Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pJLtq0OEiC2n7NLXkBcDtX4LKDI.roa
File: pJLtq0OEiC2n7NLXkBcDtX4LKDI.roa (raw, json)
Hash identifier: uNIUZktT2Y68Tva6qi8p96kvm5I4VqlHL5j6Sqmwjo8=
Subject key identifier: A4:92:ED:AB:43:84:88:2D:A7:EC:D2:D7:90:17:03:B5:7E:0B:28:32
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01941FFA074382866680E281DCFC2E523317
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pJLtq0OEiC2n7NLXkBcDtX4LKDI.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208861
IP address blocks: 2a05:fb45::/32 maxlen: 32
2a0a:4780::/32 maxlen: 32
2a0a:4781::/32 maxlen: 32
2a0a:4782::/32 maxlen: 32
2a0a:4783::/32 maxlen: 32
2a0d:60c1::/32 maxlen: 32
2a0f:cc82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:07:43:82:86:66:80:e2:81:dc:fc:2e:52:33:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a492edab4384882da7ecd2d7901703b57e0b2832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:42:18:fb:65:1b:b1:39:84:27:aa:6c:85:e6:
98:93:48:46:49:e0:13:ed:59:89:d9:64:60:92:a5:
c4:e4:26:2f:a6:98:35:23:94:b4:1d:57:0b:f6:5f:
48:5d:bd:20:3b:7e:62:ca:0e:8b:4f:51:fc:ac:bf:
d4:9d:86:84:fb:d2:9c:73:7f:fa:b9:95:af:45:0c:
f3:38:69:92:68:0f:17:dc:5a:e6:6e:bd:23:6c:66:
2c:c8:eb:28:fb:54:ef:0c:30:22:03:cc:a7:e9:be:
fa:df:d7:34:49:33:a4:00:22:80:16:b0:e9:73:56:
2e:c1:78:ca:ea:82:f1:b7:d8:5c:7c:5b:71:06:bc:
21:aa:3c:5b:15:53:e6:1f:63:e3:78:21:0c:5a:8b:
64:36:c7:6d:d3:81:38:61:7a:1f:61:6a:0d:e1:c2:
97:16:cb:3f:ec:78:91:27:fd:ef:07:dd:5b:0a:05:
af:4a:5f:08:f3:ed:8e:c2:41:8c:e6:f4:af:18:c1:
7e:41:a9:67:a6:7a:dd:9c:91:03:b4:41:4c:9f:a4:
32:e2:ed:b1:66:a9:ed:4c:9d:2d:62:86:0b:ae:b2:
4f:75:a6:bc:d2:cd:79:17:37:9a:67:ca:ba:e5:89:
30:f4:1e:75:5a:43:c1:0b:c4:8e:3d:45:89:78:8b:
39:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:92:ED:AB:43:84:88:2D:A7:EC:D2:D7:90:17:03:B5:7E:0B:28:32
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/pJLtq0OEiC2n7NLXkBcDtX4LKDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:fb45::/32
2a0a:4780::/30
2a0d:60c1::/32
2a0f:cc82::/32
Signature Algorithm: sha256WithRSAEncryption
87:07:97:e9:12:27:fc:d4:d8:65:c9:af:0d:fb:ff:df:c1:5b:
e5:a1:c2:0d:7b:91:0b:95:9d:c6:55:da:30:66:d0:58:35:bb:
12:fb:cc:b6:db:f7:51:0d:e2:e6:64:b5:f9:c8:d8:bc:39:2e:
bb:cb:54:f3:38:5d:6e:e8:7d:27:2e:a5:60:ec:ec:8c:46:f8:
f2:ef:48:0d:40:0c:e3:ac:30:4b:66:9e:d4:c7:a8:de:53:c0:
ea:43:c7:18:bc:ed:a8:62:82:da:22:7b:a3:af:53:36:73:18:
f3:5e:8e:44:33:8d:97:d5:5e:4c:dc:e4:dd:cb:9a:7f:82:87:
c2:4f:2d:46:fe:3d:ac:4d:1d:4f:be:a0:01:f2:c0:b7:16:64:
73:ae:eb:bf:a0:ba:73:74:59:cd:18:ab:97:37:67:d5:ca:e3:
f4:9a:ad:fb:c2:42:68:90:89:d8:2f:a1:f9:32:77:f0:39:c4:
13:8d:c1:61:f1:80:7a:48:14:b1:ea:ad:5b:95:f9:fc:b2:6b:
94:2b:2d:d1:17:41:50:15:41:9c:d9:fd:7a:50:11:26:1a:e0:
aa:56:1c:86:8e:75:6a:e9:a4:a2:83:cf:2d:a5:a9:81:fe:fd:
81:8e:d8:4c:cb:69:30:02:b1:87:61:0a:32:6e:6e:97:54:ff:
f9:4d:4e:09
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQf+gdDgoZmgOKB3PwuUjMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDkyZWRhYjQzODQ4ODJkYTdlY2QyZDc5MDE3MDNiNTdlMGIyODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUIY+2UbsTmEJ6psheaYk0hGSeAT
7VmJ2WRgkqXE5CYvppg1I5S0HVcL9l9IXb0gO35iyg6LT1H8rL/UnYaE+9Kcc3/6
uZWvRQzzOGmSaA8X3Frmbr0jbGYsyOso+1TvDDAiA8yn6b7639c0STOkACKAFrDp
c1YuwXjK6oLxt9hcfFtxBrwhqjxbFVPmH2PjeCEMWotkNsdt04E4YXofYWoN4cKX
Fss/7HiRJ/3vB91bCgWvSl8I8+2OwkGM5vSvGMF+QalnpnrdnJEDtEFMn6Qy4u2x
ZqntTJ0tYoYLrrJPdaa80s15FzeaZ8q65Ykw9B51WkPBC8SOPUWJeIs5ZQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKSS7atDhIgtp+zS15AXA7V+CygyMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvcEpMdHEwT0VpQzJuN05MWGtCY0R0WDRMS0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgX7RQMF
AioKR4ADBQAqDWDBAwUAKg/MgjANBgkqhkiG9w0BAQsFAAOCAQEAhweX6RIn/NTY
ZcmvDfv/38Fb5aHCDXuRC5WdxlXaMGbQWDW7EvvMttv3UQ3i5mS1+cjYvDkuu8tU
8zhdbuh9Jy6lYOzsjEb48u9IDUAM46wwS2ae1Meo3lPA6kPHGLztqGKC2iJ7o69T
NnMY816ORDONl9VeTNzk3cuaf4KHwk8tRv49rE0dT76gAfLAtxZkc67rv6C6c3RZ
zRirlzdn1crj9Jqt+8JCaJCJ2C+h+TJ38DnEE43BYfGAekgUseqtW5X5/LJrlCst
0RdBUBVBnNn9elARJhrgqlYcho51aumkooPPLaWpgf79gY7YTMtpMAKxh2EKMm5u
l1T/+U1OCQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:58:45 2025 by rpki-client