Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ldAiBV7C6_VvVSuYap8O_1ve_1o.roa
File: ldAiBV7C6_VvVSuYap8O_1ve_1o.roa (raw, json)
Hash identifier: eoppIqRNCDfadfM06odugHFw9NSHySJWlWqS2z1wfKk=
Subject key identifier: 95:D0:22:05:5E:C2:EB:F5:6F:55:2B:98:6A:9F:0E:FF:5B:DE:FF:5A
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067E62265C2E43013D075532E07D1DF
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ldAiBV7C6_VvVSuYap8O_1ve_1o.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134478
IP address blocks: 2a12:3fc2:e700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e6:22:65:c2:e4:30:13:d0:75:53:2e:07:d1:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95d022055ec2ebf56f552b986a9f0eff5bdeff5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:64:4d:1c:bc:b5:8c:3b:91:2a:78:e7:13:be:
58:63:b5:2d:4d:ac:b9:84:98:45:31:fb:43:5d:5d:
99:39:2d:11:dc:63:7d:0f:53:05:35:79:16:29:4f:
d3:1a:e0:4f:2f:ac:1b:15:4d:f3:ab:9a:11:a3:98:
f1:cb:59:19:e9:fc:ad:ef:38:1d:54:77:2e:90:c5:
ac:34:53:09:2b:04:4d:0c:57:1c:83:4d:ee:30:1b:
11:d2:c6:72:6b:61:a2:e9:8b:83:3b:31:bb:3e:4e:
bb:28:87:39:a4:a5:fc:75:24:eb:52:5e:e1:9b:a6:
e3:5a:59:db:6d:6b:6e:38:c9:b1:fe:a6:32:37:37:
62:09:f6:44:46:b5:28:a1:cd:c4:e0:88:56:c3:69:
17:a2:02:41:71:e8:ca:f7:f1:e6:25:54:48:11:9d:
89:77:80:db:20:44:2c:57:fb:8a:a1:7f:51:c2:74:
f6:58:17:97:28:7c:f8:a0:c8:65:64:8b:0c:c9:32:
8e:9e:7f:19:17:21:bf:40:34:d3:37:f7:63:65:66:
1e:c3:6a:c8:e2:a2:1a:cf:c6:5a:bb:25:5c:ea:63:
10:0f:29:2f:f6:8a:1d:be:8f:ec:e8:72:ef:85:a3:
34:da:47:10:66:5f:cd:8b:d4:6b:bd:b6:dd:03:f7:
df:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D0:22:05:5E:C2:EB:F5:6F:55:2B:98:6A:9F:0E:FF:5B:DE:FF:5A
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/ldAiBV7C6_VvVSuYap8O_1ve_1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e700::/40
Signature Algorithm: sha256WithRSAEncryption
64:2d:26:b9:3e:1f:fd:d5:d1:17:ad:05:60:e5:b3:a9:8a:9b:
b2:5b:79:a5:af:10:07:ec:d2:b8:6c:55:80:ec:92:65:61:09:
f0:29:df:4d:a1:ac:f2:9d:63:09:4c:d4:0c:ae:d4:44:4c:2c:
42:da:22:6e:89:a7:ba:45:89:f6:b7:da:d8:c1:2e:01:7d:c4:
2f:69:e2:d7:31:e9:d5:12:dd:e3:f6:fa:a3:a9:f6:3d:5d:3b:
6e:59:06:e4:5e:f8:5a:91:1f:2c:f1:32:52:17:84:c9:57:31:
69:a5:a5:17:b8:05:2b:bb:c1:a0:6c:dd:52:01:c0:57:e6:e6:
05:e5:c5:db:8a:4b:b2:c5:70:19:82:12:fe:52:b5:bb:1b:fd:
8b:17:be:95:77:ac:fd:2e:21:c3:75:74:db:77:e6:5b:2b:fb:
90:87:9b:fc:a5:d4:c8:b7:7b:63:d9:bd:8d:eb:2b:45:18:10:
fe:3e:79:ba:e0:bf:e0:a6:56:c5:b0:32:99:49:20:bd:b9:34:
bd:78:c2:f3:0f:6b:db:d2:4a:5d:c6:63:6b:fc:3a:bb:d3:c5:
bc:80:79:dd:b1:97:64:95:47:ce:80:0f:06:fb:dd:01:4e:fc:
e7:9f:9b:e3:e4:96:76:ae:b2:b6:47:f9:96:8e:54:fd:82:f5:
07:3a:49:c5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQgZ+YiZcLkMBPQdVMuB9HfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQwMjIwNTVlYzJlYmY1NmY1NTJiOTg2YTlmMGVmZjViZGVmZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mRNHLy1jDuRKnjnE75YY7UtTay5
hJhFMftDXV2ZOS0R3GN9D1MFNXkWKU/TGuBPL6wbFU3zq5oRo5jxy1kZ6fyt7zgd
VHcukMWsNFMJKwRNDFccg03uMBsR0sZya2Gi6YuDOzG7Pk67KIc5pKX8dSTrUl7h
m6bjWlnbbWtuOMmx/qYyNzdiCfZERrUooc3E4IhWw2kXogJBcejK9/HmJVRIEZ2J
d4DbIEQsV/uKoX9RwnT2WBeXKHz4oMhlZIsMyTKOnn8ZFyG/QDTTN/djZWYew2rI
4qIaz8ZauyVc6mMQDykv9oodvo/s6HLvhaM02kcQZl/Ni9RrvbbdA/fftwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJXQIgVewuv1b1UrmGqfDv9b3v9aMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvbGRBaUJWN0M2X1Z2VlN1WWFwOE9fMXZlXzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wucw
DQYJKoZIhvcNAQELBQADggEBAGQtJrk+H/3V0RetBWDls6mKm7JbeaWvEAfs0rhs
VYDskmVhCfAp302hrPKdYwlM1Ayu1ERMLELaIm6Jp7pFifa32tjBLgF9xC9p4tcx
6dUS3eP2+qOp9j1dO25ZBuRe+FqRHyzxMlIXhMlXMWmlpRe4BSu7waBs3VIBwFfm
5gXlxduKS7LFcBmCEv5Stbsb/YsXvpV3rP0uIcN1dNt35lsr+5CHm/yl1Mi3e2PZ
vY3rK0UYEP4+ebrgv+CmVsWwMplJIL25NL14wvMPa9vSSl3GY2v8OrvTxbyAed2x
l2SVR86ADwb73QFO/Oefm+PklnausrZH+ZaOVP2C9Qc6ScU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:02 2025 by rpki-client