Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/0aPhXVyce0SICbpq9bOaehiO5Pw.roa
File: 0aPhXVyce0SICbpq9bOaehiO5Pw.roa (raw, json)
Hash identifier: QZjecyF8WoZMTAQ+88px6Agq67hFp09iHfOWPO4elas=
Subject key identifier: D1:A3:E1:5D:5C:9C:7B:44:88:09:BA:6A:F5:B3:9A:7A:18:8E:E4:FC
Certificate issuer: /CN=8a28ff310da7df8309cfab4dcf9a235842b60872
Certificate serial: 0196F87F4E264C6B41E95B69E7310F5EDA87
Authority key identifier: 8A:28:FF:31:0D:A7:DF:83:09:CF:AB:4D:CF:9A:23:58:42:B6:08:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/0aPhXVyce0SICbpq9bOaehiO5Pw.roa
Signing time: Thu 22 May 2025 14:56:54 +0000
ROA not before: Thu 22 May 2025 14:56:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208085
IP address blocks: 2a06:b700:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:7f:4e:26:4c:6b:41:e9:5b:69:e7:31:0f:5e:da:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a28ff310da7df8309cfab4dcf9a235842b60872
Validity
Not Before: May 22 14:56:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1a3e15d5c9c7b448809ba6af5b39a7a188ee4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:20:10:b9:98:27:28:1d:a8:7e:b0:80:e0:95:
e5:12:d9:f1:b5:89:91:2c:63:57:a8:74:66:14:e8:
79:44:10:c4:93:58:3a:73:7f:5a:d5:0f:97:6c:b0:
be:97:2a:bc:be:e6:86:c5:3e:bf:0f:ee:5a:e5:59:
17:5b:1c:21:1f:9f:0e:84:4d:8b:91:53:8f:c1:4f:
4e:84:2a:d4:83:f9:03:1a:43:b7:d4:fe:d6:66:41:
0d:c8:0a:18:28:6a:66:d3:e5:a6:4c:d1:d1:24:8f:
e4:1f:a2:a0:1c:42:1b:0d:5c:bb:30:ba:fe:c6:d6:
29:3c:d3:ec:51:74:ec:83:a0:cb:40:bb:08:35:8d:
bd:6c:5a:29:3d:d7:16:84:1a:e0:0b:b4:bb:21:c4:
48:f4:a1:a1:49:82:b2:ec:99:5f:1e:eb:8d:c9:e3:
8b:2f:22:92:c3:a5:f7:c6:e7:39:39:54:7c:28:17:
3c:3a:71:a7:a8:f1:54:30:6a:ae:49:ff:ef:41:5e:
a3:5b:7d:88:7b:37:5a:3d:42:8b:1e:e7:8f:af:f6:
65:4b:be:18:c5:6b:7b:93:2a:b5:fc:78:d0:d1:57:
0f:74:b9:7b:c1:bb:92:d4:0c:fa:58:51:8b:86:ba:
af:a1:95:fd:dd:81:8f:75:60:9c:1d:6e:15:5a:da:
96:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A3:E1:5D:5C:9C:7B:44:88:09:BA:6A:F5:B3:9A:7A:18:8E:E4:FC
X509v3 Authority Key Identifier:
keyid:8A:28:FF:31:0D:A7:DF:83:09:CF:AB:4D:CF:9A:23:58:42:B6:08:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/0aPhXVyce0SICbpq9bOaehiO5Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b700:1002::/48
Signature Algorithm: sha256WithRSAEncryption
80:f6:23:9d:0c:39:78:ae:ba:5c:93:20:d5:b3:b0:4f:46:7d:
8e:d6:f0:e7:b1:4e:04:dd:14:76:60:cc:bb:09:89:69:9a:7a:
ba:2f:e1:74:48:e7:32:56:7d:09:9b:fc:be:bd:16:75:a9:62:
ea:f9:2b:26:db:ef:ee:9e:8f:4f:3a:7f:b0:81:84:cb:2f:2a:
c6:c4:bc:8c:57:a9:50:f3:14:72:51:1f:20:75:b4:18:c8:23:
9b:3c:35:c6:04:07:2a:78:f7:ec:41:26:cb:39:43:19:92:63:
92:87:63:27:d7:56:d7:36:1d:e0:49:5a:8b:99:b1:fe:fe:48:
0d:e2:63:a6:fa:b6:83:1c:4f:eb:bd:8e:be:55:15:e2:65:17:
33:5d:50:d1:de:c0:ae:16:70:55:14:ba:4e:f1:57:63:d8:c5:
a4:0f:b0:7f:5f:86:9b:47:f6:de:7a:9d:ff:9d:ef:ae:75:6d:
90:68:e5:c3:e6:6c:4d:fd:df:0b:d8:be:6c:2a:b6:b5:14:f6:
ab:eb:2e:0d:30:89:b2:e4:cc:0e:9d:0c:2b:41:ba:f3:e6:ae:
e6:80:b3:31:1e:03:5e:f9:14:0a:7b:da:a5:d0:80:3b:13:4e:
ef:ae:87:bb:90:a8:7e:b0:d7:9f:2e:5a:98:53:53:1b:8a:0e:
1d:28:96:1d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZb4f04mTGtB6Vtp5zEPXtqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMjhmZjMxMGRhN2RmODMwOWNmYWI0ZGNmOWEyMzU4NDJi
NjA4NzIwHhcNMjUwNTIyMTQ1NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWEzZTE1ZDVjOWM3YjQ0ODgwOWJhNmFmNWIzOWE3YTE4OGVlNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiAQuZgnKB2ofrCA4JXlEtnxtYmR
LGNXqHRmFOh5RBDEk1g6c39a1Q+XbLC+lyq8vuaGxT6/D+5a5VkXWxwhH58OhE2L
kVOPwU9OhCrUg/kDGkO31P7WZkENyAoYKGpm0+WmTNHRJI/kH6KgHEIbDVy7MLr+
xtYpPNPsUXTsg6DLQLsINY29bFopPdcWhBrgC7S7IcRI9KGhSYKy7JlfHuuNyeOL
LyKSw6X3xuc5OVR8KBc8OnGnqPFUMGquSf/vQV6jW32IezdaPUKLHuePr/ZlS74Y
xWt7kyq1/HjQ0VcPdLl7wbuS1Az6WFGLhrqvoZX93YGPdWCcHW4VWtqWZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNGj4V1cnHtEiAm6avWzmnoYjuT8MB8GA1UdIwQY
MBaAFIoo/zENp9+DCc+rTc+aI1hCtghyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWlqX01RMm4zNE1KejZ0Tno1b2pXRUsyQ0hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hNWQyODYtODY3MC00N2U0LTk3YjQt
MjRjZjhhNjFkN2U4LzEvMGFQaFhWeWNlMFNJQ2JwcTliT2FlaGlPNVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hNWQyODYtODY3MC00N2U0LTk3YjQtMjRjZjhhNjFkN2U4
LzEvaWlqX01RMm4zNE1KejZ0Tno1b2pXRUsyQ0hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKga3ABAC
MA0GCSqGSIb3DQEBCwUAA4IBAQCA9iOdDDl4rrpckyDVs7BPRn2O1vDnsU4E3RR2
YMy7CYlpmnq6L+F0SOcyVn0Jm/y+vRZ1qWLq+Ssm2+/uno9POn+wgYTLLyrGxLyM
V6lQ8xRyUR8gdbQYyCObPDXGBAcqePfsQSbLOUMZkmOSh2Mn11bXNh3gSVqLmbH+
/kgN4mOm+raDHE/rvY6+VRXiZRczXVDR3sCuFnBVFLpO8Vdj2MWkD7B/X4abR/be
ep3/ne+udW2QaOXD5mxN/d8L2L5sKra1FPar6y4NMImy5MwOnQwrQbrz5q7mgLMx
HgNe+RQKe9ql0IA7E07vroe7kKh+sNefLlqYU1Mbig4dKJYd
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:48:03 2025 by rpki-client