Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/sKYNr92MA6GBERPJJdfo5OeGv_g.roa
File: sKYNr92MA6GBERPJJdfo5OeGv_g.roa (raw, json)
Hash identifier: ox5PTayJ8YSH5tqP4lgMQfeWU+4gaAdlJcEYmx5MByU=
Subject key identifier: B0:A6:0D:AF:DD:8C:03:A1:81:11:13:C9:25:D7:E8:E4:E7:86:BF:F8
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019426D98A7E8A2D8AD1835ADD37A477B1A5
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/sKYNr92MA6GBERPJJdfo5OeGv_g.roa
Signing time: Thu 02 Jan 2025 11:49:38 +0000
ROA not before: Thu 02 Jan 2025 11:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214329
IP address blocks: 2a03:5840:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 16:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:8a:7e:8a:2d:8a:d1:83:5a:dd:37:a4:77:b1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 11:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0a60dafdd8c03a1811113c925d7e8e4e786bff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6b:5b:73:c3:70:3d:40:fc:02:1e:37:c6:f3:
57:21:86:6d:2a:44:31:27:69:61:20:73:35:23:72:
34:4e:d0:97:0b:e5:e2:6d:d5:4a:09:ef:75:05:f2:
e8:25:2e:83:cc:94:5f:9f:e5:57:d5:e8:88:8c:ee:
99:10:6b:3d:76:cd:59:60:ba:4e:f6:48:89:2a:1b:
57:f7:22:04:89:d0:ba:2d:62:b6:a9:d3:da:5e:51:
6d:47:e1:53:a5:02:7f:bd:44:e6:0c:36:c7:6f:91:
be:67:ff:ae:cf:7c:d0:af:fb:f5:0d:72:1c:4b:2b:
b5:51:f4:00:29:93:2c:11:e3:b4:26:21:9c:73:be:
48:fb:5e:f3:26:bb:d7:78:6d:75:2d:9b:96:6e:ac:
72:9e:f4:cf:9b:42:3b:22:70:d1:e1:9a:a7:18:13:
0b:a4:ff:06:6d:0f:f7:6b:67:2e:e7:9c:28:9a:e3:
7a:90:e4:eb:a9:2f:e7:2a:49:f3:71:1d:cc:06:2d:
0e:3d:1f:43:db:fe:62:3d:49:7a:77:9e:c8:d5:34:
ae:1e:43:8d:51:ce:9e:c6:a9:44:7a:6f:a9:e9:83:
35:1b:3b:e0:6b:ac:39:e2:08:10:59:3c:86:4d:bf:
17:6c:ed:0b:af:09:3d:d1:51:5d:e1:d8:a3:e6:4e:
b6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A6:0D:AF:DD:8C:03:A1:81:11:13:C9:25:D7:E8:E4:E7:86:BF:F8
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/sKYNr92MA6GBERPJJdfo5OeGv_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:120::/48
Signature Algorithm: sha256WithRSAEncryption
58:e8:31:6d:7a:f8:c3:f9:26:17:b9:a8:92:11:91:e6:db:2e:
db:1d:ce:c7:d9:4b:0a:dc:bc:c6:f6:58:60:b4:59:cb:ff:38:
b9:a3:78:1d:fb:e0:fa:48:b1:6c:75:8c:76:48:7c:c0:85:02:
da:21:04:01:02:c0:9f:cb:a2:c5:aa:35:62:26:1d:e2:d7:8b:
92:4c:e5:4e:e2:0b:b0:f5:23:73:39:1c:69:ca:34:00:1c:82:
45:f3:80:ac:7b:62:3e:27:49:40:7f:97:23:96:17:3f:25:e2:
3f:f5:4b:c9:90:d8:65:d9:30:cd:aa:54:bf:01:8d:a1:05:e9:
1e:97:b7:38:39:f6:eb:b2:df:a8:04:bf:8d:f0:20:13:5e:77:
27:c9:09:7d:af:32:26:04:91:05:26:af:b7:3a:3b:ea:c8:e1:
52:b5:85:eb:77:4b:dc:38:47:ce:2d:e2:03:3d:3c:79:85:4b:
bc:09:d5:2d:1b:e6:94:57:e4:2b:ad:84:ec:3c:57:21:18:cb:
e8:17:f8:87:36:78:4d:b9:c9:2e:18:8e:21:8c:b6:2c:cf:c0:
95:b6:d1:a5:86:8a:86:0d:ef:09:1a:25:f8:4a:33:82:c7:38:
e9:83:bd:50:ac:38:b1:46:99:36:12:b0:f3:43:20:7c:ca:73:
38:39:2c:09
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2Yp+ii2K0YNa3Tekd7GlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMTAyMTE0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE2MGRhZmRkOGMwM2ExODExMTEzYzkyNWQ3ZThlNGU3ODZiZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGtbc8NwPUD8Ah43xvNXIYZtKkQx
J2lhIHM1I3I0TtCXC+XibdVKCe91BfLoJS6DzJRfn+VX1eiIjO6ZEGs9ds1ZYLpO
9kiJKhtX9yIEidC6LWK2qdPaXlFtR+FTpQJ/vUTmDDbHb5G+Z/+uz3zQr/v1DXIc
Syu1UfQAKZMsEeO0JiGcc75I+17zJrvXeG11LZuWbqxynvTPm0I7InDR4ZqnGBML
pP8GbQ/3a2cu55womuN6kOTrqS/nKknzcR3MBi0OPR9D2/5iPUl6d57I1TSuHkON
Uc6exqlEem+p6YM1Gzvga6w54ggQWTyGTb8XbO0Lrwk90VFd4dij5k625wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLCmDa/djAOhgRETySXX6OTnhr/4MB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvc0tZTnI5Mk1BNkdCRVJQSkpkZm81T2VHdl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBY6DFtevjD+SYXuaiSEZHm2y7bHc7H2UsK3LzG
9lhgtFnL/zi5o3gd++D6SLFsdYx2SHzAhQLaIQQBAsCfy6LFqjViJh3i14uSTOVO
4guw9SNzORxpyjQAHIJF84Cse2I+J0lAf5cjlhc/JeI/9UvJkNhl2TDNqlS/AY2h
Bekel7c4Ofbrst+oBL+N8CATXncnyQl9rzImBJEFJq+3OjvqyOFStYXrd0vcOEfO
LeIDPTx5hUu8CdUtG+aUV+QrrYTsPFchGMvoF/iHNnhNuckuGI4hjLYsz8CVttGl
hoqGDe8JGiX4SjOCxzjpg71QrDixRpk2ErDzQyB8ynM4OSwJ
-----END CERTIFICATE-----
Generated at Sun Apr 13 19:50:10 2025 by rpki-client