Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/9a42cuWC_BNDA4DIJ7JykE7wjb4.roa
File: 9a42cuWC_BNDA4DIJ7JykE7wjb4.roa (raw, json)
Hash identifier: qRT9zf7xfXIljPHzFl0mxSNGtfeCmpUyqkEyE4RnCGQ=
Subject key identifier: F5:AE:36:72:E5:82:FC:13:43:03:80:C8:27:B2:72:90:4E:F0:8D:BE
Certificate issuer: /CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Certificate serial: 01942521C7BB96270A522F1E01CB765CA3EE
Authority key identifier: 87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/9a42cuWC_BNDA4DIJ7JykE7wjb4.roa
Signing time: Thu 02 Jan 2025 03:49:18 +0000
ROA not before: Thu 02 Jan 2025 03:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214044
IP address blocks: 2a03:7c03:1ead::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c7:bb:96:27:0a:52:2f:1e:01:cb:76:5c:a3:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f41ae0779e37defc69b2a5b0f7ab8fd40cd3e7
Validity
Not Before: Jan 2 03:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5ae3672e582fc13430380c827b272904ef08dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f2:be:5d:a3:4c:f5:e4:82:da:3f:59:39:3b:
e1:9f:96:00:66:a0:5b:e4:a3:9f:61:12:c7:6f:9e:
99:66:bd:a3:bf:78:aa:53:25:f6:e0:8b:4f:64:6d:
2f:f7:1c:a1:88:7f:40:67:1b:aa:2e:6a:29:1b:70:
8c:fd:df:e1:93:9d:81:67:52:9d:6e:26:a6:2d:8d:
89:e8:aa:27:41:a6:b4:d7:0f:92:90:bd:6a:b9:2b:
fd:70:9a:53:fc:6e:89:3c:78:2f:fb:79:f1:cd:fd:
a7:55:d5:af:ab:aa:d8:fd:7a:74:22:0e:86:29:68:
19:9d:92:34:3a:2d:8a:06:65:e3:d0:a3:ac:d0:f9:
83:ca:ef:db:41:4f:09:33:9e:9d:17:4b:d1:65:49:
f3:35:da:b1:cd:95:4b:a1:49:26:70:8f:2b:ff:ca:
cc:b0:37:1f:33:9b:59:25:94:40:a1:4a:1a:14:ff:
ef:bb:a9:77:39:25:5e:39:7c:47:cc:bb:87:f2:9b:
99:09:c2:2c:a4:7a:d0:88:7e:bd:8c:8c:5d:1a:ce:
45:cb:db:f4:b3:e0:27:3b:75:5d:2c:04:62:d5:99:
56:13:e8:cd:bc:f8:46:41:57:05:f8:08:29:56:7e:
07:04:2e:b5:e9:0e:47:37:4e:d1:2f:57:c0:e6:08:
99:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:AE:36:72:E5:82:FC:13:43:03:80:C8:27:B2:72:90:4E:F0:8D:BE
X509v3 Authority Key Identifier:
keyid:87:F4:1A:E0:77:9E:37:DE:FC:69:B2:A5:B0:F7:AB:8F:D4:0C:D3:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_Qa4HeeN978abKlsPerj9QM0-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/9a42cuWC_BNDA4DIJ7JykE7wjb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/185cb5-4752-43b8-8e46-c43ab2a12d55/1/h_Qa4HeeN978abKlsPerj9QM0-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:7c03:1ead::/48
Signature Algorithm: sha256WithRSAEncryption
47:8c:0d:ea:25:9f:0f:af:92:10:d4:34:f5:e1:b1:e4:9f:e4:
e0:5b:18:a1:47:d4:0c:d5:b7:ce:32:fb:6e:38:1d:b3:11:99:
90:0f:77:04:cb:99:a9:aa:23:cf:6f:c5:c5:c9:35:da:c2:20:
a5:be:d8:a3:11:51:1c:68:9b:59:1f:0f:50:8f:f9:da:ae:00:
7e:72:f8:89:bd:dd:97:5e:ee:1d:c6:7e:57:8e:39:16:96:a2:
76:80:30:91:fd:6f:b7:ad:5b:45:3e:a4:e5:ee:4d:29:c8:1e:
2c:d9:47:83:75:9c:39:83:0a:fa:2f:9b:7d:e5:e5:9e:08:d8:
92:9d:7b:d0:a7:c0:8a:ae:8d:d8:19:62:13:9a:02:b8:be:9e:
7f:01:e0:86:63:61:07:37:9a:e3:fd:85:c3:bb:4d:43:91:46:
19:89:69:c3:88:d7:c6:03:a4:f0:6f:2b:8b:40:59:20:6f:bc:
cb:cb:19:4d:ff:60:d2:3a:d3:ae:5f:0c:e0:30:c4:a3:18:75:
b8:fc:37:ec:da:0f:e7:ff:d4:25:6f:bd:bb:55:d1:d7:f2:06:
71:b1:28:32:72:b6:d2:5a:a0:19:a2:16:a8:85:12:e7:88:e3:
a4:b4:f1:5a:9d:b6:b9:a0:2f:11:da:25:cb:63:53:e6:63:fe:
9d:dd:aa:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIce7licKUi8eAct2XKPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjQxYWUwNzc5ZTM3ZGVmYzY5YjJhNWIwZjdhYjhmZDQw
Y2QzZTcwHhcNMjUwMTAyMDM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWFlMzY3MmU1ODJmYzEzNDMwMzgwYzgyN2IyNzI5MDRlZjA4ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfK+XaNM9eSC2j9ZOTvhn5YAZqBb
5KOfYRLHb56ZZr2jv3iqUyX24ItPZG0v9xyhiH9AZxuqLmopG3CM/d/hk52BZ1Kd
biamLY2J6KonQaa01w+SkL1quSv9cJpT/G6JPHgv+3nxzf2nVdWvq6rY/Xp0Ig6G
KWgZnZI0Oi2KBmXj0KOs0PmDyu/bQU8JM56dF0vRZUnzNdqxzZVLoUkmcI8r/8rM
sDcfM5tZJZRAoUoaFP/vu6l3OSVeOXxHzLuH8puZCcIspHrQiH69jIxdGs5Fy9v0
s+AnO3VdLARi1ZlWE+jNvPhGQVcF+AgpVn4HBC616Q5HN07RL1fA5giZ/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPWuNnLlgvwTQwOAyCeycpBO8I2+MB8GA1UdIwQY
MBaAFIf0GuB3njfe/GmypbD3q4/UDNPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYt
YzQzYWIyYTEyZDU1LzEvOWE0MmN1V0NfQk5EQTRESUo3SnlrRTd3amI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xODVjYjUtNDc1Mi00M2I4LThlNDYtYzQzYWIyYTEyZDU1
LzEvaF9RYTRIZWVOOTc4YWJLbHNQZXJqOVFNMC1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgN8Ax6t
MA0GCSqGSIb3DQEBCwUAA4IBAQBHjA3qJZ8Pr5IQ1DT14bHkn+TgWxihR9QM1bfO
MvtuOB2zEZmQD3cEy5mpqiPPb8XFyTXawiClvtijEVEcaJtZHw9Qj/nargB+cviJ
vd2XXu4dxn5XjjkWlqJ2gDCR/W+3rVtFPqTl7k0pyB4s2UeDdZw5gwr6L5t95eWe
CNiSnXvQp8CKro3YGWITmgK4vp5/AeCGY2EHN5rj/YXDu01DkUYZiWnDiNfGA6Tw
byuLQFkgb7zLyxlN/2DSOtOuXwzgMMSjGHW4/Dfs2g/n/9Qlb727VdHX8gZxsSgy
crbSWqAZohaohRLniOOktPFanba5oC8R2iXLY1PmY/6d3ard
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:45 2025 by rpki-client