Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/kRorgpud7Gv2t7-qnEdznmvGrp8.roa
File: kRorgpud7Gv2t7-qnEdznmvGrp8.roa (raw, json)
Hash identifier: SmbflM5MwpwjFBXVKzyAMpAzN/8Vco7bMxyVM9C0LsE=
Subject key identifier: 91:1A:2B:82:9B:9D:EC:6B:F6:B7:BF:AA:9C:47:73:9E:6B:C6:AE:9F
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C7D5BFC591A1C5B840E9109411FA9
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/kRorgpud7Gv2t7-qnEdznmvGrp8.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216409
IP address blocks: 2a12:bec0:440::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7d:5b:fc:59:1a:1c:5b:84:0e:91:09:41:1f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=911a2b829b9dec6bf6b7bfaa9c47739e6bc6ae9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:48:b4:da:ec:79:9d:64:4c:90:1f:e8:04:b5:
f0:45:17:17:1b:e7:19:ad:17:f3:d4:af:0f:9e:55:
66:f4:f0:0d:8b:81:4f:7b:17:b0:08:16:11:68:e2:
0f:87:d9:04:79:ae:dd:ff:71:77:5c:fc:39:bb:fa:
7e:48:04:07:8e:cb:37:5b:11:25:25:e1:03:1f:24:
f5:10:66:04:92:e5:15:54:40:5a:dd:b6:4b:93:bc:
14:f8:e3:c7:03:1a:66:8a:bf:9c:3b:2f:a6:26:7d:
97:e7:a5:b4:90:e2:9f:f7:b1:2b:c3:22:78:9d:58:
1a:54:bc:89:a5:e4:7f:d5:07:13:f8:cb:31:f1:af:
4f:7b:f4:67:da:7b:4b:81:d9:8b:5c:bb:86:89:e4:
69:cf:94:f3:4d:22:e1:cb:9b:80:c6:08:a2:17:31:
d4:89:cc:cf:d8:cc:ac:b6:05:9f:03:13:d0:54:a1:
18:74:a5:be:e7:dd:a3:e5:4f:73:f2:a6:9c:ba:83:
5c:53:70:95:d6:4b:41:02:3d:72:6f:ab:70:5c:28:
cd:5c:0f:84:25:10:0f:f6:24:82:d2:42:01:68:86:
8b:03:f5:3c:b8:8c:cf:7b:6f:65:0b:62:70:8e:81:
04:09:bd:22:98:c2:76:4d:6b:da:e4:f2:5a:cd:ad:
ab:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1A:2B:82:9B:9D:EC:6B:F6:B7:BF:AA:9C:47:73:9E:6B:C6:AE:9F
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/kRorgpud7Gv2t7-qnEdznmvGrp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:440::/44
Signature Algorithm: sha256WithRSAEncryption
8e:b7:66:27:48:4e:17:1c:20:08:36:d5:a1:35:80:72:ce:07:
ef:b3:c7:9b:47:20:f7:1a:f8:94:40:3b:70:d2:e3:ea:41:b5:
95:f6:ff:f8:ef:eb:bf:e7:24:bc:b3:8d:98:55:1f:5b:de:12:
52:fd:25:59:9e:a5:70:46:a6:a6:63:6a:3a:e9:65:0f:47:29:
04:72:0e:cb:81:bc:01:18:2e:d0:e6:a0:12:4b:2a:ce:ec:0b:
f7:7c:4d:c4:ff:7f:bb:61:d4:79:32:8b:38:a3:17:c3:3a:aa:
e1:40:15:0f:7e:36:5f:a0:e5:31:0c:7d:86:10:36:1e:e7:a0:
d9:ac:f6:dc:29:7d:1b:7d:d8:aa:a6:be:bf:51:ce:a4:b0:3a:
2a:b5:51:1d:0a:b7:f8:8a:60:c3:03:99:90:b0:ce:2c:4b:0b:
65:4d:4d:77:bf:56:4e:f9:7e:7c:47:83:31:b0:7e:00:34:c6:
ee:be:0b:e1:09:19:e4:3d:2b:a9:92:64:ce:df:cc:98:cc:f0:
14:c1:49:cd:8b:48:11:30:03:28:bb:27:aa:55:ab:b6:92:23:
60:63:57:ca:29:6a:4f:30:c0:90:ad:15:ff:59:63:f5:16:b9:
27:f7:59:73:e7:65:bf:7c:9c:47:6d:49:ec:5e:af:f4:84:54:
75:5f:1e:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjH1b/FkaHFuEDpEJQR+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFhMmI4MjliOWRlYzZiZjZiN2JmYWE5YzQ3NzM5ZTZiYzZhZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Ei02ux5nWRMkB/oBLXwRRcXG+cZ
rRfz1K8PnlVm9PANi4FPexewCBYRaOIPh9kEea7d/3F3XPw5u/p+SAQHjss3WxEl
JeEDHyT1EGYEkuUVVEBa3bZLk7wU+OPHAxpmir+cOy+mJn2X56W0kOKf97ErwyJ4
nVgaVLyJpeR/1QcT+Msx8a9Pe/Rn2ntLgdmLXLuGieRpz5TzTSLhy5uAxgiiFzHU
iczP2MystgWfAxPQVKEYdKW+592j5U9z8qacuoNcU3CV1ktBAj1yb6twXCjNXA+E
JRAP9iSC0kIBaIaLA/U8uIzPe29lC2JwjoEECb0imMJ2TWva5PJaza2rywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJEaK4Kbnexr9re/qpxHc55rxq6fMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEva1JvcmdwdWQ3R3YydDctcW5FZHpubXZHcnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wARA
MA0GCSqGSIb3DQEBCwUAA4IBAQCOt2YnSE4XHCAINtWhNYByzgfvs8ebRyD3GviU
QDtw0uPqQbWV9v/47+u/5yS8s42YVR9b3hJS/SVZnqVwRqamY2o66WUPRykEcg7L
gbwBGC7Q5qASSyrO7Av3fE3E/3+7YdR5Mos4oxfDOqrhQBUPfjZfoOUxDH2GEDYe
56DZrPbcKX0bfdiqpr6/Uc6ksDoqtVEdCrf4imDDA5mQsM4sSwtlTU13v1ZO+X58
R4MxsH4ANMbuvgvhCRnkPSupkmTO38yYzPAUwUnNi0gRMAMouyeqVau2kiNgY1fK
KWpPMMCQrRX/WWP1Frkn91lz52W/fJxHbUnsXq/0hFR1Xx7b
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:21:39 2025 by rpki-client