Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/D11OUUhDT5UjGqOO2sYVKlSZfd0.roa
File: D11OUUhDT5UjGqOO2sYVKlSZfd0.roa (raw, json)
Hash identifier: 1HSM7rlxpcn34ZRTxOgco4d9oki6ca3htijNuPzC2SI=
Subject key identifier: 0F:5D:4E:51:48:43:4F:95:23:1A:A3:8E:DA:C6:15:2A:54:99:7D:DD
Certificate issuer: /CN=5bf5bda583652e0587fef84166b41f6cda8f1f78
Certificate serial: 01946259AC21C2E0F82A5DA8D04BF4FA746A
Authority key identifier: 5B:F5:BD:A5:83:65:2E:05:87:FE:F8:41:66:B4:1F:6C:DA:8F:1F:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/D11OUUhDT5UjGqOO2sYVKlSZfd0.roa
Signing time: Tue 14 Jan 2025 01:07:11 +0000
ROA not before: Tue 14 Jan 2025 01:07:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199124
IP address blocks: 69.30.89.0/24 maxlen: 24
91.218.78.0/23 maxlen: 23
91.218.79.0/24 maxlen: 24
2a09:a380::/40 maxlen: 40
2a09:a380:1::/48 maxlen: 48
2a09:a380:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/W_W9pYNlLgWH_vhBZrQfbNqPH3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/W_W9pYNlLgWH_vhBZrQfbNqPH3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Mar 2025 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:62:59:ac:21:c2:e0:f8:2a:5d:a8:d0:4b:f4:fa:74:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf5bda583652e0587fef84166b41f6cda8f1f78
Validity
Not Before: Jan 14 01:07:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f5d4e5148434f95231aa38edac6152a54997ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5c:df:bc:aa:1b:52:03:f9:c9:8d:7d:aa:83:
29:d3:09:dc:70:e1:d9:c3:a9:3e:98:d9:3f:6f:b2:
aa:f6:98:71:b9:df:a0:44:64:ba:8f:e9:39:5e:66:
1d:8f:43:72:a3:b2:88:66:79:89:ee:8e:0c:ba:fd:
1d:37:41:69:4d:38:3e:34:c9:11:6f:63:cc:47:58:
6d:a0:ec:25:b2:14:3a:82:89:16:af:6a:84:c2:05:
0c:49:b7:71:4d:58:9d:80:03:54:cf:70:4b:c9:27:
67:51:0a:58:13:1d:f9:c8:27:78:f8:00:07:28:e4:
dc:33:1e:4c:f1:55:aa:d3:49:95:e5:f3:e7:fb:2e:
4e:dc:53:f5:e0:21:25:37:2e:ad:3b:e0:ea:83:e6:
ee:3e:90:e1:bb:59:38:cf:48:31:9a:a0:9a:57:c1:
f8:14:c8:21:ae:be:56:56:dd:91:2d:b8:10:95:5f:
cf:06:0d:7c:ca:99:00:bc:42:23:0a:ff:1d:e8:e1:
95:08:98:06:85:40:80:7e:76:98:a7:e6:5c:d8:62:
21:87:e9:a2:87:ae:fd:85:2f:de:f8:4c:f4:36:59:
5f:4d:ad:b5:34:d4:e9:55:6b:47:33:f4:d0:fd:6b:
2d:a0:37:01:f2:24:2d:19:c3:9f:5f:c9:4e:83:85:
71:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5D:4E:51:48:43:4F:95:23:1A:A3:8E:DA:C6:15:2A:54:99:7D:DD
X509v3 Authority Key Identifier:
keyid:5B:F5:BD:A5:83:65:2E:05:87:FE:F8:41:66:B4:1F:6C:DA:8F:1F:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/D11OUUhDT5UjGqOO2sYVKlSZfd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/W_W9pYNlLgWH_vhBZrQfbNqPH3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.30.89.0/24
91.218.78.0/23
IPv6:
2a09:a380::/40
Signature Algorithm: sha256WithRSAEncryption
1c:84:5f:e0:f8:f4:11:06:1b:1e:50:8b:95:3f:5b:0a:1b:ee:
a0:e7:0f:15:07:59:f5:ae:5e:97:25:14:79:c1:89:86:15:36:
c2:f4:f3:18:ec:65:34:d0:c4:6e:64:94:04:f7:0a:7c:ba:62:
9f:c0:34:c4:62:5c:6d:fe:3f:0a:f3:d4:48:35:19:28:f0:da:
1d:cb:b1:e9:66:b3:c3:15:c9:88:a5:77:68:9d:8a:c0:f2:de:
3f:03:81:8e:fc:ea:67:6d:70:f6:1c:10:10:3e:61:08:d6:72:
61:f7:36:58:9c:e0:6c:fa:53:09:66:77:8c:b4:1f:10:a8:9f:
8f:d5:6c:8b:95:ff:fb:ad:3a:fa:69:1f:f5:fc:c8:55:dc:26:
2c:da:06:1c:3a:e1:f0:4b:d0:f9:67:d9:83:37:be:7c:ba:20:
ce:9c:2a:53:5f:c1:90:34:03:ab:b0:08:13:37:38:e2:90:1b:
ea:4b:bd:c6:90:e2:a7:15:f8:cc:fd:30:b2:db:d2:41:c0:44:
fd:74:35:92:b9:05:ec:9c:ee:41:f5:26:ab:83:a0:89:62:c2:
7e:9f:96:72:da:28:31:d3:c0:c9:6e:c6:29:39:5e:00:b2:4c:
7e:90:64:78:fd:4d:1c:4b:a9:9a:c7:6c:c6:c9:52:c0:53:b9:
9d:87:b2:cc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZRiWawhwuD4Kl2o0Ev0+nRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjViZGE1ODM2NTJlMDU4N2ZlZjg0MTY2YjQxZjZjZGE4
ZjFmNzgwHhcNMjUwMTE0MDEwNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjVkNGU1MTQ4NDM0Zjk1MjMxYWEzOGVkYWM2MTUyYTU0OTk3ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVzfvKobUgP5yY19qoMp0wnccOHZ
w6k+mNk/b7Kq9phxud+gRGS6j+k5XmYdj0Nyo7KIZnmJ7o4Muv0dN0FpTTg+NMkR
b2PMR1htoOwlshQ6gokWr2qEwgUMSbdxTVidgANUz3BLySdnUQpYEx35yCd4+AAH
KOTcMx5M8VWq00mV5fPn+y5O3FP14CElNy6tO+Dqg+buPpDhu1k4z0gxmqCaV8H4
FMghrr5WVt2RLbgQlV/PBg18ypkAvEIjCv8d6OGVCJgGhUCAfnaYp+Zc2GIhh+mi
h679hS/e+Ez0NllfTa21NNTpVWtHM/TQ/WstoDcB8iQtGcOfX8lOg4VxDwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFA9dTlFIQ0+VIxqjjtrGFSpUmX3dMB8GA1UdIwQY
MBaAFFv1vaWDZS4Fh/74QWa0H2zajx94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19XOXBZTmxMZ1dIX3ZoQlpyUWZiTnFQSDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jN2I3ZGQtMWY3MC00YmFlLTlkNmMt
MmE3OWU1ZDIyYWUxLzEvRDExT1VVaERUNVVqR3FPTzJzWVZLbFNaZmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jN2I3ZGQtMWY3MC00YmFlLTlkNmMtMmE3OWU1ZDIyYWUx
LzEvV19XOXBZTmxMZ1dIX3ZoQlpyUWZiTnFQSDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQARR5ZAwQB
W9pOMA4EAgACMAgDBgAqCaOAADANBgkqhkiG9w0BAQsFAAOCAQEAHIRf4Pj0EQYb
HlCLlT9bChvuoOcPFQdZ9a5elyUUecGJhhU2wvTzGOxlNNDEbmSUBPcKfLpin8A0
xGJcbf4/CvPUSDUZKPDaHcux6WazwxXJiKV3aJ2KwPLePwOBjvzqZ21w9hwQED5h
CNZyYfc2WJzgbPpTCWZ3jLQfEKifj9Vsi5X/+606+mkf9fzIVdwmLNoGHDrh8EvQ
+WfZgze+fLogzpwqU1/BkDQDq7AIEzc44pAb6ku9xpDipxX4zP0wstvSQcBE/XQ1
krkF7JzuQfUmq4OgiWLCfp+WctooMdPAyW7GKTleALJMfpBkeP1NHEupmsdsxslS
wFO5nYeyzA==
-----END CERTIFICATE-----
Generated at Mon Mar 10 22:08:20 2025 by rpki-client