Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/sscr1AKks234H4_aH9W5QOyjBo0.roa
File: sscr1AKks234H4_aH9W5QOyjBo0.roa (raw, json)
Hash identifier: QpgjlQcIAUxRiyA26HjeU1kRMWG1ZaRrrHu8xWpWD0Y=
Subject key identifier: B2:C7:2B:D4:02:A4:B3:6D:F8:1F:8F:DA:1F:D5:B9:40:EC:A3:06:8D
Certificate issuer: /CN=5bf5bda583652e0587fef84166b41f6cda8f1f78
Certificate serial: 01956D032E504745793073D299E623D2402A
Authority key identifier: 5B:F5:BD:A5:83:65:2E:05:87:FE:F8:41:66:B4:1F:6C:DA:8F:1F:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/sscr1AKks234H4_aH9W5QOyjBo0.roa
Signing time: Thu 06 Mar 2025 19:51:19 +0000
ROA not before: Thu 06 Mar 2025 19:51:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2a09:a380:100::/40 maxlen: 40
2a09:a380:200::/40 maxlen: 40
2a09:a380:300::/40 maxlen: 40
2a09:a380:400::/40 maxlen: 40
2a09:a380:500::/40 maxlen: 40
2a09:a380:600::/40 maxlen: 40
2a09:a380:700::/40 maxlen: 40
2a09:a380:800::/40 maxlen: 40
2a09:a380:900::/40 maxlen: 40
2a09:a380:a00::/40 maxlen: 40
2a09:a380:b00::/40 maxlen: 40
2a09:a380:c00::/40 maxlen: 40
2a09:a380:d00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/W_W9pYNlLgWH_vhBZrQfbNqPH3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/W_W9pYNlLgWH_vhBZrQfbNqPH3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6d:03:2e:50:47:45:79:30:73:d2:99:e6:23:d2:40:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf5bda583652e0587fef84166b41f6cda8f1f78
Validity
Not Before: Mar 6 19:51:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2c72bd402a4b36df81f8fda1fd5b940eca3068d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4d:77:1f:0d:81:0d:43:ad:2b:60:1c:17:ed:
80:df:e7:aa:ff:13:71:0c:2c:ea:08:dd:14:b9:10:
70:c2:39:bd:5f:66:1b:ab:a9:d8:d4:c6:70:3f:34:
e7:3f:75:e8:3f:01:aa:4e:7b:67:21:c9:dd:39:99:
df:5d:09:ab:b1:5b:7c:bb:f5:46:91:a1:0d:49:c0:
f3:67:e0:9a:c5:7e:01:59:1d:bc:a1:d6:97:58:bb:
b9:1a:6e:16:aa:d2:63:0f:30:c8:82:20:8f:31:19:
65:b3:53:93:78:48:7d:9c:bb:29:78:f7:10:7b:e4:
c3:b0:83:e5:13:60:23:a9:4d:95:26:71:7d:76:8f:
ad:03:35:0a:8d:ec:b8:68:93:07:3b:d6:e0:c2:23:
07:2b:04:5f:b9:7d:4d:d0:0b:26:55:f3:f0:6a:f8:
68:9a:e7:88:b9:a3:be:06:93:45:97:e7:b9:33:c3:
83:e2:e2:0a:bd:ca:c5:3d:d4:22:69:85:82:a5:8e:
a7:2a:e8:a2:62:83:89:04:37:a4:de:11:a2:44:92:
d6:50:8e:f4:69:95:c3:80:00:6a:25:d2:4a:48:61:
42:50:02:bf:dc:15:62:d8:6a:81:4d:09:83:28:f3:
11:89:ee:08:9d:61:98:df:65:cb:2d:f4:6b:c9:eb:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C7:2B:D4:02:A4:B3:6D:F8:1F:8F:DA:1F:D5:B9:40:EC:A3:06:8D
X509v3 Authority Key Identifier:
keyid:5B:F5:BD:A5:83:65:2E:05:87:FE:F8:41:66:B4:1F:6C:DA:8F:1F:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_W9pYNlLgWH_vhBZrQfbNqPH3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/sscr1AKks234H4_aH9W5QOyjBo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c7b7dd-1f70-4bae-9d6c-2a79e5d22ae1/1/W_W9pYNlLgWH_vhBZrQfbNqPH3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a380:100::-2a09:a380:dff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a5:20:c0:e4:a1:10:48:bd:49:a5:3b:63:33:79:46:53:38:c6:
a1:58:0d:bb:d1:97:f4:74:48:ec:12:f9:5f:7d:ad:d4:59:0e:
12:33:92:0c:63:e2:8c:51:96:4f:20:c1:dc:c1:49:f1:fe:69:
08:15:24:08:22:c7:a4:46:ce:e6:a1:30:81:76:90:01:fa:30:
95:e1:d9:9a:29:02:ca:aa:54:97:9f:bb:0e:2a:ce:7c:5d:b4:
8e:f7:ed:39:fb:21:65:96:17:0e:88:03:d8:9f:97:35:63:98:
4e:6c:ea:64:81:5b:c1:3e:a1:20:c2:e8:fb:1f:e4:a1:19:eb:
dd:34:89:8b:bc:2e:a4:ba:43:d7:b4:c9:48:88:ec:58:c2:e9:
3f:76:b8:00:e1:d6:65:2f:3c:87:d7:df:29:33:a0:63:f6:d1:
2a:cd:ee:34:7d:cc:91:bd:b9:b7:a4:a4:f4:ae:37:97:64:67:
76:53:d5:16:c3:46:e9:87:20:f7:c1:04:07:28:f9:3a:cd:8c:
c8:6b:c2:e5:d6:10:28:9a:a4:d9:e1:33:34:d8:01:25:44:13:
c2:24:20:46:ad:ce:09:5b:70:33:53:df:35:a8:dc:38:2a:f2:
f4:a5:b9:08:37:74:2f:5d:85:d4:0f:8b:b0:be:d7:bf:de:ce:
2d:fb:91:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVtAy5QR0V5MHPSmeYj0kAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjViZGE1ODM2NTJlMDU4N2ZlZjg0MTY2YjQxZjZjZGE4
ZjFmNzgwHhcNMjUwMzA2MTk1MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmM3MmJkNDAyYTRiMzZkZjgxZjhmZGExZmQ1Yjk0MGVjYTMwNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk13Hw2BDUOtK2AcF+2A3+eq/xNx
DCzqCN0UuRBwwjm9X2Ybq6nY1MZwPzTnP3XoPwGqTntnIcndOZnfXQmrsVt8u/VG
kaENScDzZ+CaxX4BWR28odaXWLu5Gm4WqtJjDzDIgiCPMRlls1OTeEh9nLspePcQ
e+TDsIPlE2AjqU2VJnF9do+tAzUKjey4aJMHO9bgwiMHKwRfuX1N0AsmVfPwavho
mueIuaO+BpNFl+e5M8OD4uIKvcrFPdQiaYWCpY6nKuiiYoOJBDek3hGiRJLWUI70
aZXDgABqJdJKSGFCUAK/3BVi2GqBTQmDKPMRie4InWGY32XLLfRryetR+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLLHK9QCpLNt+B+P2h/VuUDsowaNMB8GA1UdIwQY
MBaAFFv1vaWDZS4Fh/74QWa0H2zajx94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19XOXBZTmxMZ1dIX3ZoQlpyUWZiTnFQSDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jN2I3ZGQtMWY3MC00YmFlLTlkNmMt
MmE3OWU1ZDIyYWUxLzEvc3NjcjFBS2tzMjM0SDRfYUg5VzVRT3lqQm8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jN2I3ZGQtMWY3MC00YmFlLTlkNmMtMmE3OWU1ZDIyYWUx
LzEvV19XOXBZTmxMZ1dIX3ZoQlpyUWZiTnFQSDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgAqCaOA
AQMGASoJo4AMMA0GCSqGSIb3DQEBCwUAA4IBAQClIMDkoRBIvUmlO2MzeUZTOMah
WA270Zf0dEjsEvlffa3UWQ4SM5IMY+KMUZZPIMHcwUnx/mkIFSQIIsekRs7moTCB
dpAB+jCV4dmaKQLKqlSXn7sOKs58XbSO9+05+yFllhcOiAPYn5c1Y5hObOpkgVvB
PqEgwuj7H+ShGevdNImLvC6kukPXtMlIiOxYwuk/drgA4dZlLzyH198pM6Bj9tEq
ze40fcyRvbm3pKT0rjeXZGd2U9UWw0bphyD3wQQHKPk6zYzIa8Ll1hAomqTZ4TM0
2AElRBPCJCBGrc4JW3AzU981qNw4KvL0pbkIN3QvXYXUD4uwvte/3s4t+5Hs
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:47:28 2025 by rpki-client