Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/Tcdkc_pLid4bj31FVcmiyvaPqWk.roa
File: Tcdkc_pLid4bj31FVcmiyvaPqWk.roa (raw, json)
Hash identifier: GaSdD3u1V54qfiVL17STtf24nCmyDEzVmYt0IeL8i0o=
Subject key identifier: 4D:C7:64:73:FA:4B:89:DE:1B:8F:7D:45:55:C9:A2:CA:F6:8F:A9:69
Certificate issuer: /CN=dbb9bc2de36cf23b689f3c72e80abcfe482026c1
Certificate serial: 019424450E4F1522D7EF5C46800121284F99
Authority key identifier: DB:B9:BC:2D:E3:6C:F2:3B:68:9F:3C:72:E8:0A:BC:FE:48:20:26:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27m8LeNs8jtonzxy6Aq8_kggJsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/Tcdkc_pLid4bj31FVcmiyvaPqWk.roa
Signing time: Wed 01 Jan 2025 23:48:12 +0000
ROA not before: Wed 01 Jan 2025 23:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12189
IP address blocks: 2a02:5320:100::/40 maxlen: 40
2a02:5320:300::/40 maxlen: 40
2a02:5320:500::/40 maxlen: 40
2a02:5320:700::/40 maxlen: 40
2a02:5320:900::/40 maxlen: 40
2a02:5320:b00::/40 maxlen: 40
2a02:5320:d00::/40 maxlen: 40
2a02:5320:f00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/27m8LeNs8jtonzxy6Aq8_kggJsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/27m8LeNs8jtonzxy6Aq8_kggJsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/27m8LeNs8jtonzxy6Aq8_kggJsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:0e:4f:15:22:d7:ef:5c:46:80:01:21:28:4f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb9bc2de36cf23b689f3c72e80abcfe482026c1
Validity
Not Before: Jan 1 23:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc76473fa4b89de1b8f7d4555c9a2caf68fa969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:45:eb:51:8a:b9:56:ca:93:0c:e4:8c:d7:
d5:66:34:48:d6:e5:77:8d:7f:ad:b5:50:2e:78:c2:
85:6c:ba:04:a7:e3:ad:89:b9:5c:a1:42:c7:d7:b2:
ab:7b:6f:a5:9f:03:41:95:54:f1:18:56:c8:66:fb:
11:23:69:9c:a9:7f:73:ed:9c:43:ee:c2:ab:7c:0f:
f7:56:ce:25:5a:03:0a:14:5d:ca:c9:90:94:2a:2c:
f4:8a:32:7b:ed:3a:02:9f:ed:73:39:34:78:1f:8b:
b6:9d:0a:d9:0c:18:8b:16:7e:06:61:4f:bc:32:38:
22:df:b6:03:06:54:e6:d7:3d:25:4e:72:37:65:bd:
27:a9:df:3b:ad:96:78:31:86:0f:d7:00:c5:47:e6:
bb:a2:82:fb:5b:61:0a:26:76:eb:83:11:42:51:95:
2d:af:d4:47:43:34:9a:99:db:eb:f0:5d:53:62:12:
7c:89:df:56:1c:42:08:e8:cd:13:d4:09:35:e9:7b:
c0:54:62:4b:f9:92:59:fd:cb:cb:83:89:7b:90:db:
5b:23:3d:90:87:15:c1:35:0a:5b:08:54:fa:44:b7:
1a:42:7e:6c:3a:45:50:5f:6a:50:11:c0:7c:b2:14:
7c:60:e3:f6:56:96:41:95:dc:2e:e1:5d:a8:e4:64:
54:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C7:64:73:FA:4B:89:DE:1B:8F:7D:45:55:C9:A2:CA:F6:8F:A9:69
X509v3 Authority Key Identifier:
keyid:DB:B9:BC:2D:E3:6C:F2:3B:68:9F:3C:72:E8:0A:BC:FE:48:20:26:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27m8LeNs8jtonzxy6Aq8_kggJsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/Tcdkc_pLid4bj31FVcmiyvaPqWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ebc2e4-402f-47c1-9b28-14f21ae21ed3/1/27m8LeNs8jtonzxy6Aq8_kggJsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:5320:100::/40
2a02:5320:300::/40
2a02:5320:500::/40
2a02:5320:700::/40
2a02:5320:900::/40
2a02:5320:b00::/40
2a02:5320:d00::/40
2a02:5320:f00::/40
Signature Algorithm: sha256WithRSAEncryption
77:92:d4:68:55:ce:09:0b:3b:e1:07:69:fb:c7:31:6b:5e:d6:
aa:98:8e:ae:9a:d9:3b:e5:f1:73:00:ad:42:b4:e0:93:6e:a9:
9e:56:5a:70:db:64:23:a9:e7:5c:ba:9b:d4:8f:4c:7b:b0:7f:
d3:20:fb:f0:25:d8:3b:89:91:0c:23:1a:04:9e:a3:ec:29:ec:
26:78:59:7b:27:3d:96:cc:06:50:61:d5:a4:01:d4:72:ec:c1:
84:86:11:fe:64:83:f6:67:d8:99:b5:7c:0c:6f:78:76:5c:2f:
bf:fa:15:c5:b0:94:e7:70:c5:b2:7e:d0:d2:3a:b1:93:d5:09:
1b:1c:fc:8a:41:be:e4:04:18:f6:c6:86:23:51:2a:01:a2:bb:
fb:11:f5:45:83:8a:31:ef:b0:49:e4:44:86:d3:2e:76:69:15:
eb:7d:06:77:67:cb:f3:50:84:0a:85:c4:8a:85:84:44:aa:78:
d5:85:86:f8:68:43:67:f1:00:da:da:6e:f6:a9:eb:71:46:33:
54:e5:3e:0b:88:f2:dc:72:52:4e:b8:68:9c:3c:3e:c2:89:75:
cf:27:99:de:7d:bf:86:44:1c:75:d9:1c:ad:18:85:f2:e1:9b:
1b:b2:4f:0e:57:75:ed:7b:ef:3c:b1:c4:5b:c3:a9:0b:b9:9b:
3e:35:cf:f0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQkRQ5PFSLX71xGgAEhKE+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjliYzJkZTM2Y2YyM2I2ODlmM2M3MmU4MGFiY2ZlNDgy
MDI2YzEwHhcNMjUwMTAxMjM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM3NjQ3M2ZhNGI4OWRlMWI4ZjdkNDU1NWM5YTJjYWY2OGZhOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmntF61GKuVbKkwzkjNfVZjRI1uV3
jX+ttVAueMKFbLoEp+OtiblcoULH17Kre2+lnwNBlVTxGFbIZvsRI2mcqX9z7ZxD
7sKrfA/3Vs4lWgMKFF3KyZCUKiz0ijJ77ToCn+1zOTR4H4u2nQrZDBiLFn4GYU+8
Mjgi37YDBlTm1z0lTnI3Zb0nqd87rZZ4MYYP1wDFR+a7ooL7W2EKJnbrgxFCUZUt
r9RHQzSamdvr8F1TYhJ8id9WHEII6M0T1Ak16XvAVGJL+ZJZ/cvLg4l7kNtbIz2Q
hxXBNQpbCFT6RLcaQn5sOkVQX2pQEcB8shR8YOP2VpZBldwu4V2o5GRUwwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFE3HZHP6S4neG499RVXJosr2j6lpMB8GA1UdIwQY
MBaAFNu5vC3jbPI7aJ88cugKvP5IICbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdtOExlTnM4anRvbnp4eTZBcThfa2dnSnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lYmMyZTQtNDAyZi00N2MxLTliMjgt
MTRmMjFhZTIxZWQzLzEvVGNka2NfcExpZDRiajMxRlZjbWl5dmFQcVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lYmMyZTQtNDAyZi00N2MxLTliMjgtMTRmMjFhZTIxZWQz
LzEvMjdtOExlTnM4anRvbnp4eTZBcThfa2dnSnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAAjBAAwYAKgJTIAED
BgAqAlMgAwMGACoCUyAFAwYAKgJTIAcDBgAqAlMgCQMGACoCUyALAwYAKgJTIA0D
BgAqAlMgDzANBgkqhkiG9w0BAQsFAAOCAQEAd5LUaFXOCQs74Qdp+8cxa17WqpiO
rprZO+XxcwCtQrTgk26pnlZacNtkI6nnXLqb1I9Me7B/0yD78CXYO4mRDCMaBJ6j
7CnsJnhZeyc9lswGUGHVpAHUcuzBhIYR/mSD9mfYmbV8DG94dlwvv/oVxbCU53DF
sn7Q0jqxk9UJGxz8ikG+5AQY9saGI1EqAaK7+xH1RYOKMe+wSeREhtMudmkV630G
d2fL81CECoXEioWERKp41YWG+GhDZ/EA2tpu9qnrcUYzVOU+C4jy3HJSTrhonDw+
wol1zyeZ3n2/hkQcddkcrRiF8uGbG7JPDld17XvvPLHEW8OpC7mbPjXP8A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:23:20 2025 by rpki-client