Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa
File: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (raw, json)
Hash identifier: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=
Subject key identifier: 1E:0F:5F:B5:95:3E:F4:06:94:6F:EB:AE:B9:DE:98:2E:61:5E:7A:A7
Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2
Certificate serial: 01942521A6107351247BA277CBA73233EDB6
Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa
Signing time: Thu 02 Jan 2025 03:49:09 +0000
ROA not before: Thu 02 Jan 2025 03:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50225
IP address blocks: 2a12:2500::/32 maxlen: 32
2a12:2501::/32 maxlen: 32
2a12:2502::/32 maxlen: 32
2a12:2503::/32 maxlen: 32
2a12:2504::/32 maxlen: 32
2a12:2505::/32 maxlen: 32
2a12:2506::/32 maxlen: 32
2a12:2507::/32 maxlen: 32
2a12:2700::/32 maxlen: 32
2a12:2701::/32 maxlen: 32
2a12:2702::/32 maxlen: 32
2a12:2703::/32 maxlen: 32
2a12:2704::/32 maxlen: 32
2a12:2705::/32 maxlen: 32
2a12:2706::/32 maxlen: 32
2a12:2707::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a6:10:73:51:24:7b:a2:77:cb:a7:32:33:ed:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2
Validity
Not Before: Jan 2 03:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e0f5fb5953ef406946febaeb9de982e615e7aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e6:f3:f8:49:8e:37:60:b9:fd:53:39:5b:06:
19:5f:d1:22:cb:65:2d:2c:11:de:b0:a1:2d:dd:9e:
2f:c3:0f:61:ab:4e:11:a9:eb:86:16:a2:90:f6:f7:
57:e1:94:24:a2:fb:00:57:12:14:ac:78:7e:97:d1:
b8:15:a2:bf:80:4e:f6:a1:ac:51:33:4d:3e:8b:64:
48:12:60:82:bc:2f:b6:73:ec:10:ef:4d:da:5b:f8:
aa:6c:fd:66:76:b9:ae:5c:05:ab:c1:61:e6:e1:e7:
36:31:85:c2:f8:80:ac:19:15:18:87:48:2b:d8:66:
fb:ed:9d:e6:11:33:63:71:2b:a6:e3:63:ef:f1:95:
72:8e:86:38:84:9e:70:3a:5e:32:ce:cf:f3:af:bf:
ce:b1:5a:d5:70:fa:5e:0f:b8:e1:0d:e0:dc:d7:8c:
79:ff:d5:7a:a3:55:ff:bc:d1:78:bd:0c:89:6a:94:
40:82:86:a9:79:80:b6:b0:27:6b:b3:f0:63:89:f9:
0e:01:eb:77:81:17:f3:cb:a0:cd:f9:b8:1b:fe:66:
e3:ff:19:37:42:ee:91:5f:cf:e5:52:ac:9d:18:50:
a8:c8:c3:77:55:35:68:f9:e9:d0:66:ff:58:93:dc:
84:f3:15:83:68:25:0b:56:80:1a:73:c8:81:34:19:
e3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0F:5F:B5:95:3E:F4:06:94:6F:EB:AE:B9:DE:98:2E:61:5E:7A:A7
X509v3 Authority Key Identifier:
keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:2500::/29
2a12:2700::/29
Signature Algorithm: sha256WithRSAEncryption
84:83:b3:1d:a0:e6:12:b0:15:fa:73:9f:af:17:d0:d6:e7:1c:
3b:59:9c:2d:97:f4:42:c9:5c:21:1a:12:66:b7:77:12:96:61:
6d:ff:7e:da:94:47:8e:df:9d:eb:9d:ac:07:24:12:fe:24:f3:
e9:d0:57:b8:16:91:e7:e9:a4:2a:66:cd:78:2b:27:57:7e:f3:
ea:41:47:7f:b9:5a:bb:cf:85:4a:10:62:ca:9b:f8:b7:d8:80:
b5:f8:77:86:6d:b9:77:17:b5:1e:49:b4:b3:e6:8c:5f:5b:84:
41:cc:41:2e:86:cf:82:e7:9f:c2:66:75:0d:3c:d0:59:68:f8:
ed:51:38:30:fc:bc:60:85:d9:20:d8:aa:1d:b0:f0:83:88:cf:
8b:f5:5f:5a:02:d9:d2:50:bc:84:47:66:92:7b:be:56:03:6d:
10:4d:83:f4:69:61:4a:04:45:9e:47:04:09:3e:61:06:c6:3a:
66:d9:08:32:c2:c6:ff:76:4a:61:c2:3a:77:71:28:a3:d2:13:
ff:31:de:9a:c3:24:49:79:3f:16:3b:84:75:02:ef:c2:2a:64:
00:b1:73:30:89:74:e0:83:ae:ad:5a:02:cc:bd:ed:50:1a:3c:
c7:1e:3e:b4:21:37:45:c5:65:d3:da:d0:bf:42:0d:e4:c6:91:
1a:c0:a6:4d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQlIaYQc1Eke6J3y6cyM+22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi
ZWRmZjIwHhcNMjUwMTAyMDM0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTBmNWZiNTk1M2VmNDA2OTQ2ZmViYWViOWRlOTgyZTYxNWU3YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+bz+EmON2C5/VM5WwYZX9Eiy2Ut
LBHesKEt3Z4vww9hq04RqeuGFqKQ9vdX4ZQkovsAVxIUrHh+l9G4FaK/gE72oaxR
M00+i2RIEmCCvC+2c+wQ703aW/iqbP1mdrmuXAWrwWHm4ec2MYXC+ICsGRUYh0gr
2Gb77Z3mETNjcSum42Pv8ZVyjoY4hJ5wOl4yzs/zr7/OsVrVcPpeD7jhDeDc14x5
/9V6o1X/vNF4vQyJapRAgoapeYC2sCdrs/BjifkOAet3gRfzy6DN+bgb/mbj/xk3
Qu6RX8/lUqydGFCoyMN3VTVo+enQZv9Yk9yE8xWDaCULVoAac8iBNBnjGQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB4PX7WVPvQGlG/rrrnemC5hXnqnMB8GA1UdIwQY
MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt
MDZiNDFlZjEzOThkLzEvSGc5ZnRaVS05QWFVYi11dXVkNllMbUZlZXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk
LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhIlAAMF
AyoSJwAwDQYJKoZIhvcNAQELBQADggEBAISDsx2g5hKwFfpzn68X0NbnHDtZnC2X
9ELJXCEaEma3dxKWYW3/ftqUR47fneudrAckEv4k8+nQV7gWkefppCpmzXgrJ1d+
8+pBR3+5WrvPhUoQYsqb+LfYgLX4d4ZtuXcXtR5JtLPmjF9bhEHMQS6Gz4Lnn8Jm
dQ080Flo+O1RODD8vGCF2SDYqh2w8IOIz4v1X1oC2dJQvIRHZpJ7vlYDbRBNg/Rp
YUoERZ5HBAk+YQbGOmbZCDLCxv92SmHCOndxKKPSE/8x3prDJEl5PxY7hHUC78Iq
ZACxczCJdOCDrq1aAsy97VAaPMcePrQhN0XFZdPa0L9CDeTGkRrApk0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:11 2025 by rpki-client