Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/0i27NjvnFtlwbFJL8brWgH_dw8U.roa
File: 0i27NjvnFtlwbFJL8brWgH_dw8U.roa (raw, json)
Hash identifier: YML80PmXT345DJiCwX4apNsJ7UtnB8nEMX5Dpv2Ctsw=
Subject key identifier: D2:2D:BB:36:3B:E7:16:D9:70:6C:52:4B:F1:BA:D6:80:7F:DD:C3:C5
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 019421B251C3D0DC2FCB2D13C230DEF68464
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/0i27NjvnFtlwbFJL8brWgH_dw8U.roa
Signing time: Wed 01 Jan 2025 11:48:41 +0000
ROA not before: Wed 01 Jan 2025 11:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57045
IP address blocks: 2a0e:1106:1000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 07:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:51:c3:d0:dc:2f:cb:2d:13:c2:30:de:f6:84:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 11:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d22dbb363be716d9706c524bf1bad6807fddc3c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:59:2c:63:9a:23:a3:a1:9b:3a:9f:6d:41:28:
62:d6:e2:23:5f:73:77:68:cf:a3:36:e9:30:dd:8e:
30:19:24:ac:f3:dc:14:fc:9a:56:51:94:7a:3e:04:
eb:3e:74:f2:f8:6f:6f:2d:d1:16:73:d7:51:78:3d:
05:f5:4a:f4:a7:97:2d:08:c2:c8:ce:af:40:c4:35:
3d:ae:1d:fa:47:83:d6:b5:5a:87:dc:66:06:23:e1:
bf:99:89:ab:22:33:ca:e1:59:09:dd:2f:4d:33:4b:
e0:52:4c:18:dc:b6:ed:f1:cd:ed:3c:e7:76:d2:a1:
dd:54:23:01:23:9e:c8:18:70:0b:79:ab:71:8b:ba:
f8:47:c1:fb:76:54:45:3c:d6:ea:eb:9f:b0:38:04:
70:90:b5:70:78:23:d9:3b:56:a7:64:80:df:09:97:
3c:ac:d5:59:6a:c4:1c:63:bf:b8:29:e6:47:27:04:
51:df:b1:68:e3:cf:3c:2e:ea:f8:55:dc:4e:c4:8e:
f8:4a:09:31:21:4e:80:9e:fc:40:5f:23:24:f7:d1:
f6:2c:b1:8f:75:f2:f3:3f:7b:cc:91:40:47:a4:d8:
94:3c:cf:ed:60:4b:bc:ed:9b:97:6e:9a:84:10:5b:
a2:d9:55:b6:93:8b:e4:9c:38:d5:2d:39:fa:f6:b0:
2b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2D:BB:36:3B:E7:16:D9:70:6C:52:4B:F1:BA:D6:80:7F:DD:C3:C5
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/0i27NjvnFtlwbFJL8brWgH_dw8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1106:1000::/40
Signature Algorithm: sha256WithRSAEncryption
0b:41:e4:86:48:b1:45:71:5f:8b:a7:71:b2:7e:cd:26:f7:f3:
d7:b1:0d:c6:e0:bf:e6:8b:e2:08:f8:b6:be:50:48:9b:44:a0:
c2:b1:6a:63:c9:fa:2e:fd:2b:be:ee:06:0d:9d:f9:f6:7c:bf:
b8:49:92:8e:b8:85:42:29:6c:d5:1d:de:f8:da:db:94:5a:30:
6f:06:33:50:35:1e:d4:82:5a:e3:81:42:51:43:b4:17:07:b9:
48:1f:5e:3d:a2:99:49:f5:6d:d4:5c:22:3e:8a:f7:15:e5:a3:
57:08:f9:69:24:22:31:5f:1c:7b:c9:6f:8e:5b:5d:ab:ed:ac:
7c:1d:47:fc:8e:78:d7:17:06:85:3c:fa:a0:e3:83:d4:e8:00:
ae:08:e7:a1:35:6f:f0:e0:17:92:ed:b8:ab:90:7d:7d:a4:fd:
42:b1:0a:46:14:3c:50:ec:e8:e3:ff:54:ef:b0:d6:5a:fb:ae:
ce:a7:1a:0e:cf:c9:a9:41:9b:43:9a:28:3b:26:50:8b:18:6f:
b6:d4:ca:7b:4b:dc:f5:a4:0f:98:b3:02:d0:6b:63:43:6b:86:
2f:38:fd:7c:0c:30:ff:11:0b:81:c5:b6:cb:98:20:19:d5:4c:
66:df:d0:1d:73:d8:08:09:0f:cc:8f:6b:82:88:93:10:d6:65:
40:a0:b2:34
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQhslHD0Nwvyy0TwjDe9oRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjUwMTAxMTE0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJkYmIzNjNiZTcxNmQ5NzA2YzUyNGJmMWJhZDY4MDdmZGRjM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFksY5ojo6GbOp9tQShi1uIjX3N3
aM+jNukw3Y4wGSSs89wU/JpWUZR6PgTrPnTy+G9vLdEWc9dReD0F9Ur0p5ctCMLI
zq9AxDU9rh36R4PWtVqH3GYGI+G/mYmrIjPK4VkJ3S9NM0vgUkwY3Lbt8c3tPOd2
0qHdVCMBI57IGHALeatxi7r4R8H7dlRFPNbq65+wOARwkLVweCPZO1anZIDfCZc8
rNVZasQcY7+4KeZHJwRR37Fo4888Lur4VdxOxI74SgkxIU6AnvxAXyMk99H2LLGP
dfLzP3vMkUBHpNiUPM/tYEu87ZuXbpqEEFui2VW2k4vknDjVLTn69rArawIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNItuzY75xbZcGxSS/G61oB/3cPFMB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvMGkyN05qdm5GdGx3YkZKTDhicldnSF9kdzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg4RBhAw
DQYJKoZIhvcNAQELBQADggEBAAtB5IZIsUVxX4uncbJ+zSb389exDcbgv+aL4gj4
tr5QSJtEoMKxamPJ+i79K77uBg2d+fZ8v7hJko64hUIpbNUd3vja25RaMG8GM1A1
HtSCWuOBQlFDtBcHuUgfXj2imUn1bdRcIj6K9xXlo1cI+WkkIjFfHHvJb45bXavt
rHwdR/yOeNcXBoU8+qDjg9ToAK4I56E1b/DgF5LtuKuQfX2k/UKxCkYUPFDs6OP/
VO+w1lr7rs6nGg7PyalBm0OaKDsmUIsYb7bUyntL3PWkD5izAtBrY0Nrhi84/XwM
MP8RC4HFtsuYIBnVTGbf0B1z2AgJD8yPa4KIkxDWZUCgsjQ=
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:17:03 2025 by rpki-client