Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/muaJv55U-EFBzoqDp57GTQCUW1I.roa
File: muaJv55U-EFBzoqDp57GTQCUW1I.roa (raw, json)
Hash identifier: FDEfSOu2FhempwRHA50H2xbNfYp2iXIDdl6zgF0gnFA=
Subject key identifier: 9A:E6:89:BF:9E:54:F8:41:41:CE:8A:83:A7:9E:C6:4D:00:94:5B:52
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5DD42F02C60AA5CFE1FF8688F9DCB
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/muaJv55U-EFBzoqDp57GTQCUW1I.roa
Signing time: Wed 01 Jan 2025 07:47:54 +0000
ROA not before: Wed 01 Jan 2025 07:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a13:ba80::/32 maxlen: 32
2a13:ba81::/32 maxlen: 32
2a13:ba82::/32 maxlen: 32
2a13:ba83::/32 maxlen: 32
2a13:ba84::/32 maxlen: 32
2a13:ba85::/32 maxlen: 32
2a13:ba86::/32 maxlen: 32
2a13:ba87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:dd:42:f0:2c:60:aa:5c:fe:1f:f8:68:8f:9d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ae689bf9e54f84141ce8a83a79ec64d00945b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:eb:93:88:ce:91:8f:36:1c:87:5c:d6:24:
88:09:83:21:90:07:8a:ec:1b:dd:2e:85:7f:f3:ac:
84:cd:1e:10:7c:50:97:0d:13:7f:5b:c7:42:e9:49:
08:ac:1d:d5:ee:ed:61:fb:a0:43:99:57:b6:d7:28:
fd:02:fd:5c:eb:b4:b8:f8:22:a8:c5:98:b0:c2:cc:
98:9c:41:1a:f9:f4:08:96:27:9f:cf:3d:e6:87:a9:
e8:75:45:9d:75:d5:93:db:50:4d:59:60:fe:1c:64:
10:a9:ba:08:ad:90:85:c1:e3:c1:67:93:4f:cb:b6:
0d:bc:55:0c:89:f6:e3:f1:51:57:16:dd:b7:fc:3d:
3e:af:b7:4e:dd:b3:c7:59:ba:85:39:0b:32:0b:bf:
75:f6:43:63:7e:46:a9:74:00:92:ea:f9:2a:e4:6e:
50:8e:98:08:70:68:21:85:09:b5:33:fc:a1:86:8a:
10:61:c9:83:2c:bc:91:44:2c:87:6e:d6:9e:72:88:
e4:5f:67:e2:0b:ea:67:27:f7:18:72:f7:70:b9:8f:
f3:86:06:7b:77:7b:73:91:31:20:28:ca:31:a6:be:
78:4a:03:1d:27:65:60:d6:0d:5d:68:45:dc:8f:54:
cb:b5:20:77:47:b1:62:c4:fd:13:ec:ef:d6:60:cb:
b6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E6:89:BF:9E:54:F8:41:41:CE:8A:83:A7:9E:C6:4D:00:94:5B:52
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/muaJv55U-EFBzoqDp57GTQCUW1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
01:31:50:b6:d1:e7:c9:19:29:44:71:ca:a6:a6:1e:4b:0c:71:
5b:4f:6f:d1:e9:23:32:55:c3:fa:b3:65:86:87:a0:a2:82:d0:
67:bf:34:e3:92:a4:ca:1e:f7:f6:a1:66:bb:3f:bf:84:b8:c2:
05:d6:f2:29:57:10:5a:06:7d:ed:c8:be:a8:e0:f2:cf:f3:01:
69:5d:34:35:d6:f4:72:e0:92:ee:9e:63:8e:00:8e:22:1d:84:
fb:dd:4f:d5:42:37:0f:60:a8:05:5b:58:c2:34:5a:45:ef:36:
45:8f:2d:66:05:fa:eb:65:57:99:4b:0b:77:90:47:37:8b:ca:
13:5c:83:ae:79:1c:f5:de:59:c5:84:a1:77:1c:49:c4:6b:f0:
f6:d8:4b:48:bb:ce:97:ff:17:e1:b6:f3:f6:55:4d:06:e7:15:
ae:53:d2:5f:c0:c8:a8:e3:7b:2c:b0:18:46:51:62:8f:50:43:
ca:02:e6:71:26:2e:58:c4:10:c8:29:dd:ab:7f:67:84:4d:54:
ab:b5:eb:a5:5b:8c:a4:87:5a:2e:d9:24:4b:e8:57:cc:05:a2:
3a:a3:7b:5f:48:b7:4e:64:be:59:80:88:37:45:32:42:9f:b5:
45:b6:01:9d:6a:1a:ee:b7:c7:6d:25:37:4c:f9:6b:7e:ce:19:
a6:62:b2:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQg1d1C8Cxgqlz+H/hoj53LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWU2ODliZjllNTRmODQxNDFjZThhODNhNzllYzY0ZDAwOTQ1YjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrfrk4jOkY82HIdc1iSICYMhkAeK
7BvdLoV/86yEzR4QfFCXDRN/W8dC6UkIrB3V7u1h+6BDmVe21yj9Av1c67S4+CKo
xZiwwsyYnEEa+fQIliefzz3mh6nodUWdddWT21BNWWD+HGQQqboIrZCFwePBZ5NP
y7YNvFUMifbj8VFXFt23/D0+r7dO3bPHWbqFOQsyC7919kNjfkapdACS6vkq5G5Q
jpgIcGghhQm1M/yhhooQYcmDLLyRRCyHbtaecojkX2fiC+pnJ/cYcvdwuY/zhgZ7
d3tzkTEgKMoxpr54SgMdJ2Vg1g1daEXcj1TLtSB3R7FixP0T7O/WYMu21QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJrmib+eVPhBQc6Kg6eexk0AlFtSMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvbXVhSnY1NVUtRUZCem9xRHA1N0dUUUNVVzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAATFQttHnyRkpRHHKpqYeSwxxW09v0ekjMlXD+rNl
hoegooLQZ78045Kkyh739qFmuz+/hLjCBdbyKVcQWgZ97ci+qODyz/MBaV00Ndb0
cuCS7p5jjgCOIh2E+91P1UI3D2CoBVtYwjRaRe82RY8tZgX662VXmUsLd5BHN4vK
E1yDrnkc9d5ZxYShdxxJxGvw9thLSLvOl/8X4bbz9lVNBucVrlPSX8DIqON7LLAY
RlFij1BDygLmcSYuWMQQyCndq39nhE1Uq7XrpVuMpIdaLtkkS+hXzAWiOqN7X0i3
TmS+WYCIN0UyQp+1RbYBnWoa7rfHbSU3TPlrfs4ZpmKyOw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:11:36 2025 by rpki-client