Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/1-JbKVgC2zlrxckVHgIVlicdCoxQ.roa
File: 1-JbKVgC2zlrxckVHgIVlicdCoxQ.roa (raw, json)
Hash identifier: 3pR+BLofcLce+i07bAe+gODFuY9E/BGeWToEN758yac=
Subject key identifier: F8:96:CA:56:00:B6:CE:5A:F1:72:45:47:80:85:65:89:C7:42:A3:14
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 0194BD18302814B4E2588730804A1460BEC4
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/1-JbKVgC2zlrxckVHgIVlicdCoxQ.roa
Signing time: Fri 31 Jan 2025 16:01:06 +0000
ROA not before: Fri 31 Jan 2025 16:01:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
2a05:b100:1000::/46 maxlen: 46
2a05:b100:1004::/46 maxlen: 46
2a05:b100:1008::/46 maxlen: 46
2a05:b100:100c::/46 maxlen: 46
2a05:b100:1010::/46 maxlen: 46
2a05:b100:1014::/46 maxlen: 46
2a05:b100:1018::/46 maxlen: 46
2a05:b100:101c::/46 maxlen: 46
2a05:b100:1020::/46 maxlen: 46
2a05:b100:1024::/46 maxlen: 46
2a05:b100:1028::/46 maxlen: 46
2a05:b100:102c::/46 maxlen: 46
2a05:b100:1030::/46 maxlen: 46
2a05:b100:1034::/46 maxlen: 46
2a05:b100:1038::/46 maxlen: 46
2a05:b100:103c::/46 maxlen: 46
2a05:b100:1200::/41 maxlen: 41
2a05:b100:1280::/41 maxlen: 41
2a05:b100:1300::/41 maxlen: 41
2a05:b100:1380::/41 maxlen: 41
2a05:b100:1400::/41 maxlen: 41
2a05:b100:1480::/41 maxlen: 41
2a05:b100:1500::/41 maxlen: 41
2a05:b100:1580::/41 maxlen: 41
2a05:b100:1600::/41 maxlen: 41
2a05:b100:1680::/41 maxlen: 41
2a05:b100:1700::/41 maxlen: 41
2a05:b100:1780::/41 maxlen: 41
2a05:b100:1800::/39 maxlen: 39
2a05:b100:1800::/41 maxlen: 41
2a05:b100:1880::/41 maxlen: 41
2a05:b100:1900::/41 maxlen: 41
2a05:b100:1980::/41 maxlen: 41
2a05:b100:1a00::/39 maxlen: 39
2a05:b100:1a00::/46 maxlen: 46
2a05:b100:1a04::/46 maxlen: 46
2a05:b100:1a08::/46 maxlen: 46
2a05:b100:1a0c::/46 maxlen: 46
2a05:b100:1a80::/41 maxlen: 41
2a05:b100:1b00::/41 maxlen: 41
2a05:b100:1b80::/41 maxlen: 41
2a05:b100:1c00::/39 maxlen: 39
2a05:b100:1c00::/41 maxlen: 41
2a05:b100:1e00::/39 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 03:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bd:18:30:28:14:b4:e2:58:87:30:80:4a:14:60:be:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Jan 31 16:01:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f896ca5600b6ce5af172454780856589c742a314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8d:ea:89:23:ad:3d:b8:cc:41:fd:6e:be:1b:
2a:6d:27:5b:cf:20:c6:f0:72:73:46:62:06:27:11:
df:76:f1:10:22:9a:be:37:c5:f3:04:c7:bc:8c:ef:
40:d9:22:ef:57:26:cd:e9:1d:02:c8:bc:59:06:dd:
1b:11:3d:a6:fd:05:68:13:6b:58:16:b0:f2:92:01:
33:bf:38:37:b4:1d:6d:a8:a2:c7:39:d2:47:71:b6:
31:06:f1:15:85:13:3d:1d:4b:43:63:b6:ce:a5:84:
d6:4d:89:a8:7c:0c:7a:51:1b:08:15:3a:0a:f6:89:
34:57:d0:f4:c2:00:82:5b:e3:b6:d7:55:ee:fc:3a:
f6:2c:89:29:13:0a:c7:24:3a:f1:ea:09:47:e8:42:
03:ce:b8:a3:b4:91:93:a5:2f:eb:10:91:3d:3f:8e:
bc:d5:14:6c:cf:c5:2a:34:02:66:83:91:f3:64:36:
60:95:23:f4:d3:54:9b:e0:6f:25:7f:99:07:00:4b:
d5:b0:a9:71:00:7f:13:e1:6b:78:0c:bf:10:85:b8:
6e:55:c6:de:06:0d:ef:bf:2e:1c:7a:ff:7d:a8:9a:
ed:79:ed:77:6a:47:b6:4d:3e:5c:71:9b:0f:f3:63:
fc:c7:2f:ec:12:79:a5:12:cd:8a:00:84:85:95:35:
e9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:96:CA:56:00:B6:CE:5A:F1:72:45:47:80:85:65:89:C7:42:A3:14
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/1-JbKVgC2zlrxckVHgIVlicdCoxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
26:84:e3:2c:26:05:77:19:32:8d:77:37:e4:88:07:09:9d:f9:
aa:cf:80:80:bf:41:f3:7e:10:b5:10:d1:6c:fc:7b:ae:9d:52:
3a:b0:34:0a:4d:05:c1:c4:47:4a:65:c2:e4:c1:ea:e6:99:6c:
43:c8:a4:3c:91:84:b3:65:43:3a:51:88:ab:c4:3d:59:4e:cb:
9e:fc:25:9b:38:a4:ea:03:84:bd:84:04:57:6e:9e:3e:7a:16:
ae:76:77:7f:f8:6d:cb:3f:ba:8d:62:79:f0:33:86:14:01:64:
60:42:bf:be:06:6d:06:37:df:11:29:0a:81:74:c9:4b:e9:91:
e9:18:b3:61:31:4a:d4:98:9a:e0:c6:9b:57:0a:19:83:4d:d7:
27:15:36:22:bb:68:54:5c:b4:e4:f1:1c:53:41:a9:52:33:11:
9b:56:a9:bb:4b:3b:e2:28:18:1f:6a:fc:7e:44:4f:00:05:ca:
5c:d3:12:8a:7c:58:73:51:0c:4b:af:01:57:99:0a:7b:45:2e:
73:85:b7:a5:8e:61:a5:da:93:87:aa:bd:d0:32:9c:d4:22:33:
05:29:e1:80:6c:fe:3c:95:52:0b:76:ff:d3:61:00:49:08:51:
25:d7:8e:52:e7:17:ed:e9:7f:82:ef:e1:24:5d:26:3d:6a:d5:
00:fa:4a:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZS9GDAoFLTiWIcwgEoUYL7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjUwMTMxMTYwMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODk2Y2E1NjAwYjZjZTVhZjE3MjQ1NDc4MDg1NjU4OWM3NDJhMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio3qiSOtPbjMQf1uvhsqbSdbzyDG
8HJzRmIGJxHfdvEQIpq+N8XzBMe8jO9A2SLvVybN6R0CyLxZBt0bET2m/QVoE2tY
FrDykgEzvzg3tB1tqKLHOdJHcbYxBvEVhRM9HUtDY7bOpYTWTYmofAx6URsIFToK
9ok0V9D0wgCCW+O211Xu/Dr2LIkpEwrHJDrx6glH6EIDzrijtJGTpS/rEJE9P468
1RRsz8UqNAJmg5HzZDZglSP001Sb4G8lf5kHAEvVsKlxAH8T4Wt4DL8QhbhuVcbe
Bg3vvy4cev99qJrtee13ake2TT5ccZsP82P8xy/sEnmlEs2KAISFlTXpQQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPiWylYAts5a8XJFR4CFZYnHQqMUMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvMS1KYktWZ0MyemxyeGNrVkhnSVZsaWNkQ294US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGJlMjIyLTY0ODItNGRiOS05YTVmLTc1MmU5YjhiMDc1
Ni8xL2NQN2hkdlVjNlAyQlFrXzNPbFFYTkJKNXdQRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoFsQAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAmhOMsJgV3GTKNdzfkiAcJnfmqz4CAv0HzfhC1
ENFs/HuunVI6sDQKTQXBxEdKZcLkwermmWxDyKQ8kYSzZUM6UYirxD1ZTsue/CWb
OKTqA4S9hARXbp4+ehaudnd/+G3LP7qNYnnwM4YUAWRgQr++Bm0GN98RKQqBdMlL
6ZHpGLNhMUrUmJrgxptXChmDTdcnFTYiu2hUXLTk8RxTQalSMxGbVqm7SzviKBgf
avx+RE8ABcpc0xKKfFhzUQxLrwFXmQp7RS5zhbeljmGl2pOHqr3QMpzUIjMFKeGA
bP48lVILdv/TYQBJCFEl145S5xft6X+C7+EkXSY9atUA+krT
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:24:58 2025 by rpki-client