Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/_okwze0rSlq8LhXlB7FWi8OlsK4.roa
File: _okwze0rSlq8LhXlB7FWi8OlsK4.roa (raw, json)
Hash identifier: 3wzhS+5DOCgktIdxwao39vX+OQv7jnEn/glBS5LioaY=
Subject key identifier: FE:89:30:CD:ED:2B:4A:5A:BC:2E:15:E5:07:B1:56:8B:C3:A5:B0:AE
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258EDE235815E13374593FCBFC29A3ED
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/_okwze0rSlq8LhXlB7FWi8OlsK4.roa
Signing time: Thu 02 Jan 2025 05:48:27 +0000
ROA not before: Thu 02 Jan 2025 05:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210348
IP address blocks: 2a12:7a40:990c::/48 maxlen: 48
2a12:7a40:991c::/48 maxlen: 48
2a12:7a40:992c::/48 maxlen: 48
2a12:7a40:993c::/48 maxlen: 48
2a12:7a40:994c::/48 maxlen: 48
2a12:7a40:995c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 09:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:de:23:58:15:e1:33:74:59:3f:cb:fc:29:a3:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe8930cded2b4a5abc2e15e507b1568bc3a5b0ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:89:0e:c2:97:0a:f8:0a:b5:13:a8:51:48:63:
7e:ca:84:28:99:f8:6c:b4:f7:51:8b:2f:6d:b6:9f:
c7:5e:7e:dc:87:82:90:05:ec:a4:7b:9f:c0:e9:19:
85:7d:b5:3f:ba:f2:52:9c:af:c6:5e:09:2b:a9:ba:
5b:98:30:88:8b:4a:15:e0:f9:58:c3:83:88:8a:88:
33:31:9a:9a:84:4d:2a:e8:ea:83:13:c6:d2:c7:cd:
9f:ee:ea:d6:f1:04:85:03:19:b1:f2:8e:a9:08:4c:
d3:98:9b:11:42:27:31:72:ae:bc:cb:98:9e:bd:47:
ff:e6:6d:02:9a:77:32:92:69:d3:74:d4:6b:52:b9:
1a:74:3f:ac:56:7f:a8:a4:14:71:cb:11:4b:10:75:
97:f6:f3:1b:bd:e0:b4:7d:87:7e:1b:a5:10:e6:a1:
79:d7:2a:d0:66:f1:fa:5b:45:5d:0a:2c:7c:3c:09:
7a:86:b4:17:56:b6:a5:cc:bf:89:fb:d2:da:54:57:
b7:c6:a7:6a:cc:a6:e8:f7:4f:a1:1e:dc:f2:3e:32:
1e:a5:59:3f:60:d3:1e:ac:b0:d3:cb:9b:5a:ea:c9:
d9:16:54:bc:b7:78:31:11:96:3a:d0:09:d5:43:fc:
10:bc:aa:ce:a4:3f:3c:3d:9e:3b:18:8f:c9:1a:8f:
c2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:89:30:CD:ED:2B:4A:5A:BC:2E:15:E5:07:B1:56:8B:C3:A5:B0:AE
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/_okwze0rSlq8LhXlB7FWi8OlsK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:990c::/48
2a12:7a40:991c::/48
2a12:7a40:992c::/48
2a12:7a40:993c::/48
2a12:7a40:994c::/48
2a12:7a40:995c::/48
Signature Algorithm: sha256WithRSAEncryption
45:f0:05:76:7e:8b:26:5f:dd:fe:5b:d2:c7:12:7a:00:28:e9:
70:20:6a:59:d6:87:b6:d8:f4:0f:ce:dc:48:cc:67:5a:70:a6:
a8:7d:66:55:6e:fe:74:f7:6a:91:d1:45:66:f9:8c:9c:5c:31:
b4:ae:fe:98:6f:b1:d7:fa:6c:27:f9:2d:49:f0:bf:be:f2:c7:
e1:3b:c0:fb:0f:b9:8e:ff:29:71:4b:ef:f4:23:8d:92:e2:0c:
ec:dd:84:04:f8:6c:82:13:d4:a3:18:0b:c1:c2:8e:b9:35:12:
49:42:a4:32:3d:51:9e:20:8a:f6:9b:4f:18:7c:d1:29:81:7d:
1a:80:d1:a8:5d:0a:5b:a1:6b:b1:a4:b5:d4:6f:95:9f:2a:83:
5d:cf:c2:70:07:a8:54:a2:3f:b0:ef:c1:dd:0d:65:a5:58:23:
09:09:a5:c8:fb:bf:1e:fa:6e:f1:37:db:44:2b:d9:7f:63:a1:
8b:57:de:35:67:3e:0a:8a:b2:bd:db:82:78:ff:6d:5a:a0:fa:
fd:31:50:37:78:74:41:1c:aa:b7:a0:2e:ae:85:ae:52:c2:c4:
cd:73:b5:41:a6:54:bf:6d:d6:45:98:bc:ca:ad:ce:d4:30:5a:
42:b5:3c:39:6f:13:84:f3:99:20:17:e7:46:ab:7b:82:87:d8:
4a:5d:89:ff
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljt4jWBXhM3RZP8v8KaPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg5MzBjZGVkMmI0YTVhYmMyZTE1ZTUwN2IxNTY4YmMzYTViMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4kOwpcK+Aq1E6hRSGN+yoQomfhs
tPdRiy9ttp/HXn7ch4KQBeyke5/A6RmFfbU/uvJSnK/GXgkrqbpbmDCIi0oV4PlY
w4OIiogzMZqahE0q6OqDE8bSx82f7urW8QSFAxmx8o6pCEzTmJsRQicxcq68y5ie
vUf/5m0CmncykmnTdNRrUrkadD+sVn+opBRxyxFLEHWX9vMbveC0fYd+G6UQ5qF5
1yrQZvH6W0VdCix8PAl6hrQXVralzL+J+9LaVFe3xqdqzKbo90+hHtzyPjIepVk/
YNMerLDTy5ta6snZFlS8t3gxEZY60AnVQ/wQvKrOpD88PZ47GI/JGo/C2QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFP6JMM3tK0pavC4V5QexVovDpbCuMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvX29rd3plMHJTbHE4TGhYbEI3RldpOE9sc0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkM
AwcAKhJ6QJkcAwcAKhJ6QJksAwcAKhJ6QJk8AwcAKhJ6QJlMAwcAKhJ6QJlcMA0G
CSqGSIb3DQEBCwUAA4IBAQBF8AV2fosmX93+W9LHEnoAKOlwIGpZ1oe22PQPztxI
zGdacKaofWZVbv5092qR0UVm+YycXDG0rv6Yb7HX+mwn+S1J8L++8sfhO8D7D7mO
/ylxS+/0I42S4gzs3YQE+GyCE9SjGAvBwo65NRJJQqQyPVGeIIr2m08YfNEpgX0a
gNGoXQpboWuxpLXUb5WfKoNdz8JwB6hUoj+w78HdDWWlWCMJCaXI+78e+m7xN9tE
K9l/Y6GLV941Zz4KirK924J4/21aoPr9MVA3eHRBHKq3oC6uha5SwsTNc7VBplS/
bdZFmLzKrc7UMFpCtTw5bxOE85kgF+dGq3uCh9hKXYn/
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:27:03 2025 by rpki-client