Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/Q6cjkrSokxtUJmUsJvQ_7Hwg27U.roa
File: Q6cjkrSokxtUJmUsJvQ_7Hwg27U.roa (raw, json)
Hash identifier: m1XnL/411Yf9huGjfl9fr7l+U2VdNJkxGE7M3cXIn3c=
Subject key identifier: 43:A7:23:92:B4:A8:93:1B:54:26:65:2C:26:F4:3F:EC:7C:20:DB:B5
Certificate issuer: /CN=76f311ef1581a00e437cd704b6281ac8621afc56
Certificate serial: 01941F8C7794E2D8F5B4CD90369A8CA5CC81
Authority key identifier: 76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/Q6cjkrSokxtUJmUsJvQ_7Hwg27U.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49078
IP address blocks: 2a04:7140:21::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 07:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:77:94:e2:d8:f5:b4:cd:90:36:9a:8c:a5:cc:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f311ef1581a00e437cd704b6281ac8621afc56
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43a72392b4a8931b5426652c26f43fec7c20dbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cc:8c:f8:72:1a:50:da:63:19:6e:44:89:52:
f5:7c:e9:5d:b6:cb:e9:96:c9:d0:f3:2b:3b:33:b2:
c2:28:a1:6e:2f:70:ee:ea:df:87:22:40:44:97:ab:
a5:43:a1:1d:05:67:78:8a:eb:fd:0d:7d:5c:3a:10:
81:15:df:44:e1:32:40:52:59:62:d9:2b:14:91:b6:
06:bb:df:48:bc:53:ca:b4:4e:fa:64:cd:68:d3:30:
b1:8b:76:21:f9:cc:5b:ff:bd:f0:48:52:83:68:4f:
f4:45:37:e6:1e:78:cf:84:86:fe:61:47:00:4c:46:
ec:30:23:cd:fa:b6:c1:9d:11:a0:7b:2a:dd:f8:37:
fc:5a:6b:6b:72:85:6a:11:2f:28:16:87:aa:c9:d6:
d8:85:91:82:c9:5f:88:ac:38:e4:be:d4:97:a2:37:
60:17:70:5c:d7:65:2c:7a:30:55:00:45:b0:06:f2:
a3:2d:8d:f4:fb:c1:8a:6f:36:56:8e:11:57:a9:3b:
e5:a3:24:b5:d8:9c:87:65:21:a3:00:df:5d:fb:26:
e0:ce:ae:35:d5:5d:5c:2d:7e:90:dc:7e:25:59:18:
d3:07:4c:93:cf:1a:c3:82:03:5c:6d:47:96:83:58:
1e:7c:8a:e5:21:42:73:5b:c5:83:86:be:33:ba:2b:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A7:23:92:B4:A8:93:1B:54:26:65:2C:26:F4:3F:EC:7C:20:DB:B5
X509v3 Authority Key Identifier:
keyid:76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/Q6cjkrSokxtUJmUsJvQ_7Hwg27U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:7140:21::/48
Signature Algorithm: sha256WithRSAEncryption
92:87:30:ac:d1:27:90:d7:78:24:a3:05:e2:62:18:21:0c:5a:
ad:e9:0e:a1:68:54:0d:65:d8:29:ea:cf:04:1a:97:88:86:b6:
41:8c:53:5d:11:12:f5:3f:e2:c3:e3:09:e7:f2:31:f1:0a:01:
77:85:4c:3b:98:e4:36:81:f4:e1:f6:23:38:c5:88:c6:5f:ad:
b5:7c:2d:fe:02:df:9c:69:3e:4b:fb:67:e4:11:73:bf:b2:bc:
de:76:90:b0:11:fa:41:ea:90:00:50:c7:fa:d3:a1:72:3d:8a:
3a:09:67:5e:d6:7e:5e:ba:65:40:dd:25:95:0d:f8:05:ed:9d:
59:66:66:70:9a:7c:15:ed:26:1c:f0:83:1f:1e:1c:4d:df:82:
24:bd:b4:6e:51:1f:08:d7:10:63:9b:91:a9:21:4a:d0:5c:86:
ba:97:08:15:41:c2:66:52:23:6d:38:81:e6:1d:54:16:df:8b:
df:86:8d:93:dd:65:e4:57:46:47:c0:73:61:e5:d6:1f:ca:7c:
bf:d2:fe:a1:e0:09:a7:e9:ee:fd:1b:60:37:1b:fa:f2:80:30:
fb:81:a9:18:b9:28:e8:68:c9:8f:ad:71:a3:f7:4e:a8:0e:5c:
8c:5d:c2:a1:53:ae:53:20:0b:a7:4e:63:f1:eb:7f:cc:06:00:
ba:9d:f6:45
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjHeU4tj1tM2QNpqMpcyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjMxMWVmMTU4MWEwMGU0MzdjZDcwNGI2MjgxYWM4NjIx
YWZjNTYwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E3MjM5MmI0YTg5MzFiNTQyNjY1MmMyNmY0M2ZlYzdjMjBkYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18yM+HIaUNpjGW5EiVL1fOldtsvp
lsnQ8ys7M7LCKKFuL3Du6t+HIkBEl6ulQ6EdBWd4iuv9DX1cOhCBFd9E4TJAUlli
2SsUkbYGu99IvFPKtE76ZM1o0zCxi3Yh+cxb/73wSFKDaE/0RTfmHnjPhIb+YUcA
TEbsMCPN+rbBnRGgeyrd+Df8WmtrcoVqES8oFoeqydbYhZGCyV+IrDjkvtSXojdg
F3Bc12UsejBVAEWwBvKjLY30+8GKbzZWjhFXqTvloyS12JyHZSGjAN9d+ybgzq41
1V1cLX6Q3H4lWRjTB0yTzxrDggNcbUeWg1gefIrlIUJzW8WDhr4zuiuqkQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEOnI5K0qJMbVCZlLCb0P+x8INu1MB8GA1UdIwQY
MBaAFHbzEe8VgaAOQ3zXBLYoGshiGvxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDkt
MTY5NDMxMjk2YzU5LzEvUTZjamtyU29reHRVSm1Vc0p2UV83SHdnMjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDktMTY5NDMxMjk2YzU5
LzEvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgRxQAAh
MA0GCSqGSIb3DQEBCwUAA4IBAQCShzCs0SeQ13gkowXiYhghDFqt6Q6haFQNZdgp
6s8EGpeIhrZBjFNdERL1P+LD4wnn8jHxCgF3hUw7mOQ2gfTh9iM4xYjGX621fC3+
At+caT5L+2fkEXO/srzedpCwEfpB6pAAUMf606FyPYo6CWde1n5eumVA3SWVDfgF
7Z1ZZmZwmnwV7SYc8IMfHhxN34IkvbRuUR8I1xBjm5GpIUrQXIa6lwgVQcJmUiNt
OIHmHVQW34vfho2T3WXkV0ZHwHNh5dYfyny/0v6h4Amn6e79G2A3G/rygDD7gakY
uSjoaMmPrXGj906oDlyMXcKhU65TIAunTmPx63/MBgC6nfZF
-----END CERTIFICATE-----
Generated at Sun Feb 2 14:31:57 2025 by rpki-client