Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/LRy1Su2fWLwjRlXSpxKiN2HsmOE.roa
File: LRy1Su2fWLwjRlXSpxKiN2HsmOE.roa (raw, json)
Hash identifier: VbIoxvhdv4Kz4zlYMs8a+1GTnDDa2PQSnpokMmTeNJI=
Subject key identifier: 2D:1C:B5:4A:ED:9F:58:BC:23:46:55:D2:A7:12:A2:37:61:EC:98:E1
Certificate issuer: /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial: 0194228E3B20A4CFAD7386142A62C5F01EDA
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/LRy1Su2fWLwjRlXSpxKiN2HsmOE.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204033
IP address blocks: 2a13:3d00:abc::/48 maxlen: 48
2a13:3d00:fff0::/48 maxlen: 48
2a13:3d00:fff1::/48 maxlen: 48
2a13:3d00:fff2::/48 maxlen: 48
2a13:3d00:fff3::/48 maxlen: 48
2a13:3d00:fff4::/48 maxlen: 48
2a13:3d00:fff5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3b:20:a4:cf:ad:73:86:14:2a:62:c5:f0:1e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d1cb54aed9f58bc234655d2a712a23761ec98e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:3c:fd:8a:d4:72:26:b7:8a:4a:6e:53:06:
a9:22:08:ad:76:5d:e7:2e:f4:c7:62:ed:e8:8f:f3:
5b:3d:ba:13:63:fe:12:38:9f:1a:6c:67:5a:c5:8b:
c5:69:40:43:30:e2:3f:dc:ed:a2:c4:71:fe:34:e9:
ae:5d:20:18:e7:4b:91:2d:b4:b2:81:eb:00:1b:48:
60:a3:46:d7:69:94:3e:ff:eb:7c:14:2b:03:aa:92:
95:34:f5:6d:b7:2d:c3:2d:37:df:7f:6c:34:72:9c:
47:44:5f:70:82:63:18:78:f8:df:84:f6:0c:5b:2e:
43:48:ed:a9:4d:64:1d:53:db:eb:67:d2:c2:ac:cd:
51:ec:09:95:d0:6c:0c:67:65:f1:7b:9f:c3:b8:19:
60:11:cb:12:5a:c7:a7:93:a0:eb:0a:49:57:f2:6d:
8e:46:d7:61:c1:63:0a:a4:d2:47:ee:55:e0:86:01:
fb:b8:b1:f5:1a:41:4d:35:a3:17:10:5a:60:37:e6:
52:f3:10:61:10:d7:a2:2e:c2:0c:7b:9b:da:25:7a:
fa:a3:7c:25:0c:24:45:24:ac:e3:69:74:b9:6a:7b:
1f:07:34:8d:8a:f3:a9:69:51:ac:38:47:2a:cb:89:
7a:92:37:62:d9:b8:d1:4e:7e:c0:0e:63:4b:b9:dc:
c8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:1C:B5:4A:ED:9F:58:BC:23:46:55:D2:A7:12:A2:37:61:EC:98:E1
X509v3 Authority Key Identifier:
keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/LRy1Su2fWLwjRlXSpxKiN2HsmOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3d00:abc::/48
2a13:3d00:fff0::-2a13:3d00:fff5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:9c:06:ce:7e:1f:3f:7d:62:60:94:06:8b:83:b9:8c:35:67:
d4:1a:cc:ea:c3:0e:bb:38:2c:eb:5d:08:c9:00:be:73:1a:9c:
2a:30:4d:c4:e8:04:6c:ec:07:6d:96:30:d5:a9:55:4f:30:c2:
24:63:ab:fb:85:2f:9c:77:01:c5:33:10:26:50:d2:03:29:b3:
be:22:96:5a:b4:a2:61:ac:68:86:1a:7b:e6:15:cc:e6:9d:bf:
80:0e:3e:eb:4d:b4:5e:1a:24:ac:53:96:21:27:5b:a4:2f:1a:
51:f1:84:da:9a:22:1a:fc:40:df:8c:16:da:f7:46:ec:07:f8:
ee:9b:ad:17:2e:72:4f:d1:4f:a0:34:e7:4c:50:23:2f:0f:55:
cf:d1:84:99:f3:40:3b:bc:72:c4:e3:3d:29:1f:4c:9f:03:02:
b0:28:d8:b5:9c:92:3b:3e:c0:93:9a:f0:fb:de:4c:4c:20:ab:
73:35:1d:a7:52:70:aa:4e:70:10:c2:30:73:94:b9:4c:b7:97:
37:93:81:6b:b5:a9:74:1a:eb:d9:30:7f:06:3e:3d:2c:be:62:
45:05:fb:28:20:0c:9d:29:26:9c:fc:2c:cd:4c:20:57:09:f8:
8a:60:ec:a0:81:43:62:fd:fb:84:0f:eb:d9:e0:3b:59:58:d4:
79:d5:81:67
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQijjsgpM+tc4YUKmLF8B7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDFjYjU0YWVkOWY1OGJjMjM0NjU1ZDJhNzEyYTIzNzYxZWM5OGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOk8/YrUcia3ikpuUwapIgitdl3n
LvTHYu3oj/NbPboTY/4SOJ8abGdaxYvFaUBDMOI/3O2ixHH+NOmuXSAY50uRLbSy
gesAG0hgo0bXaZQ+/+t8FCsDqpKVNPVtty3DLTfff2w0cpxHRF9wgmMYePjfhPYM
Wy5DSO2pTWQdU9vrZ9LCrM1R7AmV0GwMZ2Xxe5/DuBlgEcsSWsenk6DrCklX8m2O
RtdhwWMKpNJH7lXghgH7uLH1GkFNNaMXEFpgN+ZS8xBhENeiLsIMe5vaJXr6o3wl
DCRFJKzjaXS5ansfBzSNivOpaVGsOEcqy4l6kjdi2bjRTn7ADmNLudzInQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC0ctUrtn1i8I0ZV0qcSojdh7JjhMB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEvTFJ5MVN1MmZXTHdqUmxYU3B4S2lOMkhzbU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKhM9AAq8
MBIDBwQqEz0A//ADBwEqEz0A//QwDQYJKoZIhvcNAQELBQADggEBAAecBs5+Hz99
YmCUBouDuYw1Z9QazOrDDrs4LOtdCMkAvnManCowTcToBGzsB22WMNWpVU8wwiRj
q/uFL5x3AcUzECZQ0gMps74illq0omGsaIYae+YVzOadv4AOPutNtF4aJKxTliEn
W6QvGlHxhNqaIhr8QN+MFtr3RuwH+O6brRcuck/RT6A050xQIy8PVc/RhJnzQDu8
csTjPSkfTJ8DArAo2LWckjs+wJOa8PveTEwgq3M1HadScKpOcBDCMHOUuUy3lzeT
gWu1qXQa69kwfwY+PSy+YkUF+yggDJ0pJpz8LM1MIFcJ+Ipg7KCBQ2L9+4QP69ng
O1lY1HnVgWc=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:58:12 2025 by rpki-client