Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/gY7BKIjwewKZZlWFSHLcdLr49NM.roa
File: gY7BKIjwewKZZlWFSHLcdLr49NM.roa (raw, json)
Hash identifier: i0lchkykJ9yatPl5KViR8cy+o8YUx9lts6RmnA23id8=
Subject key identifier: 81:8E:C1:28:88:F0:7B:02:99:66:55:85:48:72:DC:74:BA:F8:F4:D3
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 01942445436DDFD68DF83E56CDE484723C04
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/gY7BKIjwewKZZlWFSHLcdLr49NM.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203729
IP address blocks: 2a0b:6b81:1::/48 maxlen: 48
2a0b:6b81:205::/48 maxlen: 48
2a0b:6b81:208::/48 maxlen: 48
2a0b:6b81:210::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:43:6d:df:d6:8d:f8:3e:56:cd:e4:84:72:3c:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=818ec12888f07b02996655854872dc74baf8f4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:02:20:8c:3c:1a:c4:f0:49:fc:35:e4:ec:
d1:36:47:77:08:09:bf:6c:58:a9:bc:ed:3b:2f:0a:
55:7a:e7:15:4e:00:6d:a2:8d:0a:4a:a6:ea:d1:22:
82:a4:6c:b5:dd:08:98:ec:c6:f1:04:ad:f7:a5:66:
80:c4:b7:3f:30:22:8e:1c:20:05:43:65:8d:cf:21:
96:7c:30:40:a9:0e:15:e2:ab:e7:cd:ff:11:c6:34:
ed:b5:ca:76:bd:0a:df:4b:5e:fe:24:7b:47:c6:d9:
59:01:b1:53:f8:2d:8b:52:a1:f8:5f:2c:26:a9:5a:
87:17:1d:c5:33:19:1f:bc:45:a7:42:79:05:f3:98:
54:8d:ec:c0:44:7b:1f:22:af:80:98:f0:db:fc:c3:
c4:d9:ab:78:32:eb:76:e3:94:79:2d:e3:6b:de:08:
d6:25:b8:76:f0:05:57:e8:2a:b9:5e:cb:64:96:c1:
c1:f1:55:38:c9:92:9d:61:20:98:61:2e:2c:39:49:
83:a1:d9:fe:fe:e9:ef:b7:9c:fb:94:b7:8e:66:7c:
1a:24:5d:00:0a:77:c5:33:b6:5c:66:fa:af:30:09:
f4:55:45:06:08:f1:0a:31:02:ba:aa:71:03:a9:96:
74:dd:97:60:c2:18:d9:3d:ac:71:fe:fb:bf:3e:44:
f0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8E:C1:28:88:F0:7B:02:99:66:55:85:48:72:DC:74:BA:F8:F4:D3
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/gY7BKIjwewKZZlWFSHLcdLr49NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b81:1::/48
2a0b:6b81:205::/48
2a0b:6b81:208::/48
2a0b:6b81:210::/48
Signature Algorithm: sha256WithRSAEncryption
b5:e7:91:44:0d:86:c3:76:25:47:6e:a2:54:7c:6d:a9:0e:01:
5e:61:5d:c3:c1:55:59:ac:f5:9b:10:e5:97:5d:1b:37:5a:c4:
cb:5d:0a:96:90:1e:25:76:63:e5:5c:dc:2f:3e:77:6f:08:f5:
0a:83:14:32:22:b2:fa:09:8a:ec:93:09:1d:91:f8:9a:c5:dc:
dc:2b:8a:da:e3:46:d1:36:c5:6c:c5:49:2f:05:9e:c9:40:97:
16:29:8b:0b:14:7b:f6:58:aa:90:b2:85:77:db:9e:16:88:2e:
2b:23:0e:5d:86:39:09:e2:08:a6:f9:70:01:9f:01:80:d8:df:
e0:18:cb:9a:d9:4b:cb:84:a9:48:b8:42:83:87:d8:ad:11:58:
da:aa:47:3c:69:c8:b8:be:43:6d:c9:af:9e:9f:4a:05:d2:1e:
85:92:63:33:15:b2:24:d8:be:51:62:8e:b0:41:1a:96:59:25:
30:cd:0f:66:84:8a:13:35:6b:64:3c:48:ed:c4:a2:1c:9c:82:
b9:ae:77:d1:13:d5:25:77:76:ca:87:23:0b:c7:08:e0:01:02:
bc:5d:65:43:d4:e3:86:dc:8f:29:07:fb:67:04:fe:b8:bc:a9:
e8:66:d6:92:63:3f:b7:57:43:57:39:b5:64:73:12:17:09:7b:
14:6d:9b:3b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQkRUNt39aN+D5WzeSEcjwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MThlYzEyODg4ZjA3YjAyOTk2NjU1ODU0ODcyZGM3NGJhZjhmNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmQCIIw8GsTwSfw15OzRNkd3CAm/
bFipvO07LwpVeucVTgBtoo0KSqbq0SKCpGy13QiY7MbxBK33pWaAxLc/MCKOHCAF
Q2WNzyGWfDBAqQ4V4qvnzf8RxjTttcp2vQrfS17+JHtHxtlZAbFT+C2LUqH4Xywm
qVqHFx3FMxkfvEWnQnkF85hUjezARHsfIq+AmPDb/MPE2at4Mut245R5LeNr3gjW
Jbh28AVX6Cq5XstklsHB8VU4yZKdYSCYYS4sOUmDodn+/unvt5z7lLeOZnwaJF0A
CnfFM7ZcZvqvMAn0VUUGCPEKMQK6qnEDqZZ03ZdgwhjZPaxx/vu/PkTwZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIGOwSiI8HsCmWZVhUhy3HS6+PTTMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvZ1k3QktJandld0taWmxXRlNITGNkTHI0OU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgtrgQAB
AwcAKgtrgQIFAwcAKgtrgQIIAwcAKgtrgQIQMA0GCSqGSIb3DQEBCwUAA4IBAQC1
55FEDYbDdiVHbqJUfG2pDgFeYV3DwVVZrPWbEOWXXRs3WsTLXQqWkB4ldmPlXNwv
PndvCPUKgxQyIrL6CYrskwkdkfiaxdzcK4ra40bRNsVsxUkvBZ7JQJcWKYsLFHv2
WKqQsoV3254WiC4rIw5dhjkJ4gim+XABnwGA2N/gGMua2UvLhKlIuEKDh9itEVja
qkc8aci4vkNtya+en0oF0h6FkmMzFbIk2L5RYo6wQRqWWSUwzQ9mhIoTNWtkPEjt
xKIcnIK5rnfRE9Uld3bKhyMLxwjgAQK8XWVD1OOG3I8pB/tnBP64vKnoZtaSYz+3
V0NXObVkcxIXCXsUbZs7
-----END CERTIFICATE-----
Generated at Sat Apr 12 17:43:41 2025 by rpki-client