Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/0pA9jqxxzLz7rK77xH9_gAV2Ddc.roa
File: 0pA9jqxxzLz7rK77xH9_gAV2Ddc.roa (raw, json)
Hash identifier: kuW3cMupmnzRroMZH+onX29Wp3xp+NRO+gRxYcXjYi4=
Subject key identifier: D2:90:3D:8E:AC:71:CC:BC:FB:AC:AE:FB:C4:7F:7F:80:05:76:0D:D7
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258EDBC350442E7A9E957A7009CE4ED3
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/0pA9jqxxzLz7rK77xH9_gAV2Ddc.roa
Signing time: Thu 02 Jan 2025 05:48:26 +0000
ROA not before: Thu 02 Jan 2025 05:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209389
IP address blocks: 2a12:7a40:9901::/48 maxlen: 48
2a12:7a40:9911::/48 maxlen: 48
2a12:7a40:9921::/48 maxlen: 48
2a12:7a40:9931::/48 maxlen: 48
2a12:7a40:9941::/48 maxlen: 48
2a12:7a40:9951::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:db:c3:50:44:2e:7a:9e:95:7a:70:09:ce:4e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2903d8eac71ccbcfbacaefbc47f7f8005760dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1f:31:47:5b:f0:bd:60:24:2b:47:f5:84:30:
13:e8:f5:5e:61:0d:74:1e:4f:8d:e8:a1:6f:81:d5:
f7:c5:1f:94:ad:3d:43:a0:eb:76:d8:a0:8b:c2:6f:
32:21:08:c0:b7:72:7e:82:a7:1a:46:b7:87:e6:77:
9e:e3:e5:95:f3:8b:64:46:3a:93:93:77:4d:dd:18:
54:7a:bf:a5:fb:66:6f:f1:68:11:58:54:7d:a2:d1:
18:75:d8:b0:5f:76:4e:55:ca:e9:60:d5:4f:d1:4a:
3c:df:40:91:61:17:e5:43:35:fc:eb:69:94:45:07:
cf:85:17:90:17:5a:8b:9d:fe:3c:23:dd:5f:b0:4f:
94:fc:fd:ab:a7:52:cc:38:33:25:5c:61:ff:28:65:
b8:5a:20:6e:21:d3:16:ce:43:03:a4:63:38:ad:03:
28:66:1b:2f:19:c8:44:ad:a0:95:8c:92:bb:df:7d:
56:6d:9d:50:af:4a:38:2b:0e:09:d5:f1:43:22:cb:
26:fe:19:96:7e:d9:26:ab:1d:38:90:4b:10:05:a4:
e5:d7:b8:d9:67:e6:16:5e:f3:15:7d:8f:bf:8a:3c:
06:25:6d:a6:e2:f7:64:4b:8a:aa:de:5e:33:f3:22:
ca:61:77:79:73:b8:07:d2:f3:75:24:6d:27:ee:cd:
3b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:90:3D:8E:AC:71:CC:BC:FB:AC:AE:FB:C4:7F:7F:80:05:76:0D:D7
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/0pA9jqxxzLz7rK77xH9_gAV2Ddc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9901::/48
2a12:7a40:9911::/48
2a12:7a40:9921::/48
2a12:7a40:9931::/48
2a12:7a40:9941::/48
2a12:7a40:9951::/48
Signature Algorithm: sha256WithRSAEncryption
6a:cf:10:29:73:6b:63:55:21:72:5a:cd:77:86:5a:49:58:e3:
fc:5c:9c:7b:41:3f:ac:1b:9b:13:5c:c2:13:e8:c9:db:de:0b:
24:e7:cc:a0:c7:11:44:d4:8a:dd:03:41:df:8f:8e:55:21:1c:
40:a2:bd:2c:72:af:43:ee:96:4d:b0:19:3c:63:f2:65:fa:6c:
ee:80:72:03:18:ed:cf:98:1c:48:96:49:ba:22:09:f3:d4:f7:
64:c6:30:b9:d8:6f:73:8c:33:9b:92:e8:cc:11:85:bf:0b:08:
22:12:6f:e0:57:0d:75:25:cb:20:31:c9:aa:7a:af:09:d4:76:
25:25:74:75:ef:da:e6:08:c1:f3:ad:41:6b:36:0f:51:fe:cb:
79:cf:e0:69:e6:06:c8:d8:7e:fe:f9:1b:f8:7d:dd:9e:b0:cd:
4f:13:a7:34:e9:2d:c8:d6:5c:41:0c:9d:5f:2b:4d:8b:ff:61:
c3:8e:56:84:ff:ec:c0:06:fb:8f:db:32:e6:8d:63:eb:77:e8:
06:97:3f:2d:c2:f9:58:3a:4d:f0:75:68:89:8b:19:4c:d3:b7:
02:a4:e8:15:1d:07:c1:96:c3:68:75:31:31:05:cc:73:47:92:
c0:ca:52:05:9c:96:1b:2d:73:d2:ce:07:3d:db:da:fb:ce:ce:
d9:24:31:b7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljtvDUEQuep6VenAJzk7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkwM2Q4ZWFjNzFjY2JjZmJhY2FlZmJjNDdmN2Y4MDA1NzYwZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB8xR1vwvWAkK0f1hDAT6PVeYQ10
Hk+N6KFvgdX3xR+UrT1DoOt22KCLwm8yIQjAt3J+gqcaRreH5nee4+WV84tkRjqT
k3dN3RhUer+l+2Zv8WgRWFR9otEYddiwX3ZOVcrpYNVP0Uo830CRYRflQzX862mU
RQfPhReQF1qLnf48I91fsE+U/P2rp1LMODMlXGH/KGW4WiBuIdMWzkMDpGM4rQMo
ZhsvGchEraCVjJK7331WbZ1Qr0o4Kw4J1fFDIssm/hmWftkmqx04kEsQBaTl17jZ
Z+YWXvMVfY+/ijwGJW2m4vdkS4qq3l4z8yLKYXd5c7gH0vN1JG0n7s07xwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNKQPY6sccy8+6yu+8R/f4AFdg3XMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvMHBBOWpxeHh6THo3cks3N3hIOV9nQVYyRGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkB
AwcAKhJ6QJkRAwcAKhJ6QJkhAwcAKhJ6QJkxAwcAKhJ6QJlBAwcAKhJ6QJlRMA0G
CSqGSIb3DQEBCwUAA4IBAQBqzxApc2tjVSFyWs13hlpJWOP8XJx7QT+sG5sTXMIT
6Mnb3gsk58ygxxFE1IrdA0Hfj45VIRxAor0scq9D7pZNsBk8Y/Jl+mzugHIDGO3P
mBxIlkm6Ignz1PdkxjC52G9zjDObkujMEYW/CwgiEm/gVw11JcsgMcmqeq8J1HYl
JXR179rmCMHzrUFrNg9R/st5z+Bp5gbI2H7++Rv4fd2esM1PE6c06S3I1lxBDJ1f
K02L/2HDjlaE/+zABvuP2zLmjWPrd+gGlz8twvlYOk3wdWiJixlM07cCpOgVHQfB
lsNodTExBcxzR5LAylIFnJYbLXPSzgc929r7zs7ZJDG3
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:22:14 2025 by rpki-client