Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/mReJXjEFw2vH3gsylG3516bpkxI.roa
File: mReJXjEFw2vH3gsylG3516bpkxI.roa (raw, json)
Hash identifier: orfciGxm8QNpQKbu93OyqVEi/aKCukxyiFS74rnLbXg=
Subject key identifier: 99:17:89:5E:31:05:C3:6B:C7:DE:0B:32:94:6D:F9:D7:A6:E9:93:12
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258ED9C99BCB3AE3367C0EF6322170A6
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/mReJXjEFw2vH3gsylG3516bpkxI.roa
Signing time: Thu 02 Jan 2025 05:48:26 +0000
ROA not before: Thu 02 Jan 2025 05:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208421
IP address blocks: 2a12:7a40:9906::/48 maxlen: 48
2a12:7a40:9916::/48 maxlen: 48
2a12:7a40:9926::/48 maxlen: 48
2a12:7a40:9936::/48 maxlen: 48
2a12:7a40:9946::/48 maxlen: 48
2a12:7a40:9956::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:d9:c9:9b:cb:3a:e3:36:7c:0e:f6:32:21:70:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9917895e3105c36bc7de0b32946df9d7a6e99312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8d:71:96:cc:1e:1f:68:81:75:8d:33:62:a0:
61:4d:f3:ec:90:7b:58:50:11:cf:da:95:81:52:70:
3f:99:1d:32:2e:39:9e:b7:f3:1d:96:14:3a:18:c8:
92:e9:cf:b6:54:5e:d6:9c:71:3a:78:3e:fe:6c:18:
f2:0f:fc:7d:b8:a7:90:89:91:32:e5:f7:cb:4f:b7:
d9:f7:14:90:80:29:de:73:73:be:c2:bf:4f:6f:07:
06:49:3c:2a:d3:dc:1c:eb:68:92:87:c8:a1:62:2c:
37:34:61:6d:c3:ca:42:d0:05:0b:04:16:2a:46:f3:
f6:22:0a:e6:5e:d7:91:7e:9a:79:10:af:06:05:71:
7a:cf:9c:de:3c:6d:e6:a6:ac:34:1b:71:83:eb:0d:
37:d3:ec:bd:e9:42:40:30:f2:cd:02:1e:b9:4d:d5:
e5:6d:d9:30:08:83:d2:39:ce:09:7b:13:2d:42:d4:
dc:e9:62:10:c5:97:54:20:92:d3:59:92:3d:71:cf:
f6:52:05:0e:78:69:ae:30:0b:55:31:93:b4:e0:d8:
b5:93:00:08:ae:1f:1c:e6:52:e1:a8:3e:78:fa:31:
2f:53:c8:18:2f:91:34:7a:3c:d1:e1:77:6f:26:44:
46:c8:dd:da:28:32:45:93:a0:bb:04:34:6c:1b:07:
6c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:17:89:5E:31:05:C3:6B:C7:DE:0B:32:94:6D:F9:D7:A6:E9:93:12
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/mReJXjEFw2vH3gsylG3516bpkxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:9906::/48
2a12:7a40:9916::/48
2a12:7a40:9926::/48
2a12:7a40:9936::/48
2a12:7a40:9946::/48
2a12:7a40:9956::/48
Signature Algorithm: sha256WithRSAEncryption
21:c3:20:99:b4:a3:f2:7d:04:ab:55:78:58:10:a1:00:9b:9b:
88:7c:93:18:82:ed:31:72:a8:7b:73:fd:78:f7:19:42:46:1a:
4c:98:42:50:87:ee:54:7d:f5:fa:4d:b6:9b:47:82:cc:47:5f:
64:63:60:40:04:6d:33:d6:fd:86:eb:cb:c5:b9:7e:de:74:61:
df:6f:3f:87:34:4e:98:ff:1c:39:28:4a:43:4c:0e:47:8f:39:
59:6b:cd:71:bc:89:75:67:77:53:9a:f2:4f:6e:5c:c1:5e:69:
46:e8:5b:b9:6c:26:dd:03:f1:9d:77:8a:6d:4e:15:66:96:e0:
30:11:80:0d:f6:37:f9:8e:81:e7:ce:8e:3e:a3:5b:97:41:c5:
37:40:55:4c:69:20:73:b6:cd:79:7f:06:07:24:a4:16:5f:e4:
01:99:2f:da:16:fc:be:ae:37:63:f7:07:5f:a9:f1:92:3d:5c:
e7:ff:ad:be:a4:fe:cf:10:90:d1:d9:14:0f:50:ea:a4:10:73:
57:b3:4e:d2:5f:2e:43:75:a2:46:2b:7d:02:6e:19:61:c3:72:
de:08:5a:ca:8f:16:19:f6:26:59:7b:51:e3:39:9f:80:5b:e7:
3e:6d:2b:17:0c:8f:2c:66:ee:d6:48:ec:43:bb:8c:05:fe:60:
27:bc:d4:03
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljtnJm8s64zZ8DvYyIXCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE3ODk1ZTMxMDVjMzZiYzdkZTBiMzI5NDZkZjlkN2E2ZTk5MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Y1xlsweH2iBdY0zYqBhTfPskHtY
UBHP2pWBUnA/mR0yLjmet/MdlhQ6GMiS6c+2VF7WnHE6eD7+bBjyD/x9uKeQiZEy
5ffLT7fZ9xSQgCnec3O+wr9PbwcGSTwq09wc62iSh8ihYiw3NGFtw8pC0AULBBYq
RvP2IgrmXteRfpp5EK8GBXF6z5zePG3mpqw0G3GD6w030+y96UJAMPLNAh65TdXl
bdkwCIPSOc4JexMtQtTc6WIQxZdUIJLTWZI9cc/2UgUOeGmuMAtVMZO04Ni1kwAI
rh8c5lLhqD54+jEvU8gYL5E0ejzR4XdvJkRGyN3aKDJFk6C7BDRsGwdsMQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJkXiV4xBcNrx94LMpRt+dem6ZMSMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvbVJlSlhqRUZ3MnZIM2dzeWxHMzUxNmJwa3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkG
AwcAKhJ6QJkWAwcAKhJ6QJkmAwcAKhJ6QJk2AwcAKhJ6QJlGAwcAKhJ6QJlWMA0G
CSqGSIb3DQEBCwUAA4IBAQAhwyCZtKPyfQSrVXhYEKEAm5uIfJMYgu0xcqh7c/14
9xlCRhpMmEJQh+5UffX6TbabR4LMR19kY2BABG0z1v2G68vFuX7edGHfbz+HNE6Y
/xw5KEpDTA5HjzlZa81xvIl1Z3dTmvJPblzBXmlG6Fu5bCbdA/Gdd4ptThVmluAw
EYAN9jf5joHnzo4+o1uXQcU3QFVMaSBzts15fwYHJKQWX+QBmS/aFvy+rjdj9wdf
qfGSPVzn/62+pP7PEJDR2RQPUOqkEHNXs07SXy5DdaJGK30Cbhlhw3LeCFrKjxYZ
9iZZe1HjOZ+AW+c+bSsXDI8sZu7WSOxDu4wF/mAnvNQD
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:37:59 2025 by rpki-client