Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/acU8LPcjjnuwpEGnrC28mxzfjkI.roa
File: acU8LPcjjnuwpEGnrC28mxzfjkI.roa (raw, json)
Hash identifier: LwbfB5h8UeIfjkLBn8DXzcf/70aOb76OSwOezLnK2PU=
Subject key identifier: 69:C5:3C:2C:F7:23:8E:7B:B0:A4:41:A7:AC:2D:BC:9B:1C:DF:8E:42
Certificate issuer: /CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
Certificate serial: 01942143AC9D348302A5EA566C42F1672B98
Authority key identifier: EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/acU8LPcjjnuwpEGnrC28mxzfjkI.roa
Signing time: Wed 01 Jan 2025 09:47:50 +0000
ROA not before: Wed 01 Jan 2025 09:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18178
IP address blocks: 2a13:2200::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ac:9d:34:83:02:a5:ea:56:6c:42:f1:67:2b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea2d102b6112b0d9a8b8eebac4b97c819f97c606
Validity
Not Before: Jan 1 09:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69c53c2cf7238e7bb0a441a7ac2dbc9b1cdf8e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f0:c0:d2:4d:f8:51:3a:bf:92:d8:90:cc:0d:
4f:4a:83:20:b2:64:0c:19:45:7d:07:bd:53:01:47:
d3:19:6b:f5:ff:59:9d:73:ca:31:02:36:b5:89:bc:
25:03:7f:c6:7e:b0:5e:24:de:bb:19:4e:4c:2f:7e:
d9:9f:71:89:98:86:f9:38:e6:ed:7a:98:8d:4a:c0:
e7:c0:71:33:d7:18:cd:33:a2:aa:11:02:c7:53:4c:
65:ce:07:a9:50:c4:79:7f:05:94:bd:0a:a2:79:6f:
ed:f3:43:2c:30:c7:0f:4a:f4:79:d0:ce:0a:0c:f9:
4b:b1:a4:6f:bc:08:5c:6a:8d:2a:ce:e6:03:8f:01:
fd:38:a9:27:12:ca:f5:ff:e0:9b:ea:59:58:ad:47:
92:bc:53:97:77:4f:e9:19:40:92:3e:d8:83:6f:86:
e2:35:02:5b:3c:46:d2:d5:bf:6b:2d:89:4f:26:70:
ae:22:96:38:c3:80:c4:ea:76:6d:7d:3b:48:30:44:
ff:f8:7c:79:99:03:8a:d0:3b:24:b4:99:c3:73:c3:
5e:9e:0f:7b:0d:5a:b4:c1:98:84:5b:31:0b:13:87:
14:b8:1b:42:bd:47:e3:b6:93:43:e7:1c:9d:aa:9f:
ad:d9:af:af:89:00:be:5b:a4:09:35:6f:3f:7b:80:
c6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C5:3C:2C:F7:23:8E:7B:B0:A4:41:A7:AC:2D:BC:9B:1C:DF:8E:42
X509v3 Authority Key Identifier:
keyid:EA:2D:10:2B:61:12:B0:D9:A8:B8:EE:BA:C4:B9:7C:81:9F:97:C6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6i0QK2ESsNmouO66xLl8gZ-XxgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/acU8LPcjjnuwpEGnrC28mxzfjkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4cdefa-5ee2-4719-a7e1-b829cc401031/1/6i0QK2ESsNmouO66xLl8gZ-XxgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2200::/47
Signature Algorithm: sha256WithRSAEncryption
33:72:9c:54:31:9b:dc:66:bd:da:b0:5d:a2:12:35:a1:d4:ab:
7e:78:7b:93:77:56:c0:25:ec:73:69:ff:5d:28:0c:ba:20:82:
5f:7e:7e:33:77:21:15:64:29:3d:40:64:bf:df:43:db:bf:c0:
ff:61:03:c5:14:81:c7:f3:fc:a2:b2:72:e6:56:06:51:5b:75:
16:e7:56:80:54:07:16:70:66:64:20:f7:9c:34:07:cb:f4:4e:
5a:98:95:ab:5f:27:77:49:e6:96:01:3c:f7:0c:95:d8:0a:11:
2c:07:75:84:bf:c7:c6:04:71:c1:77:6b:5f:3f:11:a4:ee:a3:
bd:92:5b:bc:8d:c6:ca:88:48:27:b6:ab:69:b6:cd:fb:f8:b2:
c8:ad:7d:cd:48:f5:6e:cf:7f:47:c6:0e:86:75:45:79:32:1f:
a1:bb:22:0f:aa:b4:53:87:e9:4a:3d:96:fe:da:47:81:1d:49:
ee:5d:56:da:28:35:89:20:ce:15:d6:d4:96:34:51:7e:df:f7:
18:b2:07:ea:51:ea:9d:77:bc:e0:4e:ee:dd:7a:19:68:36:cb:
39:19:2a:1b:a6:cf:7c:d4:31:de:6a:87:a6:a8:da:49:6c:15:
c3:55:4d:c6:55:10:8a:61:34:a4:de:9e:7c:e4:24:84:e0:92:
5f:3b:4d:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ6ydNIMCpepWbELxZyuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMmQxMDJiNjExMmIwZDlhOGI4ZWViYWM0Yjk3YzgxOWY5
N2M2MDYwHhcNMjUwMTAxMDk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM1M2MyY2Y3MjM4ZTdiYjBhNDQxYTdhYzJkYmM5YjFjZGY4ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vDA0k34UTq/ktiQzA1PSoMgsmQM
GUV9B71TAUfTGWv1/1mdc8oxAja1ibwlA3/GfrBeJN67GU5ML37Zn3GJmIb5OObt
epiNSsDnwHEz1xjNM6KqEQLHU0xlzgepUMR5fwWUvQqieW/t80MsMMcPSvR50M4K
DPlLsaRvvAhcao0qzuYDjwH9OKknEsr1/+Cb6llYrUeSvFOXd0/pGUCSPtiDb4bi
NQJbPEbS1b9rLYlPJnCuIpY4w4DE6nZtfTtIMET/+Hx5mQOK0DsktJnDc8Neng97
DVq0wZiEWzELE4cUuBtCvUfjtpND5xydqp+t2a+viQC+W6QJNW8/e4DG/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGnFPCz3I457sKRBp6wtvJsc345CMB8GA1UdIwQY
MBaAFOotECthErDZqLjuusS5fIGfl8YGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmkwUUsyRVNzTm1vdU82NnhMbDhnWi1YeGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80Y2RlZmEtNWVlMi00NzE5LWE3ZTEt
YjgyOWNjNDAxMDMxLzEvYWNVOExQY2pqbnV3cEVHbnJDMjhteHpmamtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80Y2RlZmEtNWVlMi00NzE5LWE3ZTEtYjgyOWNjNDAxMDMx
LzEvNmkwUUsyRVNzTm1vdU82NnhMbDhnWi1YeGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhMiAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzcpxUMZvcZr3asF2iEjWh1Kt+eHuTd1bAJexz
af9dKAy6IIJffn4zdyEVZCk9QGS/30Pbv8D/YQPFFIHH8/yisnLmVgZRW3UW51aA
VAcWcGZkIPecNAfL9E5amJWrXyd3SeaWATz3DJXYChEsB3WEv8fGBHHBd2tfPxGk
7qO9klu8jcbKiEgntqtpts37+LLIrX3NSPVuz39Hxg6GdUV5Mh+huyIPqrRTh+lK
PZb+2keBHUnuXVbaKDWJIM4V1tSWNFF+3/cYsgfqUeqdd7zgTu7dehloNss5GSob
ps981DHeaoemqNpJbBXDVU3GVRCKYTSk3p585CSE4JJfO01n
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:12 2025 by rpki-client