Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/l_KNRz-DOMsGFsOq9QowWZSTlSY.roa
File: l_KNRz-DOMsGFsOq9QowWZSTlSY.roa (raw, json)
Hash identifier: npXTC3HvU34eVfQ3A8stCbWQJ3DirxlZznu2fCVNFbM=
Subject key identifier: 97:F2:8D:47:3F:83:38:CB:06:16:C3:AA:F5:0A:30:59:94:93:95:26
Certificate issuer: /CN=32388fcf74d2e59524f4eb4d96e44c5222db63e1
Certificate serial: 01941F8C1F46089EFF7F5A31074F7336397F
Authority key identifier: 32:38:8F:CF:74:D2:E5:95:24:F4:EB:4D:96:E4:4C:52:22:DB:63:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/l_KNRz-DOMsGFsOq9QowWZSTlSY.roa
Signing time: Wed 01 Jan 2025 01:47:44 +0000
ROA not before: Wed 01 Jan 2025 01:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8194
IP address blocks: 2a14:5680::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.mft
rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1f:46:08:9e:ff:7f:5a:31:07:4f:73:36:39:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32388fcf74d2e59524f4eb4d96e44c5222db63e1
Validity
Not Before: Jan 1 01:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97f28d473f8338cb0616c3aaf50a305994939526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:15:75:a2:b7:e6:35:93:8d:4a:05:be:7a:06:
cb:df:59:74:8b:84:97:1e:de:25:f4:dc:a7:a9:56:
df:75:c1:7f:27:4c:17:d2:54:ea:52:bc:c6:3c:1c:
87:be:a8:e2:f6:68:42:f0:95:14:12:88:a8:84:4f:
67:19:10:a5:0b:11:44:f3:8d:71:f4:2e:ed:26:ba:
c4:19:77:60:30:95:cf:d0:87:87:a7:7a:ac:52:d5:
d5:4a:9b:ab:20:f9:bc:37:4d:f0:b4:34:4c:ec:61:
f0:44:ff:0b:e5:ed:cc:b4:ee:43:d9:92:f3:2d:8e:
00:fc:2e:57:3d:7f:68:5e:c1:7d:b4:d8:73:43:7b:
af:3a:9e:61:2b:df:9c:c6:b0:f4:b5:8b:df:fe:dc:
17:e7:0c:e4:a1:8d:7d:19:b5:ef:77:46:7c:64:b1:
f9:d4:4a:83:64:b0:2d:75:c2:02:7b:dd:12:fb:56:
4d:ad:93:b6:52:38:c4:62:0c:00:1d:34:7d:d1:d5:
b6:de:d4:3b:51:c5:c5:a9:9c:0d:53:27:5a:e5:85:
99:5c:fa:9e:fb:3b:e7:be:0b:20:e7:36:3a:0d:ac:
4e:9a:08:c1:be:52:41:22:88:8d:2f:8d:42:1d:a3:
7b:0b:8a:66:ab:fc:91:3d:a9:31:1b:56:d0:c3:bb:
8c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F2:8D:47:3F:83:38:CB:06:16:C3:AA:F5:0A:30:59:94:93:95:26
X509v3 Authority Key Identifier:
keyid:32:38:8F:CF:74:D2:E5:95:24:F4:EB:4D:96:E4:4C:52:22:DB:63:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MjiPz3TS5ZUk9OtNluRMUiLbY-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/l_KNRz-DOMsGFsOq9QowWZSTlSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a9a1c9-3444-4e5b-a720-18040c8e22ed/1/MjiPz3TS5ZUk9OtNluRMUiLbY-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:5680::/29
Signature Algorithm: sha256WithRSAEncryption
4b:df:2c:71:a0:4b:51:5a:22:3a:49:34:06:ca:50:77:e1:32:
70:38:20:c3:34:50:9b:31:60:bc:be:f2:d6:42:1c:f1:d5:86:
a5:51:30:e5:58:cf:6c:4f:10:c2:fd:c1:d1:19:cc:23:0b:7e:
4a:71:5a:95:59:6c:56:67:60:32:86:aa:61:2e:97:96:a2:d8:
e4:d4:8d:55:5c:86:e7:e6:f3:0a:15:b8:13:97:1d:14:fb:66:
ca:a6:0d:16:5a:68:3d:4b:93:b2:08:fa:1b:ee:ef:e5:a3:60:
90:d8:be:3e:ea:02:fa:4c:4d:50:5c:0c:42:2a:6a:da:6a:77:
04:08:60:b0:bc:f0:e4:06:a9:69:da:8a:ec:06:0a:60:8f:c0:
47:a2:e7:99:f9:53:23:ed:4d:91:e0:2e:0a:88:ca:97:3d:24:
0b:1e:9a:eb:d2:4c:de:be:c8:5b:42:cd:b7:98:fa:ec:6f:3a:
d6:cb:fe:8f:2f:f5:e7:33:fa:19:15:0c:a3:c7:41:6c:4b:8c:
52:66:52:28:47:32:cd:f2:37:6d:2e:cd:d5:90:27:55:97:1d:
c2:15:26:5a:c3:d7:93:45:f4:97:c7:35:b8:dc:59:d9:0e:9d:
b4:df:5a:d1:a6:e2:ca:2b:92:4b:b7:72:98:4e:c2:62:fb:a3:
91:9a:74:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjB9GCJ7/f1oxB09zNjl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMzg4ZmNmNzRkMmU1OTUyNGY0ZWI0ZDk2ZTQ0YzUyMjJk
YjYzZTEwHhcNMjUwMTAxMDE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2YyOGQ0NzNmODMzOGNiMDYxNmMzYWFmNTBhMzA1OTk0OTM5NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9xV1orfmNZONSgW+egbL31l0i4SX
Ht4l9NynqVbfdcF/J0wX0lTqUrzGPByHvqji9mhC8JUUEoiohE9nGRClCxFE841x
9C7tJrrEGXdgMJXP0IeHp3qsUtXVSpurIPm8N03wtDRM7GHwRP8L5e3MtO5D2ZLz
LY4A/C5XPX9oXsF9tNhzQ3uvOp5hK9+cxrD0tYvf/twX5wzkoY19GbXvd0Z8ZLH5
1EqDZLAtdcICe90S+1ZNrZO2UjjEYgwAHTR90dW23tQ7UcXFqZwNUyda5YWZXPqe
+zvnvgsg5zY6DaxOmgjBvlJBIoiNL41CHaN7C4pmq/yRPakxG1bQw7uMGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJfyjUc/gzjLBhbDqvUKMFmUk5UmMB8GA1UdIwQY
MBaAFDI4j8900uWVJPTrTZbkTFIi22PhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWppUHozVFM1WlVrOU90Tmx1Uk1VaUxiWS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9hOWExYzktMzQ0NC00ZTViLWE3MjAt
MTgwNDBjOGUyMmVkLzEvbF9LTlJ6LURPTXNHRnNPcTlRb3dXWlNUbFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9hOWExYzktMzQ0NC00ZTViLWE3MjAtMTgwNDBjOGUyMmVk
LzEvTWppUHozVFM1WlVrOU90Tmx1Uk1VaUxiWS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRWgDAN
BgkqhkiG9w0BAQsFAAOCAQEAS98scaBLUVoiOkk0BspQd+EycDggwzRQmzFgvL7y
1kIc8dWGpVEw5VjPbE8Qwv3B0RnMIwt+SnFalVlsVmdgMoaqYS6XlqLY5NSNVVyG
5+bzChW4E5cdFPtmyqYNFlpoPUuTsgj6G+7v5aNgkNi+PuoC+kxNUFwMQipq2mp3
BAhgsLzw5AapadqK7AYKYI/AR6LnmflTI+1NkeAuCojKlz0kCx6a69JM3r7IW0LN
t5j67G861sv+jy/15zP6GRUMo8dBbEuMUmZSKEcyzfI3bS7N1ZAnVZcdwhUmWsPX
k0X0l8c1uNxZ2Q6dtN9a0abiyiuSS7dymE7CYvujkZp0fw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:23 2025 by rpki-client