Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/6-NzyccAUUtINjY98ZwTPTgTOqw.roa
File: 6-NzyccAUUtINjY98ZwTPTgTOqw.roa (raw, json)
Hash identifier: VRIswTWRK8wp1kBAJ6oGriHopkql4l7787Pjx0zb2Uk=
Subject key identifier: EB:E3:73:C9:C7:00:51:4B:48:36:36:3D:F1:9C:13:3D:38:13:3A:AC
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 01942747D9232B6AD3A316E7F64C566EEAFF
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/6-NzyccAUUtINjY98ZwTPTgTOqw.roa
Signing time: Thu 02 Jan 2025 13:50:07 +0000
ROA not before: Thu 02 Jan 2025 13:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44534
IP address blocks: 2a0e:fd87::/48 maxlen: 48
2a0e:fd87:1::/48 maxlen: 48
2a0e:fd87:3::/48 maxlen: 48
2a0e:fd87:4::/48 maxlen: 48
2a0e:fd87:5::/48 maxlen: 48
2a0e:fd87:6::/48 maxlen: 48
2a0e:fd87:7::/48 maxlen: 48
2a0e:fd87:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d9:23:2b:6a:d3:a3:16:e7:f6:4c:56:6e:ea:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Jan 2 13:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebe373c9c700514b4836363df19c133d38133aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:29:f8:c1:ad:82:59:ed:13:eb:0e:4e:3c:a2:
db:c9:06:4a:de:67:1a:28:e4:9a:bf:6b:d8:31:04:
3d:37:d1:9c:49:eb:4d:b5:f7:97:c4:b6:48:ce:13:
4a:bc:71:c1:ef:b4:38:4a:4c:5f:e8:64:f9:44:2d:
a2:77:e0:e1:65:ca:80:1c:3a:7e:c9:2e:d0:db:ff:
af:ae:7e:fa:7d:f6:cc:b0:cf:22:4d:d6:59:17:b9:
1d:22:83:e3:6f:04:c4:34:ef:63:10:49:02:9a:fb:
d5:7a:d0:2d:e3:56:58:79:b8:43:6c:1e:3d:46:aa:
e4:a3:e6:80:2b:73:71:70:30:32:9a:b4:d4:b8:f9:
b0:17:d0:23:52:fd:eb:01:f3:fd:4b:5d:81:a9:f5:
d5:28:02:f6:70:09:81:b3:d2:3c:f1:bc:b5:24:e5:
49:02:88:15:56:50:d4:40:b6:18:a7:0e:0e:97:ec:
0b:d4:8f:f4:2b:d5:fd:b5:02:34:33:7d:9f:51:c4:
96:a3:f7:22:62:43:55:9c:c5:1f:96:30:e9:74:82:
b1:cb:83:98:8e:86:a5:74:56:5a:26:16:ca:65:59:
f2:f4:28:b9:d6:b6:ef:9c:59:be:6e:a4:11:db:2e:
21:7c:f1:55:8a:83:51:c7:d5:6b:a3:b3:a5:d0:45:
0e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E3:73:C9:C7:00:51:4B:48:36:36:3D:F1:9C:13:3D:38:13:3A:AC
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/6-NzyccAUUtINjY98ZwTPTgTOqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd87::/47
2a0e:fd87:3::-2a0e:fd87:7:ffff:ffff:ffff:ffff:ffff
2a0e:fd87:9::/48
Signature Algorithm: sha256WithRSAEncryption
96:27:14:46:9d:6f:d3:b6:29:ba:4b:7e:f0:72:90:66:0a:37:
dc:53:a0:e8:fd:5f:bf:6c:8d:3a:03:7c:9c:32:0d:b0:bf:c2:
96:ab:96:e3:67:df:0e:9d:fe:dd:43:a6:1d:90:68:50:4b:d5:
6d:08:4b:62:5a:7f:7a:7a:49:d4:9a:ea:f3:ac:3a:20:e5:cf:
c0:22:48:00:60:f7:05:a2:8c:b3:25:e9:96:31:de:ea:07:87:
c5:79:00:1e:a6:ca:57:62:72:a8:e3:02:3d:79:43:40:3b:9b:
34:65:db:57:c5:8c:c6:e5:d2:b4:bc:dc:72:e2:22:fc:e1:d0:
03:18:e0:2e:17:bc:b5:e4:dd:c4:38:47:24:92:a1:ee:d6:10:
e4:bd:23:b8:16:5d:2c:8f:03:ee:f9:ca:d6:9d:47:03:50:68:
9b:d2:80:db:76:b5:0e:7e:07:95:ac:c9:07:fa:90:2b:5d:e6:
4a:12:29:7b:8b:d0:00:e5:12:5f:a8:18:d2:0a:43:c9:29:55:
6a:48:2a:98:8c:60:5b:da:62:75:ab:49:22:49:94:60:ab:fd:
49:ad:01:51:82:cc:10:96:51:74:50:2c:47:e6:03:bf:c4:ee:
eb:cf:a2:0a:89:2b:ba:95:17:0b:5d:38:e3:4a:c6:77:7a:3e:
14:b1:46:54
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQnR9kjK2rToxbn9kxWbur/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjUwMTAyMTM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmUzNzNjOWM3MDA1MTRiNDgzNjM2M2RmMTljMTMzZDM4MTMzYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+yn4wa2CWe0T6w5OPKLbyQZK3mca
KOSav2vYMQQ9N9GcSetNtfeXxLZIzhNKvHHB77Q4Skxf6GT5RC2id+DhZcqAHDp+
yS7Q2/+vrn76ffbMsM8iTdZZF7kdIoPjbwTENO9jEEkCmvvVetAt41ZYebhDbB49
Rqrko+aAK3NxcDAymrTUuPmwF9AjUv3rAfP9S12BqfXVKAL2cAmBs9I88by1JOVJ
AogVVlDUQLYYpw4Ol+wL1I/0K9X9tQI0M32fUcSWo/ciYkNVnMUfljDpdIKxy4OY
joaldFZaJhbKZVny9Ci51rbvnFm+bqQR2y4hfPFVioNRx9Vro7Ol0EUOXQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOvjc8nHAFFLSDY2PfGcEz04EzqsMB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvNi1OenljY0FVVXRJTmpZOThad1RQVGdUT3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcBKg79hwAA
MBIDBwAqDv2HAAMDBwMqDv2HAAADBwAqDv2HAAkwDQYJKoZIhvcNAQELBQADggEB
AJYnFEadb9O2KbpLfvBykGYKN9xToOj9X79sjToDfJwyDbC/wparluNn3w6d/t1D
ph2QaFBL1W0IS2Jaf3p6SdSa6vOsOiDlz8AiSABg9wWijLMl6ZYx3uoHh8V5AB6m
yldicqjjAj15Q0A7mzRl21fFjMbl0rS83HLiIvzh0AMY4C4XvLXk3cQ4RySSoe7W
EOS9I7gWXSyPA+75ytadRwNQaJvSgNt2tQ5+B5WsyQf6kCtd5koSKXuL0ADlEl+o
GNIKQ8kpVWpIKpiMYFvaYnWrSSJJlGCr/UmtAVGCzBCWUXRQLEfmA7/E7uvPogqJ
K7qVFwtdOONKxnd6PhSxRlQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:42:55 2025 by rpki-client