Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/I0so05T8WJ0IrbDuX6UjLySLqmI.roa
File: I0so05T8WJ0IrbDuX6UjLySLqmI.roa (raw, json)
Hash identifier: dR+mdnDCO20UWtvzil7AKdca65/eFTAOBYqBvQ7au8Y=
Subject key identifier: 23:4B:28:D3:94:FC:58:9D:08:AD:B0:EE:5F:A5:23:2F:24:8B:AA:62
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258EDA3B2C7F8C168B79A5DC1F6209DD
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/I0so05T8WJ0IrbDuX6UjLySLqmI.roa
Signing time: Thu 02 Jan 2025 05:48:26 +0000
ROA not before: Thu 02 Jan 2025 05:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208749
IP address blocks: 2a12:7a40:9908::/48 maxlen: 48
2a12:7a40:9918::/48 maxlen: 48
2a12:7a40:9928::/48 maxlen: 48
2a12:7a40:9938::/48 maxlen: 48
2a12:7a40:9948::/48 maxlen: 48
2a12:7a40:9958::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:da:3b:2c:7f:8c:16:8b:79:a5:dc:1f:62:09:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=234b28d394fc589d08adb0ee5fa5232f248baa62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:18:15:ca:39:cc:7d:c2:e2:e5:96:b8:e6:86:
25:ff:d4:2a:c3:ce:57:a2:0b:93:a7:9e:7e:1a:23:
e4:ce:b1:9c:5c:db:91:fc:5c:ec:df:a7:84:a3:8f:
08:fa:13:68:1b:d2:dc:33:d2:89:90:f9:3e:39:5a:
05:67:09:c9:bb:75:d4:4a:da:66:6e:cb:68:a9:06:
f9:84:03:a0:ef:83:6a:2c:19:a1:1d:ed:21:00:af:
13:19:b3:b5:40:0f:cd:61:bb:4f:4d:af:18:b6:52:
81:24:05:1b:d4:67:39:fe:81:b4:89:a8:b5:6c:aa:
9e:ef:11:55:17:b8:31:3b:96:dc:3d:6f:8c:5c:65:
89:7e:91:c1:1c:0b:b1:40:e6:b9:f5:ee:4d:6a:c5:
86:7f:1e:53:ea:38:e2:ec:c1:ad:01:33:b0:a5:8c:
bb:7e:3f:c3:a4:9d:8a:40:d2:6f:91:b2:42:20:b8:
d6:a1:0e:f7:62:90:a7:40:c5:e9:dd:06:b8:40:ef:
30:40:58:e0:ee:69:18:e1:c1:e1:ee:c1:de:fa:c0:
76:4e:a7:e7:71:0c:1e:d2:3a:c4:f1:98:d1:83:fc:
d3:de:72:2b:ae:e2:5c:60:eb:28:af:49:69:b2:e4:
81:72:82:76:7d:67:6b:82:ab:32:16:02:bf:25:bb:
eb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4B:28:D3:94:FC:58:9D:08:AD:B0:EE:5F:A5:23:2F:24:8B:AA:62
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/I0so05T8WJ0IrbDuX6UjLySLqmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9908::/48
2a12:7a40:9918::/48
2a12:7a40:9928::/48
2a12:7a40:9938::/48
2a12:7a40:9948::/48
2a12:7a40:9958::/48
Signature Algorithm: sha256WithRSAEncryption
12:af:7a:b7:d2:8b:6b:a7:62:b2:64:e0:36:bd:a9:a5:2e:62:
14:60:46:aa:b8:6b:4f:c5:a1:01:00:24:76:1c:18:69:36:e9:
45:d3:43:4c:32:af:ab:b3:e0:91:bb:d6:1c:05:ec:44:6a:6d:
16:42:9f:f9:d5:3c:27:e5:65:90:5f:11:dc:aa:81:7c:fc:13:
b6:55:18:ca:18:1a:89:e7:51:84:3f:2f:50:40:a6:f9:3e:fd:
ae:58:43:98:04:af:44:7c:a6:6d:9a:67:d5:bd:cf:ec:fe:d5:
87:64:23:e7:81:c3:00:7a:b5:fb:6f:ca:ec:f4:88:ac:9c:52:
72:1b:53:22:9b:58:86:16:5a:05:51:e5:01:c2:39:d3:8f:54:
80:32:76:fc:0b:f6:be:6f:46:7d:55:f8:13:07:2f:b4:0d:31:
68:55:f2:a7:a4:40:5f:67:51:7d:41:67:e9:58:5d:a3:b8:2c:
8d:42:01:6c:10:e7:18:62:9a:e5:23:8b:3f:b1:bb:27:e4:49:
5b:09:4d:26:f6:c9:2f:6d:c0:88:9a:1b:1e:dc:17:6c:3b:05:
ee:cf:f9:52:2a:40:90:0b:8e:62:6e:8f:fd:7d:da:56:ea:d7:
7c:61:8d:24:37:51:e8:e6:c2:5f:dc:c2:75:2f:22:5f:56:c1:
21:55:b4:3f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljto7LH+MFot5pdwfYgndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRiMjhkMzk0ZmM1ODlkMDhhZGIwZWU1ZmE1MjMyZjI0OGJhYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBgVyjnMfcLi5Za45oYl/9Qqw85X
oguTp55+GiPkzrGcXNuR/Fzs36eEo48I+hNoG9LcM9KJkPk+OVoFZwnJu3XUStpm
bstoqQb5hAOg74NqLBmhHe0hAK8TGbO1QA/NYbtPTa8YtlKBJAUb1Gc5/oG0iai1
bKqe7xFVF7gxO5bcPW+MXGWJfpHBHAuxQOa59e5NasWGfx5T6jji7MGtATOwpYy7
fj/DpJ2KQNJvkbJCILjWoQ73YpCnQMXp3Qa4QO8wQFjg7mkY4cHh7sHe+sB2Tqfn
cQwe0jrE8ZjRg/zT3nIrruJcYOsor0lpsuSBcoJ2fWdrgqsyFgK/JbvrOQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCNLKNOU/FidCK2w7l+lIy8ki6piMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvSTBzbzA1VDhXSjBJcmJEdVg2VWpMeVNMcW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkI
AwcAKhJ6QJkYAwcAKhJ6QJkoAwcAKhJ6QJk4AwcAKhJ6QJlIAwcAKhJ6QJlYMA0G
CSqGSIb3DQEBCwUAA4IBAQASr3q30otrp2KyZOA2vamlLmIUYEaquGtPxaEBACR2
HBhpNulF00NMMq+rs+CRu9YcBexEam0WQp/51Twn5WWQXxHcqoF8/BO2VRjKGBqJ
51GEPy9QQKb5Pv2uWEOYBK9EfKZtmmfVvc/s/tWHZCPngcMAerX7b8rs9IisnFJy
G1Mim1iGFloFUeUBwjnTj1SAMnb8C/a+b0Z9VfgTBy+0DTFoVfKnpEBfZ1F9QWfp
WF2juCyNQgFsEOcYYprlI4s/sbsn5ElbCU0m9skvbcCImhse3BdsOwXuz/lSKkCQ
C45ibo/9fdpW6td8YY0kN1Ho5sJf3MJ1LyJfVsEhVbQ/
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:45:11 2025 by rpki-client