Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ioPMbpWlCvZiR6WRpvb6EzVAf4w.roa
File: ioPMbpWlCvZiR6WRpvb6EzVAf4w.roa (raw, json)
Hash identifier: 5EM6wvbnOYvQYPwOGYz784FmpJiMxKlU4WoPVkzYZjk=
Subject key identifier: 8A:83:CC:6E:95:A5:0A:F6:62:47:A5:91:A6:F6:FA:13:35:40:7F:8C
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA9F67A4917CF23347AE0F7E12E883
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ioPMbpWlCvZiR6WRpvb6EzVAf4w.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61335
IP address blocks: 2a00:fd40:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9f:67:a4:91:7c:f2:33:47:ae:0f:7e:12:e8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a83cc6e95a50af66247a591a6f6fa1335407f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:05:ca:50:66:55:8b:a0:82:79:a3:99:10:11:
2e:30:43:29:2a:be:6c:55:25:b8:95:66:53:01:dc:
e7:cd:46:d3:d9:02:8d:00:17:e7:0c:b2:7b:64:37:
c1:6d:a8:df:90:d0:d7:d4:6a:a9:c8:e5:ca:67:e2:
64:8e:94:8d:64:b3:3d:32:a5:56:8a:c5:72:81:20:
0e:a4:f0:a3:b8:f2:71:e6:7f:83:c1:14:00:31:75:
fb:53:f8:2f:41:01:64:53:56:f8:01:13:9e:fd:1e:
5d:9c:f7:e5:a4:47:86:6e:49:b6:71:8c:a8:58:b9:
35:7a:81:37:a4:b2:7d:c4:6e:9d:71:2c:6e:1b:d4:
87:f2:99:6b:05:5b:fe:fc:a1:7f:05:2f:32:12:6b:
19:24:e7:d6:ca:5f:c2:f6:d9:24:75:25:e3:82:76:
ac:05:11:6f:2e:1f:54:e9:ea:87:85:13:73:3d:f7:
b4:9d:17:2a:2a:b9:6c:82:c9:ee:70:b0:ed:74:30:
9d:d5:a7:5d:68:0c:8a:22:f2:5d:6a:24:ce:f0:11:
68:c2:57:11:5e:9b:06:fe:fc:93:00:ec:2e:d4:d3:
b9:cf:b9:0d:8d:ca:86:7f:91:5e:2a:69:56:7d:87:
b9:d5:ef:48:e9:f5:36:4e:a0:7b:9c:4a:d5:29:2a:
2e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:83:CC:6E:95:A5:0A:F6:62:47:A5:91:A6:F6:FA:13:35:40:7F:8C
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ioPMbpWlCvZiR6WRpvb6EzVAf4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:fd40:c::/48
Signature Algorithm: sha256WithRSAEncryption
41:35:bd:ec:da:5b:51:26:13:f6:62:b9:95:0d:3a:8d:b0:fd:
dc:32:c2:f8:89:67:67:b6:5b:82:7e:d1:c5:41:7b:c1:77:5a:
17:ec:74:5c:be:5c:55:d7:bf:96:c7:22:e2:79:f0:5c:36:18:
58:0a:df:1a:6e:be:8c:df:c1:84:c2:79:5a:71:b4:08:db:3c:
cb:ab:32:8c:9a:14:7b:34:aa:25:32:08:2a:6c:01:25:25:79:
dc:d3:18:94:4b:f1:b9:48:7f:2e:cb:3e:40:f1:89:3a:73:5d:
9e:3c:2c:e9:3d:8a:54:92:13:95:99:2b:6b:02:60:ca:0b:0f:
c1:3f:9b:54:d8:f3:33:b9:6b:57:26:44:86:ed:db:d7:5a:26:
d8:fb:98:d0:c2:be:73:4e:54:e3:9f:91:ec:a5:4c:61:5b:9d:
75:03:44:f9:a6:be:69:1e:24:ce:8d:80:b4:51:26:f4:83:55:
a1:83:58:52:9f:1c:07:36:48:6e:1c:d1:77:41:d5:00:7b:1b:
a9:da:54:56:2a:8f:8e:c1:7f:db:28:0a:90:e6:98:5a:40:b9:
e3:21:cd:6e:9b:22:99:cf:a4:7b:0c:a8:df:20:12:fa:7c:90:
6d:85:e0:bd:b4:d0:33:6f:ef:5d:f5:f3:8f:f3:b2:15:cc:fc:
b3:68:34:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+p9npJF88jNHrg9+EuiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTgzY2M2ZTk1YTUwYWY2NjI0N2E1OTFhNmY2ZmExMzM1NDA3ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQXKUGZVi6CCeaOZEBEuMEMpKr5s
VSW4lWZTAdznzUbT2QKNABfnDLJ7ZDfBbajfkNDX1GqpyOXKZ+JkjpSNZLM9MqVW
isVygSAOpPCjuPJx5n+DwRQAMXX7U/gvQQFkU1b4AROe/R5dnPflpEeGbkm2cYyo
WLk1eoE3pLJ9xG6dcSxuG9SH8plrBVv+/KF/BS8yEmsZJOfWyl/C9tkkdSXjgnas
BRFvLh9U6eqHhRNzPfe0nRcqKrlsgsnucLDtdDCd1addaAyKIvJdaiTO8BFowlcR
XpsG/vyTAOwu1NO5z7kNjcqGf5FeKmlWfYe51e9I6fU2TqB7nErVKSouWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIqDzG6VpQr2Ykelkab2+hM1QH+MMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvaW9QTWJwV2xDdlppUjZXUnB2YjZFelZBZjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD9QAAM
MA0GCSqGSIb3DQEBCwUAA4IBAQBBNb3s2ltRJhP2YrmVDTqNsP3cMsL4iWdntluC
ftHFQXvBd1oX7HRcvlxV17+WxyLiefBcNhhYCt8abr6M38GEwnlacbQI2zzLqzKM
mhR7NKolMggqbAElJXnc0xiUS/G5SH8uyz5A8Yk6c12ePCzpPYpUkhOVmStrAmDK
Cw/BP5tU2PMzuWtXJkSG7dvXWibY+5jQwr5zTlTjn5HspUxhW511A0T5pr5pHiTO
jYC0USb0g1Whg1hSnxwHNkhuHNF3QdUAexup2lRWKo+OwX/bKAqQ5phaQLnjIc1u
myKZz6R7DKjfIBL6fJBtheC9tNAzb+9d9fOP87IVzPyzaDQr
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:28:20 2025 by rpki-client