Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/fUAyjzobbYqY4LtTx9KW62S7ym8.roa
File: fUAyjzobbYqY4LtTx9KW62S7ym8.roa (raw, json)
Hash identifier: IdzdGJHWpk15Q0jGSrpbWLOfiHsRudIY06wcbYibU3s=
Subject key identifier: 7D:40:32:8F:3A:1B:6D:8A:98:E0:BB:53:C7:D2:96:EB:64:BB:CA:6F
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 019427B65D66C189DADF9BF7669611918866
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/fUAyjzobbYqY4LtTx9KW62S7ym8.roa
Signing time: Thu 02 Jan 2025 15:50:50 +0000
ROA not before: Thu 02 Jan 2025 15:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56781
IP address blocks: 2a10:ba87:ff00::/44 maxlen: 44
2a10:ba87:ff10::/44 maxlen: 44
2a10:ba87:ff20::/44 maxlen: 44
2a10:ba87:ff30::/44 maxlen: 44
2a10:ba87:ff40::/44 maxlen: 44
2a10:ba87:ff50::/44 maxlen: 44
2a10:ba87:ff60::/44 maxlen: 44
2a10:ba87:ff70::/44 maxlen: 44
2a10:ba87:ff80::/44 maxlen: 44
2a10:ba87:ff90::/44 maxlen: 44
2a10:ba87:ffa0::/44 maxlen: 44
2a10:ba87:ffb0::/44 maxlen: 44
2a10:ba87:ffc0::/44 maxlen: 44
2a10:ba87:ffd0::/44 maxlen: 44
2a10:ba87:ffe0::/44 maxlen: 44
2a10:ba87:fff0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:5d:66:c1:89:da:df:9b:f7:66:96:11:91:88:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 2 15:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d40328f3a1b6d8a98e0bb53c7d296eb64bbca6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:79:10:98:a0:d1:ab:c7:15:6a:04:7b:6a:
1a:84:9b:57:11:b8:eb:86:fe:06:b9:7d:d2:26:24:
57:7a:6a:8e:ef:c2:fd:76:46:30:d8:f0:48:8e:11:
cf:9d:8b:fd:69:3b:92:19:42:d9:ac:1e:f1:7b:ea:
cd:1f:db:b5:d3:98:ba:c7:96:45:02:d3:09:1c:2e:
56:76:79:f5:08:b1:65:a9:ee:fa:70:c6:3e:1a:51:
2c:a1:70:f8:4a:3b:9e:ad:82:ce:43:54:30:ef:11:
e9:2a:e0:05:69:ed:ee:e8:d7:27:7c:e5:b0:76:df:
aa:6b:ec:a0:40:6d:fc:45:2c:ce:db:c4:1f:5c:ad:
ac:cd:cd:69:59:63:c3:bd:02:40:16:30:c6:e0:79:
e4:65:59:ee:b9:85:cd:f9:45:6f:28:e0:35:7f:e9:
5a:5d:c6:8b:d5:80:9b:6d:c1:ca:ac:31:db:00:1c:
6b:ea:61:78:93:16:bf:c1:6d:bf:f5:77:f6:3c:bc:
82:7c:10:81:92:ee:9f:b4:12:44:19:62:42:31:c5:
fe:70:03:8f:5e:6a:27:84:5c:64:92:56:e2:65:9e:
f2:d4:40:9f:69:6d:66:b0:43:42:df:19:e4:87:1f:
ea:e8:05:cb:48:38:a4:a1:fe:08:2b:d4:35:7f:93:
0a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:40:32:8F:3A:1B:6D:8A:98:E0:BB:53:C7:D2:96:EB:64:BB:CA:6F
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/fUAyjzobbYqY4LtTx9KW62S7ym8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba87:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
22:0a:95:f3:7c:30:af:65:49:4b:0c:2b:92:18:3a:4f:25:4c:
8e:08:b6:07:00:6a:1e:c4:b7:a4:52:f3:23:5a:d8:9a:30:39:
55:98:dc:1b:a7:26:fc:7f:c2:69:4e:1c:6f:6a:65:c8:e3:63:
78:e1:cb:9f:9d:ef:b7:6e:68:43:99:ca:5c:d8:d3:e1:e4:02:
43:22:19:1c:05:2d:cf:59:6d:46:a0:6f:33:dc:9f:90:ce:a5:
77:c9:85:ea:8b:dd:83:ab:6b:53:6e:aa:da:f8:83:7d:c2:62:
94:b8:ae:5f:37:9d:99:9b:13:77:32:51:da:c4:d2:45:82:42:
bc:00:0c:4d:f9:0e:a5:09:50:8e:55:49:2b:37:18:a8:2a:28:
3a:9e:a3:29:5e:c7:0d:92:5b:2f:09:93:e3:b1:d1:b2:4e:fc:
db:a1:82:b0:6e:16:44:1d:41:df:d8:01:b8:38:78:59:0b:16:
4a:3d:d0:67:ab:9f:5e:d6:cc:9e:ba:36:04:39:4c:5a:0d:df:
5c:09:74:81:a9:25:2b:21:ae:dd:ff:a5:35:be:de:e5:bc:af:
15:b0:fb:e0:56:ee:75:1e:09:88:89:e9:1b:7c:b1:55:1f:1f:
4f:ef:07:f7:ac:55:cf:08:b3:5a:18:3b:86:1a:6d:ae:3b:c7:
85:58:f0:13
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQntl1mwYna35v3ZpYRkYhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjUwMTAyMTU1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQwMzI4ZjNhMWI2ZDhhOThlMGJiNTNjN2QyOTZlYjY0YmJjYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQR5EJig0avHFWoEe2oahJtXEbjr
hv4GuX3SJiRXemqO78L9dkYw2PBIjhHPnYv9aTuSGULZrB7xe+rNH9u105i6x5ZF
AtMJHC5Wdnn1CLFlqe76cMY+GlEsoXD4SjuerYLOQ1Qw7xHpKuAFae3u6NcnfOWw
dt+qa+ygQG38RSzO28QfXK2szc1pWWPDvQJAFjDG4HnkZVnuuYXN+UVvKOA1f+la
XcaL1YCbbcHKrDHbABxr6mF4kxa/wW2/9Xf2PLyCfBCBku6ftBJEGWJCMcX+cAOP
XmonhFxkklbiZZ7y1ECfaW1msENC3xnkhx/q6AXLSDikof4IK9Q1f5MK6QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFH1AMo86G22KmOC7U8fSlutku8pvMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvZlVBeWp6b2JiWXFZNEx0VHg5S1c2MlM3eW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhC6h/8w
DQYJKoZIhvcNAQELBQADggEBACIKlfN8MK9lSUsMK5IYOk8lTI4ItgcAah7Et6RS
8yNa2JowOVWY3BunJvx/wmlOHG9qZcjjY3jhy5+d77duaEOZylzY0+HkAkMiGRwF
Lc9ZbUagbzPcn5DOpXfJheqL3YOra1Nuqtr4g33CYpS4rl83nZmbE3cyUdrE0kWC
QrwADE35DqUJUI5VSSs3GKgqKDqeoylexw2SWy8Jk+Ox0bJO/NuhgrBuFkQdQd/Y
Abg4eFkLFko90Gern17WzJ66NgQ5TFoN31wJdIGpJSshrt3/pTW+3uW8rxWw++BW
7nUeCYiJ6Rt8sVUfH0/vB/esVc8Is1oYO4Yaba47x4VY8BM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:30:43 2025 by rpki-client