Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/u30uSL9wmmrrs1Xj770glr3MdDo.roa
File: u30uSL9wmmrrs1Xj770glr3MdDo.roa (raw, json)
Hash identifier: xtIgG9wchGphTb8JbvlmWsYrjnTKE4qCe5ydlOYINVQ=
Subject key identifier: BB:7D:2E:48:BF:70:9A:6A:EB:B3:55:E3:EF:BD:20:96:BD:CC:74:3A
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 019420D5F0928E0446BB56570EB186E77609
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/u30uSL9wmmrrs1Xj770glr3MdDo.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42360
IP address blocks: 94.16.6.0/24 maxlen: 32
94.16.13.0/24 maxlen: 24
2a00:11c0:77::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 04:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f0:92:8e:04:46:bb:56:57:0e:b1:86:e7:76:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb7d2e48bf709a6aebb355e3efbd2096bdcc743a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:eb:dc:c7:a6:c3:3a:08:5d:58:b9:f3:15:1b:
a4:e8:36:0a:3b:85:fe:c4:66:c9:95:a0:d9:dc:e3:
fc:fd:28:ba:76:34:fb:94:57:b6:7c:cb:4e:07:91:
76:bc:f8:fa:e6:ef:51:56:36:35:31:9e:b8:0b:72:
7f:92:2a:ec:d7:77:72:a1:87:42:68:01:19:37:6c:
bf:f3:f1:86:f7:78:ac:3b:da:77:a4:3b:36:01:b9:
db:c3:ad:f9:95:6d:ae:ce:7c:fb:fb:86:01:a9:12:
5d:6c:fa:b3:18:30:08:54:48:20:e7:e2:79:06:6b:
40:55:c4:e3:64:da:e6:38:55:ef:a3:03:02:a5:8a:
2e:e4:e7:d2:ab:b7:c2:aa:ce:91:15:d5:12:e4:51:
2e:e9:f3:16:2c:64:b2:e7:8c:4c:37:36:f3:3e:e1:
c5:5e:3e:08:e0:0b:94:d2:8d:06:7d:79:20:2f:38:
be:e8:2d:db:19:5b:c0:88:be:0e:34:03:87:a5:78:
45:e8:10:9f:86:45:0d:66:b9:3d:42:14:b9:ac:87:
71:01:4e:f5:d9:3e:d9:ec:83:04:2c:7b:de:67:fd:
c2:ab:82:8a:27:d0:84:75:cc:e3:ae:77:0b:05:7f:
20:88:7d:f8:0d:07:fd:18:6f:53:06:a0:11:b1:df:
a5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7D:2E:48:BF:70:9A:6A:EB:B3:55:E3:EF:BD:20:96:BD:CC:74:3A
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/u30uSL9wmmrrs1Xj770glr3MdDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.6.0/24
94.16.13.0/24
IPv6:
2a00:11c0:77::/48
Signature Algorithm: sha256WithRSAEncryption
ad:56:c7:fb:68:d5:f9:f8:7b:89:dc:43:4e:83:55:94:ff:b5:
03:26:23:21:b1:6b:61:b1:aa:cd:a3:d4:52:66:fc:d5:a4:96:
ec:4c:a2:22:9f:6d:e6:9a:eb:93:c6:89:cd:d0:36:d4:04:10:
71:b9:9b:57:c3:48:52:82:2d:dd:b6:5d:e1:d3:2d:ca:f4:24:
9b:26:51:66:ff:67:f0:f0:52:d1:5c:f9:2d:54:07:1e:c7:be:
16:e8:dd:88:2e:3c:e5:89:58:98:35:6b:5c:0f:19:7a:da:35:
aa:a6:4d:84:dd:15:43:55:1a:6a:9f:e9:00:fe:73:b1:f3:7d:
9e:8d:aa:e3:5a:ed:b2:3c:80:f3:7c:ad:ce:f5:72:d9:a8:30:
b9:b3:35:50:73:7f:ca:a5:08:c4:fa:77:b9:24:1c:c7:5e:13:
f9:54:44:10:fe:4a:d5:24:14:8a:34:fb:82:9a:a5:59:0e:fe:
e4:f4:00:5d:75:45:92:a5:f4:f3:7b:11:6b:c0:a2:f7:1d:97:
e6:30:98:77:4f:1c:21:9b:a4:62:ad:b3:e5:c1:eb:b1:7a:49:
a2:26:f7:62:48:d4:aa:0a:ae:69:71:3f:19:f5:a7:24:30:31:
2a:de:83:a1:c2:41:29:02:6f:97:49:54:58:67:3d:a6:1c:c3:
e4:04:99:b2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQg1fCSjgRGu1ZXDrGG53YJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdkMmU0OGJmNzA5YTZhZWJiMzU1ZTNlZmJkMjA5NmJkY2M3NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ovcx6bDOghdWLnzFRuk6DYKO4X+
xGbJlaDZ3OP8/Si6djT7lFe2fMtOB5F2vPj65u9RVjY1MZ64C3J/kirs13dyoYdC
aAEZN2y/8/GG93isO9p3pDs2Abnbw635lW2uznz7+4YBqRJdbPqzGDAIVEgg5+J5
BmtAVcTjZNrmOFXvowMCpYou5OfSq7fCqs6RFdUS5FEu6fMWLGSy54xMNzbzPuHF
Xj4I4AuU0o0GfXkgLzi+6C3bGVvAiL4ONAOHpXhF6BCfhkUNZrk9QhS5rIdxAU71
2T7Z7IMELHveZ/3Cq4KKJ9CEdczjrncLBX8giH34DQf9GG9TBqARsd+lXQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLt9Lki/cJpq67NV4++9IJa9zHQ6MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvdTMwdVNMOXdtbXJyczFYajc3MGdscjNNZERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAXhAGAwQA
XhANMA8EAgACMAkDBwAqABHAAHcwDQYJKoZIhvcNAQELBQADggEBAK1Wx/to1fn4
e4ncQ06DVZT/tQMmIyGxa2Gxqs2j1FJm/NWkluxMoiKfbeaa65PGic3QNtQEEHG5
m1fDSFKCLd22XeHTLcr0JJsmUWb/Z/DwUtFc+S1UBx7Hvhbo3YguPOWJWJg1a1wP
GXraNaqmTYTdFUNVGmqf6QD+c7HzfZ6NquNa7bI8gPN8rc71ctmoMLmzNVBzf8ql
CMT6d7kkHMdeE/lURBD+StUkFIo0+4KapVkO/uT0AF11RZKl9PN7EWvAovcdl+Yw
mHdPHCGbpGKts+XB67F6SaIm92JI1KoKrmlxPxn1pyQwMSreg6HCQSkCb5dJVFhn
PaYcw+QEmbI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:58:38 2025 by rpki-client