Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/8JWPxOv8cqW77ZczGQpvFR1bjFo.roa
File: 8JWPxOv8cqW77ZczGQpvFR1bjFo.roa (raw, json)
Hash identifier: 3OTXp4nJC+Hc/hgIIQFlS4OEibCJuUTxpQs4YOd1hhQ=
Subject key identifier: F0:95:8F:C4:EB:FC:72:A5:BB:ED:97:33:19:0A:6F:15:1D:5B:8C:5A
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C4C20AF94DCDB21435A797DC6D679
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/8JWPxOv8cqW77ZczGQpvFR1bjFo.roa
Signing time: Wed 01 Jan 2025 01:47:55 +0000
ROA not before: Wed 01 Jan 2025 01:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150787
IP address blocks: 2a12:bec4:13c0::/44 maxlen: 44
2a12:bec4:13c0::/48 maxlen: 48
2a12:bec4:13c1::/48 maxlen: 48
2a12:bec4:13c2::/48 maxlen: 48
2a12:bec4:13c3::/48 maxlen: 48
2a12:bec4:13c4::/48 maxlen: 48
2a12:bec4:13c5::/48 maxlen: 48
2a12:bec4:13c6::/48 maxlen: 48
2a12:bec4:13c7::/48 maxlen: 48
2a12:bec4:13c8::/48 maxlen: 48
2a12:bec4:13c9::/48 maxlen: 48
2a12:bec4:13ca::/48 maxlen: 48
2a12:bec4:13cb::/48 maxlen: 48
2a12:bec4:13cc::/48 maxlen: 48
2a12:bec4:13cd::/48 maxlen: 48
2a12:bec4:13ce::/48 maxlen: 48
2a12:bec4:13cf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:4c:20:af:94:dc:db:21:43:5a:79:7d:c6:d6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0958fc4ebfc72a5bbed9733190a6f151d5b8c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e4:e1:b5:84:69:a1:22:d3:e6:a6:ba:22:96:
18:db:4c:f5:de:61:30:9c:9e:77:e8:39:9d:cb:ed:
ca:29:06:60:c5:02:a8:6e:57:94:a7:cd:c0:03:ed:
d8:0c:5f:35:45:37:24:53:a0:7a:52:e1:19:db:5e:
3a:da:17:6a:6f:b3:07:3c:e0:cd:73:9e:6e:6d:94:
35:ff:16:ce:85:13:56:36:46:e3:f3:1b:ef:ad:60:
c9:1d:91:88:9b:e9:0e:2d:14:a8:57:7a:75:97:04:
fc:5f:73:50:82:c5:01:db:86:48:1e:37:28:28:f0:
13:98:46:7a:54:0c:4e:18:d5:94:bf:66:31:87:84:
1b:31:98:74:25:00:1f:fe:ed:70:ca:c3:ad:e0:65:
8b:c0:4c:d1:49:fa:42:20:f7:47:e3:66:ad:65:9c:
1c:72:e9:3f:11:d7:83:df:37:fb:87:9b:11:e2:80:
31:c4:4d:59:e7:26:18:8f:e4:d1:5f:ac:bf:56:ab:
a6:50:58:59:27:63:18:de:d7:0b:dd:fb:75:78:21:
75:ea:ce:92:fb:8e:be:d7:17:35:54:62:d0:c5:e1:
b1:25:10:92:96:bc:71:b1:05:48:1a:3f:2a:e2:a5:
2f:ee:79:84:6b:e6:f9:a1:40:ff:6c:1a:c7:bf:fb:
30:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:95:8F:C4:EB:FC:72:A5:BB:ED:97:33:19:0A:6F:15:1D:5B:8C:5A
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/8JWPxOv8cqW77ZczGQpvFR1bjFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:13c0::/44
Signature Algorithm: sha256WithRSAEncryption
80:9c:fc:9d:c9:67:34:a3:86:4b:ea:42:41:2c:4b:11:fb:28:
74:9c:68:26:b1:71:16:7f:bc:cb:90:c1:81:19:96:06:fe:7c:
38:df:57:5b:c7:55:13:cd:93:d8:97:f5:44:70:06:9d:7d:ee:
39:4f:0b:b1:87:e6:98:c6:7b:75:d3:14:0e:cc:7e:7a:c9:2e:
59:ee:0a:28:1f:96:cf:17:c6:01:45:c8:e9:b3:0c:fe:fa:90:
53:4d:3f:39:85:6c:d3:49:5e:ab:c6:6c:7a:cd:99:f2:78:86:
9e:9f:84:6a:51:cf:49:24:6a:03:07:4e:56:ac:43:73:10:89:
a8:87:cb:ed:cb:59:28:cd:51:a4:02:97:8d:19:59:79:bd:01:
75:e2:0b:54:96:5d:09:dd:23:e8:d3:a5:df:52:d4:b0:4d:88:
40:98:1f:4e:59:a2:c8:7a:22:b5:65:b3:5a:b9:64:c4:5e:a1:
2a:bc:92:a1:11:7e:5d:17:c3:73:cc:e3:56:c2:ca:f0:44:58:
2c:cd:dc:28:a0:a5:2b:d4:5d:2b:80:7d:7f:8b:97:d3:e6:13:
a6:27:ec:ab:20:e0:f0:36:df:72:c7:55:02:98:bb:2f:41:f1:
7d:ff:fa:bd:26:14:bf:71:90:03:c6:b2:80:55:54:41:07:7d:
19:a4:5f:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjEwgr5Tc2yFDWnl9xtZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDk1OGZjNGViZmM3MmE1YmJlZDk3MzMxOTBhNmYxNTFkNWI4YzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOThtYRpoSLT5qa6IpYY20z13mEw
nJ536Dmdy+3KKQZgxQKobleUp83AA+3YDF81RTckU6B6UuEZ21462hdqb7MHPODN
c55ubZQ1/xbOhRNWNkbj8xvvrWDJHZGIm+kOLRSoV3p1lwT8X3NQgsUB24ZIHjco
KPATmEZ6VAxOGNWUv2Yxh4QbMZh0JQAf/u1wysOt4GWLwEzRSfpCIPdH42atZZwc
cuk/EdeD3zf7h5sR4oAxxE1Z5yYYj+TRX6y/VqumUFhZJ2MY3tcL3ft1eCF16s6S
+46+1xc1VGLQxeGxJRCSlrxxsQVIGj8q4qUv7nmEa+b5oUD/bBrHv/swWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPCVj8Tr/HKlu+2XMxkKbxUdW4xaMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvOEpXUHhPdjhjcVc3N1pjekdRcHZGUjFiakZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBPA
MA0GCSqGSIb3DQEBCwUAA4IBAQCAnPydyWc0o4ZL6kJBLEsR+yh0nGgmsXEWf7zL
kMGBGZYG/nw431dbx1UTzZPYl/VEcAadfe45Twuxh+aYxnt10xQOzH56yS5Z7goo
H5bPF8YBRcjpswz++pBTTT85hWzTSV6rxmx6zZnyeIaen4RqUc9JJGoDB05WrENz
EImoh8vty1kozVGkApeNGVl5vQF14gtUll0J3SPo06XfUtSwTYhAmB9OWaLIeiK1
ZbNauWTEXqEqvJKhEX5dF8NzzONWwsrwRFgszdwooKUr1F0rgH1/i5fT5hOmJ+yr
IODwNt9yx1UCmLsvQfF9//q9JhS/cZADxrKAVVRBB30ZpF8I
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:57:43 2025 by rpki-client