Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/93XoyOBot5Q31NIUzCFTG35eypU.roa
File: 93XoyOBot5Q31NIUzCFTG35eypU.roa (raw, json)
Hash identifier: 3DisuqOhct1g6Kl/cifQgLMmcCXnn6jb3AkS/2a6zZU=
Subject key identifier: F7:75:E8:C8:E0:68:B7:94:37:D4:D2:14:CC:21:53:1B:7E:5E:CA:95
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01941FFA07E8B64C3D9CA11D6168A7433C68
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/93XoyOBot5Q31NIUzCFTG35eypU.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210625
IP address blocks: 2a09:4e06::/32 maxlen: 32
2a09:4e07:7000::/36 maxlen: 36
2a09:4e07:9000::/36 maxlen: 36
2a0d:60c5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:07:e8:b6:4c:3d:9c:a1:1d:61:68:a7:43:3c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f775e8c8e068b79437d4d214cc21531b7e5eca95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:67:50:de:f6:a8:0f:5b:aa:ed:af:60:c9:c4:
40:af:43:36:a1:3a:19:45:31:0d:bf:91:6b:9c:4a:
f1:47:3a:f7:a2:2b:99:5a:c3:0c:0d:17:1b:74:43:
23:11:77:2c:05:0d:66:12:b1:95:2e:d2:9a:80:d8:
58:cc:36:49:e3:ce:b7:92:e9:91:f6:cb:d9:b3:05:
11:e8:ef:c4:64:ff:18:db:d8:17:f7:37:b0:3e:57:
f9:0f:48:fe:c4:a3:30:a2:6a:f7:b9:af:de:c7:45:
f5:03:07:ed:93:2f:f7:cd:34:b3:b9:a7:1c:bf:82:
60:3e:8a:4a:93:90:c7:2e:0b:e9:e7:f2:4a:40:d1:
80:27:3c:98:63:67:e7:c9:b9:50:64:b7:e3:ba:85:
6f:23:e0:e1:ac:3b:78:df:f5:29:8f:55:e5:79:49:
af:81:9e:df:77:c9:77:6d:87:9c:bd:a5:89:b6:e9:
ce:f9:1a:b5:33:ca:9e:52:d6:01:34:7b:5f:21:eb:
0a:17:2d:4b:58:cc:be:d2:5a:fb:99:ff:77:0e:80:
75:43:66:9e:ca:7a:21:f8:ea:6e:2e:12:0d:65:2b:
a3:34:66:cb:cc:ea:15:d1:04:93:21:39:e9:6e:db:
f8:a4:bc:da:be:7b:83:60:5f:c3:42:93:5a:4c:82:
88:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:75:E8:C8:E0:68:B7:94:37:D4:D2:14:CC:21:53:1B:7E:5E:CA:95
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/93XoyOBot5Q31NIUzCFTG35eypU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4e06::/32
2a09:4e07:7000::/36
2a09:4e07:9000::/36
2a0d:60c5::/32
Signature Algorithm: sha256WithRSAEncryption
16:47:59:31:cc:ee:76:01:07:dc:3d:14:c3:8f:e0:b5:46:7f:
1f:e7:c2:d7:35:ba:27:01:b0:4e:7b:d0:55:d6:8b:8d:36:90:
7c:52:77:c5:2e:5f:2b:c5:86:ab:81:d5:6f:63:fc:6d:9d:b6:
e1:6d:12:55:aa:fa:bc:a3:dc:0c:69:8a:c4:7b:8d:43:80:1a:
cc:4a:86:9a:27:3f:bb:74:23:b2:3a:82:aa:2f:71:30:d0:da:
e7:a2:f9:3d:47:34:b7:ba:71:ec:a1:61:01:8c:c9:eb:97:7a:
ce:93:51:b8:a0:81:0a:8d:44:03:37:c5:30:92:69:de:33:55:
b0:e2:2c:61:f2:64:72:15:17:14:9d:a2:64:e3:c7:c1:48:74:
04:5a:eb:ba:2a:96:66:75:a5:d5:9c:dc:cf:26:bb:6d:af:ff:
b9:e4:91:b9:79:54:dd:8b:b2:f1:b6:b7:a2:ba:ce:8d:30:fb:
e4:6d:18:99:5e:22:f6:e3:44:a4:40:5d:09:2f:ab:47:bb:e6:
8c:5b:61:13:76:a1:d2:27:13:c5:d9:2d:cc:fa:11:66:5a:ba:
f5:ec:0f:66:75:92:bb:d0:f6:6b:4b:d9:13:33:4e:8c:41:8a:
1b:6c:46:ac:dd:d5:af:0a:58:91:a4:03:d2:2b:ec:8d:1e:77:
7b:71:5f:42
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQf+gfotkw9nKEdYWinQzxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzc1ZThjOGUwNjhiNzk0MzdkNGQyMTRjYzIxNTMxYjdlNWVjYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mdQ3vaoD1uq7a9gycRAr0M2oToZ
RTENv5FrnErxRzr3oiuZWsMMDRcbdEMjEXcsBQ1mErGVLtKagNhYzDZJ4863kumR
9svZswUR6O/EZP8Y29gX9zewPlf5D0j+xKMwomr3ua/ex0X1Awftky/3zTSzuacc
v4JgPopKk5DHLgvp5/JKQNGAJzyYY2fnyblQZLfjuoVvI+DhrDt43/Upj1XleUmv
gZ7fd8l3bYecvaWJtunO+Rq1M8qeUtYBNHtfIesKFy1LWMy+0lr7mf93DoB1Q2ae
ynoh+OpuLhINZSujNGbLzOoV0QSTITnpbtv4pLzavnuDYF/DQpNaTIKI5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPd16MjgaLeUN9TSFMwhUxt+XsqVMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvOTNYb3lPQm90NVEzMU5JVXpDRlRHMzVleXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKglOBgMG
BCoJTgdwAwYEKglOB5ADBQAqDWDFMA0GCSqGSIb3DQEBCwUAA4IBAQAWR1kxzO52
AQfcPRTDj+C1Rn8f58LXNbonAbBOe9BV1ouNNpB8UnfFLl8rxYargdVvY/xtnbbh
bRJVqvq8o9wMaYrEe41DgBrMSoaaJz+7dCOyOoKqL3Ew0Nrnovk9RzS3unHsoWEB
jMnrl3rOk1G4oIEKjUQDN8UwkmneM1Ww4ixh8mRyFRcUnaJk48fBSHQEWuu6KpZm
daXVnNzPJrttr/+55JG5eVTdi7Lxtreius6NMPvkbRiZXiL240SkQF0JL6tHu+aM
W2ETdqHSJxPF2S3M+hFmWrr17A9mdZK70PZrS9kTM06MQYobbEas3dWvCliRpAPS
K+yNHnd7cV9C
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:29:56 2025 by rpki-client