Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a94a4c-a552-46f6-8a81-cef9448124b0/1/yzmCfwKm_JPG030YXapakt0raKE.roa
File: yzmCfwKm_JPG030YXapakt0raKE.roa (raw, json)
Hash identifier: FgUsVc5q6Pi83IVxku3Q5cKwPTsj2kNtxaix/96GJI0=
Subject key identifier: CB:39:82:7F:02:A6:FC:93:C6:D3:7D:18:5D:AA:5A:92:DD:2B:68:A1
Certificate issuer: /CN=6bba1d24e72c439ec7a5cbdc391357dd89cb86ab
Certificate serial: 019425FC4FEABEC8CA476A2337F16B2B0680
Authority key identifier: 6B:BA:1D:24:E7:2C:43:9E:C7:A5:CB:DC:39:13:57:DD:89:CB:86:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7odJOcsQ57HpcvcORNX3YnLhqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a94a4c-a552-46f6-8a81-cef9448124b0/1/yzmCfwKm_JPG030YXapakt0raKE.roa
Signing time: Thu 02 Jan 2025 07:48:00 +0000
ROA not before: Thu 02 Jan 2025 07:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 2a0d:7f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a94a4c-a552-46f6-8a81-cef9448124b0/1/a7odJOcsQ57HpcvcORNX3YnLhqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/a94a4c-a552-46f6-8a81-cef9448124b0/1/a7odJOcsQ57HpcvcORNX3YnLhqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/a7odJOcsQ57HpcvcORNX3YnLhqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:4f:ea:be:c8:ca:47:6a:23:37:f1:6b:2b:06:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bba1d24e72c439ec7a5cbdc391357dd89cb86ab
Validity
Not Before: Jan 2 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb39827f02a6fc93c6d37d185daa5a92dd2b68a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:64:0b:d8:62:54:18:2b:ba:6f:a6:54:e0:38:
6e:03:ca:b9:83:30:f5:47:2b:80:75:43:af:0e:7e:
82:09:50:5e:55:16:be:0b:79:cd:16:b1:28:87:7e:
09:6f:c1:6e:df:76:69:13:fc:2c:05:e4:24:40:a9:
8e:ef:f9:da:86:7f:a3:00:2b:03:39:33:46:12:8a:
ea:bc:20:97:66:09:f5:a8:af:e9:b6:03:2e:b9:60:
58:a2:56:b7:e4:9a:ad:37:20:8f:b0:fd:70:07:33:
da:6e:42:ab:81:d7:35:b6:dd:40:6e:58:33:91:fb:
67:85:4d:dd:c4:49:f7:f3:6c:60:d3:1e:33:cc:bd:
8e:4c:ca:58:6e:1b:a4:8a:a1:d3:3f:83:02:de:f8:
74:8e:dc:2f:e0:77:8c:19:ea:82:53:b9:21:d9:89:
22:6d:05:d7:dd:ff:90:54:67:5c:44:c9:7b:5f:c7:
d9:80:52:e2:48:f1:bb:e2:b6:af:40:a5:4d:2f:c9:
46:fb:c0:09:de:be:54:2f:05:07:62:e1:e7:27:f8:
db:48:73:98:3b:1f:57:6b:dd:17:17:fa:0d:6f:71:
83:00:cc:f0:c8:1a:0d:23:39:13:51:0e:a0:89:8d:
26:ca:46:81:bc:b6:58:bb:c2:80:36:45:4d:6d:3e:
70:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:39:82:7F:02:A6:FC:93:C6:D3:7D:18:5D:AA:5A:92:DD:2B:68:A1
X509v3 Authority Key Identifier:
keyid:6B:BA:1D:24:E7:2C:43:9E:C7:A5:CB:DC:39:13:57:DD:89:CB:86:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7odJOcsQ57HpcvcORNX3YnLhqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a94a4c-a552-46f6-8a81-cef9448124b0/1/yzmCfwKm_JPG030YXapakt0raKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a94a4c-a552-46f6-8a81-cef9448124b0/1/a7odJOcsQ57HpcvcORNX3YnLhqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
1f:bd:b1:16:b3:ae:fc:0d:ac:cb:2c:80:f5:b3:84:6a:6e:a3:
89:ab:ea:f9:e8:a1:df:67:4b:f5:20:88:da:ed:73:f4:14:d6:
82:6c:2d:41:20:a6:cf:b3:46:ae:25:07:22:e8:85:bf:0d:6e:
e8:1c:7e:3e:2c:8e:13:3e:5c:5b:fe:f0:97:f9:f1:8f:13:03:
96:3c:39:53:7b:da:81:eb:09:b8:9e:1d:7a:4c:7a:5f:de:8d:
fc:72:66:f1:55:5f:fa:29:f1:3e:c4:22:e0:f9:7e:56:8f:42:
82:20:71:da:51:ea:9a:bc:38:96:39:ca:7d:bf:7e:b4:05:9f:
86:f0:1a:3f:c2:22:e2:41:e9:1d:79:54:af:bb:d6:c3:aa:1a:
6c:aa:e9:03:31:58:6b:39:6b:4e:6d:b8:45:67:00:ab:3e:27:
c0:ed:f0:a1:2e:ec:3c:d5:3f:05:4c:e7:db:f5:41:0d:63:cb:
fd:c5:a2:0f:5a:0f:c5:e9:c5:cf:3e:37:2d:e1:09:34:fe:6a:
e1:c6:61:76:eb:99:bb:9d:5c:72:96:05:a6:92:64:91:de:8c:
12:7e:18:07:c2:3e:ad:c9:7e:32:06:6a:a6:68:dd:c2:89:49:
31:f3:5d:38:ba:49:f7:a8:c5:91:07:23:15:68:5f:46:35:3d:
c2:1d:c9:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/E/qvsjKR2ojN/FrKwaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYmExZDI0ZTcyYzQzOWVjN2E1Y2JkYzM5MTM1N2RkODlj
Yjg2YWIwHhcNMjUwMTAyMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM5ODI3ZjAyYTZmYzkzYzZkMzdkMTg1ZGFhNWE5MmRkMmI2OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWQL2GJUGCu6b6ZU4DhuA8q5gzD1
RyuAdUOvDn6CCVBeVRa+C3nNFrEoh34Jb8Fu33ZpE/wsBeQkQKmO7/nahn+jACsD
OTNGEorqvCCXZgn1qK/ptgMuuWBYola35JqtNyCPsP1wBzPabkKrgdc1tt1Ablgz
kftnhU3dxEn382xg0x4zzL2OTMpYbhukiqHTP4MC3vh0jtwv4HeMGeqCU7kh2Yki
bQXX3f+QVGdcRMl7X8fZgFLiSPG74ravQKVNL8lG+8AJ3r5ULwUHYuHnJ/jbSHOY
Ox9Xa90XF/oNb3GDAMzwyBoNIzkTUQ6giY0mykaBvLZYu8KANkVNbT5wOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMs5gn8CpvyTxtN9GF2qWpLdK2ihMB8GA1UdIwQY
MBaAFGu6HSTnLEOex6XL3DkTV92Jy4arMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdvZEpPY3NRNTdIcGN2Y09STlgzWW5MaHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hOTRhNGMtYTU1Mi00NmY2LThhODEt
Y2VmOTQ0ODEyNGIwLzEveXptQ2Z3S21fSlBHMDMwWVhhcGFrdDByYUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9hOTRhNGMtYTU1Mi00NmY2LThhODEtY2VmOTQ0ODEyNGIw
LzEvYTdvZEpPY3NRNTdIcGN2Y09STlgzWW5MaHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg1/ADAN
BgkqhkiG9w0BAQsFAAOCAQEAH72xFrOu/A2syyyA9bOEam6jiavq+eih32dL9SCI
2u1z9BTWgmwtQSCmz7NGriUHIuiFvw1u6Bx+PiyOEz5cW/7wl/nxjxMDljw5U3va
gesJuJ4dekx6X96N/HJm8VVf+inxPsQi4Pl+Vo9CgiBx2lHqmrw4ljnKfb9+tAWf
hvAaP8Ii4kHpHXlUr7vWw6oabKrpAzFYazlrTm24RWcAqz4nwO3woS7sPNU/BUzn
2/VBDWPL/cWiD1oPxenFzz43LeEJNP5q4cZhduuZu51ccpYFppJkkd6MEn4YB8I+
rcl+MgZqpmjdwolJMfNdOLpJ96jFkQcjFWhfRjU9wh3JsQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:11:24 2025 by rpki-client