Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/opuCp-HYAQX3DdKwhJmnBKNzIFw.roa
File: opuCp-HYAQX3DdKwhJmnBKNzIFw.roa (raw, json)
Hash identifier: NEe/Q/0K0Y8eFSdXUhwB0jJ+kgmQWRmlsrAGzpOcVIQ=
Subject key identifier: A2:9B:82:A7:E1:D8:01:05:F7:0D:D2:B0:84:99:A7:04:A3:73:20:5C
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 0196EE242D0C55E54F4D5E5637B503C496FF
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/opuCp-HYAQX3DdKwhJmnBKNzIFw.roa
Signing time: Tue 20 May 2025 14:41:10 +0000
ROA not before: Tue 20 May 2025 14:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211507
IP address blocks: 2a14:c380::/44 maxlen: 44
2a14:c380:10::/44 maxlen: 44
2a14:c380:20::/44 maxlen: 44
2a14:c380:30::/44 maxlen: 44
2a14:c380:40::/44 maxlen: 44
2a14:c380:50::/44 maxlen: 44
2a14:c380:60::/44 maxlen: 44
2a14:c380:70::/44 maxlen: 44
2a14:c380:80::/44 maxlen: 44
2a14:c380:90::/44 maxlen: 44
2a14:c380:100::/44 maxlen: 44
2a14:c380:110::/44 maxlen: 44
2a14:c380:120::/44 maxlen: 44
2a14:c380:130::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:24:2d:0c:55:e5:4f:4d:5e:56:37:b5:03:c4:96:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: May 20 14:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a29b82a7e1d80105f70dd2b08499a704a373205c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d8:45:43:6c:53:da:8a:33:9d:36:5d:ea:50:
de:b4:3a:5c:df:41:1d:d2:c4:ff:43:a3:dd:b8:56:
93:ed:5e:5b:27:be:1a:ae:32:bc:2d:83:f9:84:dd:
35:94:0e:a3:73:a3:f7:2d:51:f4:d3:84:13:8e:e1:
9f:be:db:0e:64:7c:92:68:94:77:a3:98:67:a7:2b:
9e:67:9c:5a:70:2d:47:53:59:95:df:08:4e:fc:67:
d4:68:44:24:4e:93:c5:80:8c:af:31:d4:5a:f3:88:
03:f9:dd:35:44:c4:ef:c8:a1:5e:51:d3:5f:69:79:
53:20:52:02:fb:6a:e3:4f:ab:42:6a:4f:be:bf:d7:
f0:ac:9b:37:4e:a6:55:7f:77:47:75:fb:a6:04:f3:
99:65:9f:4f:12:78:25:71:15:6b:75:42:7b:a0:10:
5e:a6:e5:12:01:34:5d:16:9f:44:2f:28:b6:cf:5e:
1d:ce:08:a6:6a:79:1a:73:5c:69:2c:8a:ca:ce:16:
32:fb:d0:5c:4e:aa:de:eb:92:16:3c:7a:13:84:b3:
c5:90:19:88:ae:5c:7e:65:b7:e1:dc:81:98:0e:89:
e4:96:18:e6:a8:12:1a:00:2f:eb:4e:f9:36:93:6d:
45:57:05:fe:01:8f:77:77:dc:85:50:27:86:f5:cf:
7a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9B:82:A7:E1:D8:01:05:F7:0D:D2:B0:84:99:A7:04:A3:73:20:5C
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/opuCp-HYAQX3DdKwhJmnBKNzIFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380::-2a14:c380:9f:ffff:ffff:ffff:ffff:ffff
2a14:c380:100::/42
Signature Algorithm: sha256WithRSAEncryption
86:dc:a4:4a:fc:47:94:c9:f9:46:88:9e:00:05:18:ac:06:4e:
5a:75:9f:30:b2:a2:f7:71:10:a7:ab:6e:22:d1:d7:f1:ae:4b:
b1:f2:4d:8f:ac:56:aa:0c:0b:25:93:80:e3:5b:2a:d4:54:9d:
ab:6e:4b:db:ab:b6:07:af:2e:b0:5a:b3:5b:20:f3:ac:4f:54:
7b:f4:d6:d4:55:b5:38:4d:b7:c3:7d:5c:91:84:4b:63:0e:8e:
c0:98:cc:56:74:7b:61:db:c8:ad:c0:41:00:20:04:6f:cb:ca:
88:19:03:b2:58:27:19:aa:45:59:4d:60:6d:35:e0:13:48:0d:
95:4e:4c:f2:d4:8a:44:e2:55:53:fc:fd:55:98:2a:49:63:b8:
8b:33:a2:de:b2:3e:fc:71:fb:4e:fa:a0:e2:ed:58:8f:f8:0c:
a2:3a:02:35:8c:98:eb:67:d5:2f:74:35:63:cd:6d:bc:f4:87:
43:e4:dd:ae:db:49:94:36:74:1a:06:87:01:ea:6f:54:c2:37:
16:ad:db:64:d3:ef:f9:c3:b0:66:0a:a7:8b:d9:f0:6c:10:3f:
3b:c9:eb:07:a5:54:8a:5f:fe:c7:82:a9:0b:07:e0:be:59:d9:
6c:ff:7b:00:5f:47:68:5d:ae:e7:1a:7a:f0:0e:ef:0c:cc:e8:
de:17:f1:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZbuJC0MVeVPTV5WN7UDxJb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjUwNTIwMTQ0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjliODJhN2UxZDgwMTA1ZjcwZGQyYjA4NDk5YTcwNGEzNzMyMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdhFQ2xT2ooznTZd6lDetDpc30Ed
0sT/Q6PduFaT7V5bJ74arjK8LYP5hN01lA6jc6P3LVH004QTjuGfvtsOZHySaJR3
o5hnpyueZ5xacC1HU1mV3whO/GfUaEQkTpPFgIyvMdRa84gD+d01RMTvyKFeUdNf
aXlTIFIC+2rjT6tCak++v9fwrJs3TqZVf3dHdfumBPOZZZ9PEnglcRVrdUJ7oBBe
puUSATRdFp9ELyi2z14dzgimankac1xpLIrKzhYy+9BcTqre65IWPHoThLPFkBmI
rlx+Zbfh3IGYDonklhjmqBIaAC/rTvk2k21FVwX+AY93d9yFUCeG9c96nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKKbgqfh2AEF9w3SsISZpwSjcyBcMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvb3B1Q3AtSFlBUVgzRGRLd2hKbW5CS056SUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBADBQcqFMOA
AwcFKhTDgACAAwcGKhTDgAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCG3KRK/EeUyflG
iJ4ABRisBk5adZ8wsqL3cRCnq24i0dfxrkux8k2PrFaqDAslk4DjWyrUVJ2rbkvb
q7YHry6wWrNbIPOsT1R79NbUVbU4TbfDfVyRhEtjDo7AmMxWdHth28itwEEAIARv
y8qIGQOyWCcZqkVZTWBtNeATSA2VTkzy1IpE4lVT/P1VmCpJY7iLM6Lesj78cftO
+qDi7ViP+AyiOgI1jJjrZ9UvdDVjzW289IdD5N2u20mUNnQaBocB6m9UwjcWrdtk
0+/5w7BmCqeL2fBsED87yesHpVSKX/7HgqkLB+C+Wdls/3sAX0doXa7nGnrwDu8M
zOjeF/Er
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:36:09 2025 by rpki-client