Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/USrb6A1spC_n3yxJI4sbBWXgWuM.roa
File: USrb6A1spC_n3yxJI4sbBWXgWuM.roa (raw, json)
Hash identifier: QZwiLoC9vbrDB1LbitIzXIUCxbCNBaThRiLTWLsRnRk=
Subject key identifier: 51:2A:DB:E8:0D:6C:A4:2F:E7:DF:2C:49:23:8B:1B:05:65:E0:5A:E3
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019426D98E241AA0D9C164B1037C8C2C6523
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/USrb6A1spC_n3yxJI4sbBWXgWuM.roa
Signing time: Thu 02 Jan 2025 11:49:39 +0000
ROA not before: Thu 02 Jan 2025 11:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214855
IP address blocks: 2a03:5840:119::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:8e:24:1a:a0:d9:c1:64:b1:03:7c:8c:2c:65:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 11:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=512adbe80d6ca42fe7df2c49238b1b0565e05ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:28:cc:0b:85:58:b9:84:d7:89:b8:8d:82:56:
75:2c:7c:35:f2:d1:9f:6f:07:b9:bf:e8:13:da:3c:
1b:47:24:7c:d2:a8:68:f2:70:ea:48:99:c3:44:32:
71:6b:3c:24:75:37:cf:75:37:67:12:33:9a:c8:d7:
70:ff:0e:43:b0:5e:5a:aa:89:b7:b6:ea:21:53:02:
23:8b:11:e5:69:05:14:58:29:98:93:00:75:56:69:
1b:7c:11:69:d7:d0:07:2a:3f:ba:62:cb:3d:73:2d:
25:e7:ed:19:31:09:ce:63:f3:58:c9:6b:34:c3:c5:
15:42:d5:29:6c:7a:70:a5:8d:3a:6f:eb:26:f3:56:
62:ef:dc:2b:c1:75:2f:22:ba:c0:dc:d3:9a:c7:55:
7a:93:66:1f:1d:7e:5e:10:85:40:58:95:c0:9e:db:
bb:a6:d4:c8:54:89:51:96:d5:0e:ef:de:dd:31:7b:
b0:66:98:ff:dc:00:c0:70:45:63:d3:88:8b:6e:25:
ce:aa:70:dc:6e:b3:d8:64:b0:8d:1b:37:0f:ad:05:
c7:64:40:c2:fc:c1:4a:85:8e:9b:eb:0d:34:db:6f:
6a:9e:03:eb:eb:6a:51:c5:2c:87:2a:60:3e:d1:5a:
5a:bf:f5:2c:23:2e:78:ab:54:18:5c:cf:b3:0a:4a:
90:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2A:DB:E8:0D:6C:A4:2F:E7:DF:2C:49:23:8B:1B:05:65:E0:5A:E3
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/USrb6A1spC_n3yxJI4sbBWXgWuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:119::/48
Signature Algorithm: sha256WithRSAEncryption
70:4e:9e:4b:b4:ec:64:c8:f1:65:93:64:f7:52:0d:d9:41:5d:
9a:2d:81:fd:95:61:03:43:bb:89:e2:33:09:79:35:0d:4b:16:
42:89:19:1a:55:ef:7e:cf:fd:68:85:69:63:1f:62:23:16:7b:
20:73:6d:5c:5f:71:93:cb:58:04:cf:de:41:13:96:36:c9:d9:
f7:c5:f3:f2:e6:bc:10:51:1e:d7:8b:07:8e:d0:fc:2b:04:05:
42:f1:01:e8:ce:e7:ec:2f:99:d6:5f:09:68:a9:b6:89:8b:66:
f6:3b:57:e6:95:86:c2:f4:56:b2:e9:5b:2b:07:20:24:df:ce:
a3:0b:a6:4c:8d:92:3f:d9:0b:1c:41:8a:83:8f:46:b9:42:e2:
5a:ed:8e:a3:fa:b0:ea:b7:97:9b:7f:a3:47:2b:a0:1b:64:83:
6f:7d:32:8a:21:74:ef:37:38:d8:6c:66:b2:05:a0:94:3c:b0:
f5:18:d0:42:48:34:34:b4:05:e5:8e:88:27:f7:ef:82:f3:b9:
9c:02:78:96:c3:ff:19:ae:8a:21:d5:72:31:de:f6:d4:a3:40:
bb:d6:fc:1b:0d:aa:e7:74:36:b3:48:90:11:8c:76:7f:28:6a:
ed:3d:32:83:fa:89:25:56:6c:41:31:fe:06:85:6b:ce:06:ef:
ea:74:9b:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2Y4kGqDZwWSxA3yMLGUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMTAyMTE0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJhZGJlODBkNmNhNDJmZTdkZjJjNDkyMzhiMWIwNTY1ZTA1YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCjMC4VYuYTXibiNglZ1LHw18tGf
bwe5v+gT2jwbRyR80qho8nDqSJnDRDJxazwkdTfPdTdnEjOayNdw/w5DsF5aqom3
tuohUwIjixHlaQUUWCmYkwB1VmkbfBFp19AHKj+6Yss9cy0l5+0ZMQnOY/NYyWs0
w8UVQtUpbHpwpY06b+sm81Zi79wrwXUvIrrA3NOax1V6k2YfHX5eEIVAWJXAntu7
ptTIVIlRltUO797dMXuwZpj/3ADAcEVj04iLbiXOqnDcbrPYZLCNGzcPrQXHZEDC
/MFKhY6b6w00229qngPr62pRxSyHKmA+0Vpav/UsIy54q1QYXM+zCkqQ8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFEq2+gNbKQv598sSSOLGwVl4FrjMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvVVNyYjZBMXNwQ19uM3l4Skk0c2JCV1hnV3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAEZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBwTp5LtOxkyPFlk2T3Ug3ZQV2aLYH9lWEDQ7uJ
4jMJeTUNSxZCiRkaVe9+z/1ohWljH2IjFnsgc21cX3GTy1gEz95BE5Y2ydn3xfPy
5rwQUR7XiweO0PwrBAVC8QHozufsL5nWXwloqbaJi2b2O1fmlYbC9Fay6VsrByAk
386jC6ZMjZI/2QscQYqDj0a5QuJa7Y6j+rDqt5ebf6NHK6AbZINvfTKKIXTvNzjY
bGayBaCUPLD1GNBCSDQ0tAXljogn9++C87mcAniWw/8Zrooh1XIx3vbUo0C71vwb
DarndDazSJARjHZ/KGrtPTKD+oklVmxBMf4GhWvOBu/qdJu/
-----END CERTIFICATE-----
Generated at Tue Apr 15 16:26:34 2025 by rpki-client