Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/UUcKOryc_ykhvD7v1VUPE00sScs.roa
File: UUcKOryc_ykhvD7v1VUPE00sScs.roa (raw, json)
Hash identifier: dAexA2neb3HcfI1bNYdykFIadotQ4NdMRRVIE6QTBe4=
Subject key identifier: 51:47:0A:3A:BC:9C:FF:29:21:BC:3E:EF:D5:55:0F:13:4D:2C:49:CB
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 0194266C436E7C71B24988A2632FC31E3E38
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/UUcKOryc_ykhvD7v1VUPE00sScs.roa
Signing time: Thu 02 Jan 2025 09:50:16 +0000
ROA not before: Thu 02 Jan 2025 09:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51559
IP address blocks: 2a06:c400::/48 maxlen: 48
2a06:c400:1::/48 maxlen: 48
2a06:c400:2::/48 maxlen: 48
2a06:c400:3::/48 maxlen: 48
2a06:c400:4::/48 maxlen: 48
2a06:c400:5::/48 maxlen: 48
2a06:c400:6::/48 maxlen: 48
2a06:c400:7::/48 maxlen: 48
2a06:c400:8::/48 maxlen: 48
2a06:c400:9::/48 maxlen: 48
2a06:c400:a::/48 maxlen: 48
2a06:c400:b::/48 maxlen: 48
2a06:c400:c::/48 maxlen: 48
2a06:c400:d::/48 maxlen: 48
2a06:c400:e::/48 maxlen: 48
2a06:c400:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:43:6e:7c:71:b2:49:88:a2:63:2f:c3:1e:3e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Jan 2 09:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51470a3abc9cff2921bc3eefd5550f134d2c49cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e7:14:12:ae:78:aa:20:28:f2:29:61:2e:5e:
0f:cf:f9:a4:b8:c9:0d:85:b0:a2:f5:ee:2a:c7:ae:
de:5a:87:09:c7:bd:2a:86:56:c3:e8:fb:5a:df:3d:
64:97:05:d6:00:1f:0f:1a:28:e0:e3:e6:15:15:c5:
a7:1f:71:50:c8:6f:88:7e:9a:0f:f5:45:31:7e:c8:
df:94:30:8a:5d:40:ee:77:5d:d6:66:b5:e1:d2:3d:
05:bd:40:71:7d:37:61:52:ac:6a:12:a7:d8:b7:25:
b3:f9:9c:0d:da:27:82:16:77:5a:93:3d:8b:9f:58:
bc:2e:cd:c9:7d:cd:ac:7a:ac:6a:52:76:09:62:53:
0d:41:f7:5d:a2:d1:06:c7:38:55:c1:48:67:43:59:
84:b8:b8:a3:70:0d:4c:46:dc:b3:32:59:3d:b8:e9:
5f:35:d4:03:59:21:04:b3:39:17:79:da:a1:ce:d4:
58:99:1e:55:fe:53:7e:61:d1:1d:25:eb:f2:d0:c2:
71:76:45:98:8f:8c:62:97:2c:ac:63:d5:e4:98:3f:
92:24:01:7d:8e:52:de:06:ea:3a:d7:bc:bc:78:65:
6c:b9:f9:69:4a:02:11:9f:02:73:73:6c:6f:82:64:
41:db:30:1b:e1:39:b6:99:70:bb:3b:5b:b8:52:5e:
31:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:47:0A:3A:BC:9C:FF:29:21:BC:3E:EF:D5:55:0F:13:4D:2C:49:CB
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/UUcKOryc_ykhvD7v1VUPE00sScs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:c400::/44
Signature Algorithm: sha256WithRSAEncryption
8c:13:e1:b0:9e:a4:33:52:92:64:1d:c0:84:a5:39:0e:32:ce:
a2:a3:64:62:f4:b9:37:82:d8:ec:2b:11:ea:b3:85:8b:f9:00:
78:0b:58:09:68:15:97:6d:b9:2f:3f:7b:34:b0:a8:52:fa:ad:
cf:2d:e3:4b:7e:cc:1a:7d:1c:e7:5c:c4:39:ec:91:49:aa:94:
58:a9:3f:5e:6c:7f:14:ea:0d:72:81:52:aa:d3:aa:39:56:d9:
5a:27:0f:de:ed:93:c8:3c:c7:b8:ea:0b:8f:e2:d8:6b:70:fc:
07:11:1e:b3:36:6d:c3:b6:44:64:b0:20:2e:66:40:98:05:05:
bf:e3:87:13:ed:a4:28:e9:0e:8f:b5:21:2b:24:b2:2c:e7:f5:
27:a6:4e:af:a4:fc:df:8b:39:fa:8f:dd:b6:94:0a:9e:01:99:
b1:0d:fb:38:9d:85:bf:89:93:72:27:e4:f9:fc:0b:a4:69:ff:
af:ed:57:e4:42:55:eb:dc:15:fc:52:9e:59:86:bb:a6:aa:8d:
38:54:ae:47:57:e7:f7:39:cd:5a:28:27:e7:d5:72:9c:93:6a:
e7:dd:18:18:dd:de:1a:d0:b1:35:41:91:a6:f9:66:ca:8c:30:
11:97:28:60:9e:81:1a:17:3b:3a:da:20:07:90:b2:85:a2:e6:
6c:2c:d3:47
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQmbENufHGySYiiYy/DHj44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjUwMTAyMDk1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTQ3MGEzYWJjOWNmZjI5MjFiYzNlZWZkNTU1MGYxMzRkMmM0OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OcUEq54qiAo8ilhLl4Pz/mkuMkN
hbCi9e4qx67eWocJx70qhlbD6Pta3z1klwXWAB8PGijg4+YVFcWnH3FQyG+IfpoP
9UUxfsjflDCKXUDud13WZrXh0j0FvUBxfTdhUqxqEqfYtyWz+ZwN2ieCFndakz2L
n1i8Ls3Jfc2seqxqUnYJYlMNQfddotEGxzhVwUhnQ1mEuLijcA1MRtyzMlk9uOlf
NdQDWSEEszkXedqhztRYmR5V/lN+YdEdJevy0MJxdkWYj4xilyysY9XkmD+SJAF9
jlLeBuo617y8eGVsuflpSgIRnwJzc2xvgmRB2zAb4Tm2mXC7O1u4Ul4xNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFFHCjq8nP8pIbw+79VVDxNNLEnLMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEvVVVjS09yeWNfeWtodkQ3djFWVVBFMDBzU2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbEAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCME+GwnqQzUpJkHcCEpTkOMs6io2Ri9Lk3gtjs
KxHqs4WL+QB4C1gJaBWXbbkvP3s0sKhS+q3PLeNLfswafRznXMQ57JFJqpRYqT9e
bH8U6g1ygVKq06o5VtlaJw/e7ZPIPMe46guP4thrcPwHER6zNm3DtkRksCAuZkCY
BQW/44cT7aQo6Q6PtSErJLIs5/Unpk6vpPzfizn6j922lAqeAZmxDfs4nYW/iZNy
J+T5/Aukaf+v7VfkQlXr3BX8Up5Zhrumqo04VK5HV+f3Oc1aKCfn1XKck2rn3RgY
3d4a0LE1QZGm+WbKjDARlyhgnoEaFzs62iAHkLKFouZsLNNH
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:32 2025 by rpki-client