Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/j3Johs7tWdOjWP-RSLyuZS9QCYA.roa
File: j3Johs7tWdOjWP-RSLyuZS9QCYA.roa (raw, json)
Hash identifier: 73D0mNtTe5ysnKB7nrHua4L+6aN6MBQCZz1gs+mdS6U=
Subject key identifier: 8F:72:68:86:CE:ED:59:D3:A3:58:FF:91:48:BC:AE:65:2F:50:09:80
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 01941F8C658474634A55284A77C57B53D3C6
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/j3Johs7tWdOjWP-RSLyuZS9QCYA.roa
Signing time: Wed 01 Jan 2025 01:48:02 +0000
ROA not before: Wed 01 Jan 2025 01:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397568
IP address blocks: 2a06:6540:2003::/48 maxlen: 48
2a06:6541:2003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:65:84:74:63:4a:55:28:4a:77:c5:7b:53:d3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 1 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f726886ceed59d3a358ff9148bcae652f500980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:ae:d1:0d:c3:32:b9:08:49:5c:df:0e:29:
5a:1c:05:4b:21:97:10:38:44:a3:59:bd:f1:a0:a2:
71:b8:14:13:82:dc:54:8e:98:51:b4:6d:56:9f:2d:
e3:f2:78:fa:c0:15:bd:29:f6:2a:57:59:0d:3f:e3:
4e:98:33:db:40:de:fc:0a:ca:cc:92:47:da:e9:4c:
9c:6a:d1:49:8b:a2:8c:91:96:8b:5e:6a:9c:4e:23:
ac:be:62:9f:96:03:b4:26:36:a0:39:d9:73:bf:ab:
af:78:73:03:d8:3e:b6:bc:8d:d3:83:01:ff:01:44:
8a:29:1a:db:d9:bc:2c:10:28:8e:55:c5:91:c8:d7:
13:47:07:c7:3b:76:48:bf:9c:7d:48:a2:8e:e6:7d:
74:1f:88:c1:79:a6:06:43:86:f5:e0:1a:e4:65:15:
71:a3:ed:c4:e5:e1:cb:ee:a1:b0:9a:a8:4a:90:e8:
db:0d:81:7a:bf:af:d4:f5:00:c9:80:b5:5c:49:38:
a4:96:99:8f:2b:f6:5d:4a:5d:dd:80:06:81:f3:c6:
eb:84:f7:d1:00:49:d5:fa:91:e7:04:59:82:c6:41:
4a:49:4e:54:7b:a1:07:34:d4:57:75:50:38:32:98:
05:ed:1e:74:7b:c4:91:50:1a:b5:19:26:33:86:81:
49:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:72:68:86:CE:ED:59:D3:A3:58:FF:91:48:BC:AE:65:2F:50:09:80
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/j3Johs7tWdOjWP-RSLyuZS9QCYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6540:2003::/48
2a06:6541:2003::/48
Signature Algorithm: sha256WithRSAEncryption
24:4b:f8:60:bd:4a:dd:6d:cb:f7:9c:fd:ff:53:d7:d0:4e:88:
f3:4a:8b:17:4c:48:76:08:dc:c8:ca:65:17:3d:8d:dd:31:a0:
a0:b0:f8:21:bb:1a:83:1b:0a:a7:f9:66:cc:ff:49:4b:26:96:
a0:a3:c9:71:b9:7f:54:71:39:f0:1d:2e:6b:01:4c:7e:8a:48:
39:ea:42:4e:52:c7:32:29:42:51:a5:51:28:cd:76:d9:64:5d:
7b:4d:aa:eb:51:e8:b3:cc:8e:65:0f:dc:62:0a:74:fb:82:1f:
f5:b0:5c:1e:28:0a:53:56:fc:d2:01:7e:99:d9:32:80:c4:60:
ca:91:97:5e:66:fb:7e:e0:42:fc:ae:15:44:7b:9f:2a:e7:cb:
0e:ce:08:b5:0f:c6:1f:10:4a:e6:60:4e:27:b0:f6:90:4a:25:
48:13:09:fd:15:bb:7a:cb:f1:6b:d9:8d:bb:cc:d9:97:c8:1d:
a2:1c:b6:dd:ae:60:f8:ca:a2:a2:e9:13:9b:ee:88:39:77:ff:
f6:38:7b:36:ec:5e:f5:3a:ef:67:de:19:e3:a0:73:2f:d1:64:
4a:cb:56:ea:6b:d8:c7:78:f5:45:15:13:37:32:d4:e1:36:13:
6e:6f:6a:93:7c:74:e8:16:44:34:e0:05:4e:9c:e8:9d:c2:a3:
fe:2f:29:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjGWEdGNKVShKd8V7U9PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzQ2NmNjODlmOWRiNGUzMWM1NDAwZDJhZTdhMmJmZmRi
MjI1NDcwHhcNMjUwMTAxMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjcyNjg4NmNlZWQ1OWQzYTM1OGZmOTE0OGJjYWU2NTJmNTAwOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraGu0Q3DMrkISVzfDilaHAVLIZcQ
OESjWb3xoKJxuBQTgtxUjphRtG1Wny3j8nj6wBW9KfYqV1kNP+NOmDPbQN78CsrM
kkfa6UycatFJi6KMkZaLXmqcTiOsvmKflgO0JjagOdlzv6uveHMD2D62vI3TgwH/
AUSKKRrb2bwsECiOVcWRyNcTRwfHO3ZIv5x9SKKO5n10H4jBeaYGQ4b14BrkZRVx
o+3E5eHL7qGwmqhKkOjbDYF6v6/U9QDJgLVcSTiklpmPK/ZdSl3dgAaB88brhPfR
AEnV+pHnBFmCxkFKSU5Ue6EHNNRXdVA4MpgF7R50e8SRUBq1GSYzhoFJKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI9yaIbO7VnTo1j/kUi8rmUvUAmAMB8GA1UdIwQY
MBaAFFrEZsyJ+dtOMcVADSrnor/9siVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2Yt
OWFiZDFhYTY0YmUxLzEvajNKb2hzN3RXZE9qV1AtUlNMeXVaUzlRQ1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2YtOWFiZDFhYTY0YmUx
LzEvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgZlQCAD
AwcAKgZlQSADMA0GCSqGSIb3DQEBCwUAA4IBAQAkS/hgvUrdbcv3nP3/U9fQTojz
SosXTEh2CNzIymUXPY3dMaCgsPghuxqDGwqn+WbM/0lLJpago8lxuX9UcTnwHS5r
AUx+ikg56kJOUscyKUJRpVEozXbZZF17TarrUeizzI5lD9xiCnT7gh/1sFweKApT
VvzSAX6Z2TKAxGDKkZdeZvt+4EL8rhVEe58q58sOzgi1D8YfEErmYE4nsPaQSiVI
Ewn9Fbt6y/Fr2Y27zNmXyB2iHLbdrmD4yqKi6ROb7og5d//2OHs27F71Ou9n3hnj
oHMv0WRKy1bqa9jHePVFFRM3MtThNhNub2qTfHToFkQ04AVOnOidwqP+LylM
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:46:06 2025 by rpki-client