Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/D_DMWXe-SCxub8zdYhqregtOfgc.roa
File: D_DMWXe-SCxub8zdYhqregtOfgc.roa (raw, json)
Hash identifier: YdgWjYi7meP25wOXjFPlW12dueNlMrHsgbDj5lqUC/U=
Subject key identifier: 0F:F0:CC:59:77:BE:48:2C:6E:6F:CC:DD:62:1A:AB:7A:0B:4E:7E:07
Certificate issuer: /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial: 0194228D13CFB696129E603E44A4656F5550
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/D_DMWXe-SCxub8zdYhqregtOfgc.roa
Signing time: Wed 01 Jan 2025 15:47:38 +0000
ROA not before: Wed 01 Jan 2025 15:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209958
IP address blocks: 2a12:4940::/32 maxlen: 48
2a12:4946:3000::/48 maxlen: 48
2a12:4946:4940::/44 maxlen: 48
2a12:4946:6960::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 21:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:13:cf:b6:96:12:9e:60:3e:44:a4:65:6f:55:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Validity
Not Before: Jan 1 15:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ff0cc5977be482c6e6fccdd621aab7a0b4e7e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5e:f4:12:c1:13:c5:b3:be:4b:52:40:60:0f:
6c:82:68:ba:f8:f0:0c:a6:ff:d1:c0:81:60:c4:89:
2f:22:cc:f0:80:d4:4e:99:32:87:27:f3:d5:af:ed:
6d:1e:fb:cd:a0:0d:2c:b8:eb:88:aa:01:51:85:f7:
a6:ff:50:d6:59:d8:71:36:98:47:65:af:c7:6c:62:
83:35:5a:89:f8:03:b0:08:4c:46:25:a3:0b:f6:63:
74:c4:e4:0f:b8:02:9d:9b:36:e2:0d:c7:f6:f3:3e:
a7:ea:ea:4b:51:34:4c:ce:3c:20:90:ee:40:9e:87:
27:87:42:1a:0f:33:8b:73:d6:45:00:53:5b:8a:8d:
d9:93:b8:af:59:8d:3c:a6:de:06:cb:b8:e1:2c:00:
61:e5:6a:24:b7:c6:92:b1:13:fb:b7:cc:95:36:e5:
15:ed:71:63:26:6d:23:3a:7b:50:a4:84:dc:7c:03:
94:fb:4b:0d:dc:39:10:fa:8d:f9:f1:9b:f9:f2:89:
c2:62:5c:54:a4:bf:84:dd:88:e9:7b:57:c8:42:af:
7b:fc:ad:a5:8f:59:cd:39:cc:02:53:5f:24:89:d8:
72:34:ce:be:04:ec:a1:ba:7c:c9:68:fc:e3:76:ec:
f6:6b:91:c9:93:3c:7f:a1:ba:25:44:c4:46:6c:7c:
18:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F0:CC:59:77:BE:48:2C:6E:6F:CC:DD:62:1A:AB:7A:0B:4E:7E:07
X509v3 Authority Key Identifier:
keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/D_DMWXe-SCxub8zdYhqregtOfgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4940::/32
2a12:4946:3000::/48
2a12:4946:4940::/44
2a12:4946:6960::/44
Signature Algorithm: sha256WithRSAEncryption
aa:d5:10:86:38:ee:7e:46:57:6d:da:23:f1:b9:23:39:62:88:
a1:f1:01:9d:eb:8f:c9:8e:af:b0:b9:bc:0d:f0:9c:9a:0e:ce:
1d:79:f6:77:23:6a:66:d1:aa:d2:f7:b9:86:a8:e1:43:32:0c:
e5:d6:e1:29:fb:ba:ef:fc:df:dc:64:8f:6f:b7:54:d5:d8:52:
0e:f7:2a:98:a4:69:12:3e:08:3c:e2:0c:ad:c4:df:f6:8a:e3:
35:12:fb:b5:18:06:09:f1:d6:52:c1:37:af:91:bc:11:83:37:
e6:ef:d1:2c:70:02:71:0e:10:48:9d:55:38:02:55:f7:ae:71:
44:f0:6e:2b:7b:fd:58:f0:da:f2:a7:82:9a:af:29:25:b5:db:
d9:13:06:08:12:9c:11:61:2c:ba:a6:50:e1:47:f1:81:93:71:
5d:3d:c1:39:3e:a0:a1:66:39:a2:0c:ac:eb:48:af:b0:bb:b4:
7c:0d:87:ff:ad:6e:d9:7d:1e:a4:f7:21:08:ad:2f:29:91:1e:
43:33:4d:16:85:71:2a:82:5c:13:ae:5d:eb:bb:65:82:b5:a1:
08:d2:cf:13:29:34:0f:7a:c6:52:45:f4:df:dc:63:f9:bf:4f:
4a:b5:68:05:3b:68:4e:80:e3:8f:61:9c:52:3e:b7:06:60:74:
4b:06:16:80
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQijRPPtpYSnmA+RKRlb1VQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhh
NjhhOWYwHhcNMjUwMTAxMTU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmYwY2M1OTc3YmU0ODJjNmU2ZmNjZGQ2MjFhYWI3YTBiNGU3ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx170EsETxbO+S1JAYA9sgmi6+PAM
pv/RwIFgxIkvIszwgNROmTKHJ/PVr+1tHvvNoA0suOuIqgFRhfem/1DWWdhxNphH
Za/HbGKDNVqJ+AOwCExGJaML9mN0xOQPuAKdmzbiDcf28z6n6upLUTRMzjwgkO5A
nocnh0IaDzOLc9ZFAFNbio3Zk7ivWY08pt4Gy7jhLABh5Wokt8aSsRP7t8yVNuUV
7XFjJm0jOntQpITcfAOU+0sN3DkQ+o358Zv58onCYlxUpL+E3Yjpe1fIQq97/K2l
j1nNOcwCU18kidhyNM6+BOyhunzJaPzjduz2a5HJkzx/obolRMRGbHwYPQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA/wzFl3vkgsbm/M3WIaq3oLTn4HMB8GA1UdIwQY
MBaAFHRjlcEmcq2ViSG2K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMt
ZmI3NzRhYmRmYWMyLzEvRF9ETVdYZS1TQ3h1Yjh6ZFlocXJlZ3RPZmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMy
LzEvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwUAKhJJQAMH
ACoSSUYwAAMHBCoSSUZJQAMHBCoSSUZpYDANBgkqhkiG9w0BAQsFAAOCAQEAqtUQ
hjjufkZXbdoj8bkjOWKIofEBneuPyY6vsLm8DfCcmg7OHXn2dyNqZtGq0ve5hqjh
QzIM5dbhKfu67/zf3GSPb7dU1dhSDvcqmKRpEj4IPOIMrcTf9orjNRL7tRgGCfHW
UsE3r5G8EYM35u/RLHACcQ4QSJ1VOAJV965xRPBuK3v9WPDa8qeCmq8pJbXb2RMG
CBKcEWEsuqZQ4UfxgZNxXT3BOT6goWY5ogys60ivsLu0fA2H/61u2X0epPchCK0v
KZEeQzNNFoVxKoJcE65d67tlgrWhCNLPEyk0D3rGUkX039xj+b9PSrVoBTtoToDj
j2GcUj63BmB0SwYWgA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:24:04 2025 by rpki-client