDqKs
hoA5VFXCizsJ+3LFHL5rQ56/qGpq0celoyfKn90LLzLRsn/YnWzvNJ/MhhmGSJ4S
jl7BBKDMaLsTAzl8amMsjDDxdKNSCqVbDYGUNNwDadvG466A0aMWugXDRQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL0BbpjJYnJDAHqn5kJ8pe02Pz84MB8GA1UdIwQY
MBaAFF9e2ZIcY78Q2whLrTMuqf+fgZnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEt
ZGYyN2YxMGM3MDk3LzEvdlFGdW1NbGlja01BZXFmbVFueWw3VFlfUHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9kZjBiN2EtNjhiMy00N2Q1LWI2NzEtZGYyN2YxMGM3MDk3
LzEvWDE3WmtoeGp2eERiQ0V1dE15NnBfNS1CbWVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhROgDAN
BgkqhkiG9w0BAQsFAAOCAQEAsoqph40ihZOaOXrw+V1LVxagJqxMxs/1pKy8xgxV
Dk6fAKtGqo0a8X2wpt0Vrv840PdF6q6QUU0B8GHCbpcAFnDtjuUDFsp9UM04tzDw
rJiDsueSm/jiL4iUQKHlUtv1ZtytOkSYWvEu5eDZ4BFX1GbAGGenSlW8oT3Hq5IH
0QKTgqdFwVXAyl13I0SxnopvjBiRrJxssNPenBDw6TuFyTchnjJJCu09M6MLM5wU
FwdRs7TNTkmkG4ojm7jROzQufUu/QEptiYb8ptlYIkr6KyazkPtzuWPK9LqFPVdQ
Y/xHXwAt+/Weo/rC8TIXEl9heQXMK4pLJfKfBGkc1Qyayw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:51:18 2025 by rpki-client