Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/rSVe0qwmHRmRSbc-BqRXWgwo8xg.roa
File: rSVe0qwmHRmRSbc-BqRXWgwo8xg.roa (raw, json)
Hash identifier: r3p05wO+xtEje8UL55zhFJYQg8/aaGUGyXfpX1tlFYY=
Subject key identifier: AD:25:5E:D2:AC:26:1D:19:91:49:B7:3E:06:A4:57:5A:0C:28:F3:18
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 019427B65DA366D47F43E00BBDA402BD8ACB
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/rSVe0qwmHRmRSbc-BqRXWgwo8xg.roa
Signing time: Thu 02 Jan 2025 15:50:50 +0000
ROA not before: Thu 02 Jan 2025 15:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57698
IP address blocks: 2a10:ba80:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 21:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:5d:a3:66:d4:7f:43:e0:0b:bd:a4:02:bd:8a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 2 15:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad255ed2ac261d199149b73e06a4575a0c28f318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:56:27:23:97:8c:53:f7:29:05:b5:ff:74:1d:
a1:e3:1c:64:4b:72:c2:62:c2:2c:8d:28:b8:51:2d:
c3:b9:61:fa:24:f3:86:44:fc:30:38:5a:0a:33:b3:
ab:09:55:62:1c:e2:de:9c:03:66:99:78:96:39:8a:
0c:c8:13:ae:93:e4:67:b2:c5:c7:2a:79:44:0a:5d:
56:c0:1b:8f:6b:d8:61:dd:65:d4:ca:7e:4a:27:1e:
87:8d:55:23:e6:0f:98:af:a6:da:8d:96:8a:10:21:
d0:ae:b5:20:de:5c:67:a2:1b:a9:62:f5:d3:a9:66:
0c:57:24:29:2d:1e:8d:92:55:fa:1c:cc:ac:d1:dc:
89:17:57:84:d2:99:a3:e3:d6:e1:66:44:8b:8b:6b:
14:55:1d:b4:91:aa:f9:f5:73:b7:41:52:b0:b6:40:
b7:aa:c8:16:cb:f3:38:c7:d5:ea:12:67:75:c0:95:
02:41:3e:70:6c:e2:8a:2e:34:f8:d1:90:94:8f:52:
4a:8a:ef:ca:50:57:d6:17:fd:14:b7:ee:18:8e:98:
3b:05:f2:6f:b9:7e:a6:a3:db:16:b6:5e:c7:09:93:
9a:84:0d:d8:48:25:52:06:85:d4:06:2f:85:d7:6d:
8a:81:5d:42:82:18:d1:5e:5a:65:19:03:f5:28:df:
26:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:25:5E:D2:AC:26:1D:19:91:49:B7:3E:06:A4:57:5A:0C:28:F3:18
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/rSVe0qwmHRmRSbc-BqRXWgwo8xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba80:10::/44
Signature Algorithm: sha256WithRSAEncryption
33:50:68:db:6c:5c:8e:a8:f8:01:fe:c0:ac:01:57:fb:5f:52:
28:12:f0:ad:7d:69:d3:59:5a:ac:32:d0:5b:50:d0:fc:a3:2f:
1a:14:e6:64:5b:7a:90:42:ff:e2:b5:dc:87:a7:a3:a5:b5:15:
01:b3:cd:07:b0:e4:b1:58:5e:71:c1:fa:d0:de:47:34:3a:3f:
92:25:f4:af:df:3a:e2:0f:02:08:d0:bd:0d:65:cf:00:8b:57:
fd:ca:69:17:15:eb:35:92:95:30:94:f4:60:dd:35:3f:e6:78:
a6:de:d5:fc:59:bf:94:40:c9:b8:61:48:84:9e:b6:ef:9c:e8:
4c:60:6c:c1:c1:ca:d9:70:90:77:e2:42:20:80:6f:99:1c:fe:
2e:23:09:57:24:fc:76:1c:1a:26:0d:b2:a1:27:6c:1e:ce:7a:
8a:17:fc:dd:69:d2:9d:00:55:dd:76:d2:4c:25:ba:34:7d:1b:
f5:e8:43:31:2d:ec:ff:6b:4a:df:1c:e8:8a:06:4a:1e:67:06:
6c:c9:0f:4c:ad:2c:c1:0a:c7:82:0e:9f:f1:7a:c6:a3:54:4a:
4f:8c:0e:d2:dd:f9:1c:98:f2:2a:b7:c6:b3:e9:80:89:74:3b:
0a:b1:6d:c8:dc:a4:11:36:11:d2:ce:38:a1:cc:88:65:96:9e:
a8:47:c0:5a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntl2jZtR/Q+ALvaQCvYrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjUwMTAyMTU1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDI1NWVkMmFjMjYxZDE5OTE0OWI3M2UwNmE0NTc1YTBjMjhmMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlYnI5eMU/cpBbX/dB2h4xxkS3LC
YsIsjSi4US3DuWH6JPOGRPwwOFoKM7OrCVViHOLenANmmXiWOYoMyBOuk+RnssXH
KnlECl1WwBuPa9hh3WXUyn5KJx6HjVUj5g+Yr6bajZaKECHQrrUg3lxnohupYvXT
qWYMVyQpLR6NklX6HMys0dyJF1eE0pmj49bhZkSLi2sUVR20kar59XO3QVKwtkC3
qsgWy/M4x9XqEmd1wJUCQT5wbOKKLjT40ZCUj1JKiu/KUFfWF/0Ut+4Yjpg7BfJv
uX6mo9sWtl7HCZOahA3YSCVSBoXUBi+F122KgV1CghjRXlplGQP1KN8mAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK0lXtKsJh0ZkUm3PgakV1oMKPMYMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvclNWZTBxd21IUm1SU2JjLUJxUlhXZ3dvOHhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhC6gAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAzUGjbbFyOqPgB/sCsAVf7X1IoEvCtfWnTWVqs
MtBbUND8oy8aFOZkW3qQQv/itdyHp6OltRUBs80HsOSxWF5xwfrQ3kc0Oj+SJfSv
3zriDwII0L0NZc8Ai1f9ymkXFes1kpUwlPRg3TU/5nim3tX8Wb+UQMm4YUiEnrbv
nOhMYGzBwcrZcJB34kIggG+ZHP4uIwlXJPx2HBomDbKhJ2weznqKF/zdadKdAFXd
dtJMJbo0fRv16EMxLez/a0rfHOiKBkoeZwZsyQ9MrSzBCseCDp/xesajVEpPjA7S
3fkcmPIqt8az6YCJdDsKsW3I3KQRNhHSzjihzIhllp6oR8Ba
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:59:12 2025 by rpki-client