Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/CtLvXpDbiC_lIsOnzUkFvQoNOW0.roa
File: CtLvXpDbiC_lIsOnzUkFvQoNOW0.roa (raw, json)
Hash identifier: HxkNpx8Pcltu0KFjSBg3rwAtGuveX0ZtVcwj6Ck1QYw=
Subject key identifier: 0A:D2:EF:5E:90:DB:88:2F:E5:22:C3:A7:CD:49:05:BD:0A:0D:39:6D
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 019426D923DB2381DA2564E35904363B1E83
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/CtLvXpDbiC_lIsOnzUkFvQoNOW0.roa
Signing time: Thu 02 Jan 2025 11:49:12 +0000
ROA not before: Thu 02 Jan 2025 11:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203701
IP address blocks: 2a09:e200:40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:23:db:23:81:da:25:64:e3:59:04:36:3b:1e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Jan 2 11:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ad2ef5e90db882fe522c3a7cd4905bd0a0d396d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2c:96:c1:4b:82:94:96:e4:b1:cb:7d:2f:1d:
d1:4f:4f:ed:51:39:cf:48:8d:ed:69:91:41:37:dd:
dc:54:3b:41:1b:f7:28:c3:c6:9b:ed:8e:79:f8:b4:
d4:5e:1b:e7:87:99:89:89:8f:44:c7:bc:c6:4a:92:
4d:29:4e:1d:b2:06:b6:17:86:0c:d9:75:85:01:93:
e2:eb:5d:48:eb:ce:ee:a3:a3:ab:36:03:a9:c6:5f:
f4:51:cf:25:25:6b:5b:3b:9f:39:d6:52:92:06:13:
b8:91:aa:5b:29:bf:5e:e2:66:45:26:66:c6:3f:fe:
7a:21:71:33:58:ec:3e:30:0e:fd:c7:fa:cf:9f:b9:
d7:88:b3:ff:cc:05:a8:fb:26:30:7c:95:31:c7:10:
a7:87:08:0e:78:a4:14:07:1b:0f:57:ea:ee:72:83:
0e:f2:66:6f:dc:63:ba:22:eb:aa:8c:65:d1:fa:82:
56:c8:5c:21:5d:4d:96:d0:6b:e8:4f:98:68:0c:cb:
7b:d6:27:07:f1:4e:dc:58:65:0b:07:75:68:fc:24:
4d:3b:7d:14:e1:3e:0c:18:c7:1c:38:a0:41:c2:e7:
c8:65:0d:cf:70:f3:25:c2:28:1a:3e:68:8e:52:13:
6f:14:01:eb:d2:89:da:63:7d:8a:df:d4:49:06:a2:
45:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D2:EF:5E:90:DB:88:2F:E5:22:C3:A7:CD:49:05:BD:0A:0D:39:6D
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/CtLvXpDbiC_lIsOnzUkFvQoNOW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e200:40::/48
Signature Algorithm: sha256WithRSAEncryption
70:47:ea:03:94:6d:fa:80:2c:ca:9a:3c:0e:a2:39:33:f4:2c:
c0:ec:83:0b:8c:8b:39:5f:9d:6e:80:cc:f3:03:1a:4b:1e:2d:
74:dd:c7:58:0d:d7:21:c0:20:91:ac:e0:77:9e:78:3d:31:31:
01:dc:f8:b1:f1:48:0c:98:1a:34:8c:e6:9f:2b:52:43:25:83:
18:2e:95:b1:fa:8e:7a:33:1b:3d:d9:1b:56:86:a1:90:db:82:
ea:3c:da:56:b8:1d:d9:95:82:7c:06:a5:b2:41:1b:4a:3f:23:
c3:a3:f2:b1:c2:76:c8:a2:3f:32:10:79:f6:5c:4b:9f:f4:b6:
35:08:53:e3:a4:5e:b8:52:44:a5:49:ce:69:65:41:4c:30:1d:
4b:7f:c0:5f:2d:14:75:1b:64:dd:46:a7:32:36:04:fc:8f:91:
a7:52:d4:14:e2:1d:6b:17:2e:37:4f:91:66:f6:a0:11:84:e8:
ca:9f:26:40:ec:7e:99:24:b6:6d:08:cd:f9:25:81:03:9b:99:
0b:ad:24:d0:6f:d7:12:8d:f3:94:63:59:77:93:23:09:3d:d4:
d4:a5:6d:0f:98:e9:d6:68:eb:cf:e6:c1:16:ed:7f:d7:a0:b4:
bf:94:be:10:c4:df:0d:99:9b:9f:d7:c3:9e:61:c0:d5:ca:90:
31:d5:39:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2SPbI4HaJWTjWQQ2Ox6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjUwMTAyMTE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQyZWY1ZTkwZGI4ODJmZTUyMmMzYTdjZDQ5MDViZDBhMGQzOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSyWwUuClJbksct9Lx3RT0/tUTnP
SI3taZFBN93cVDtBG/cow8ab7Y55+LTUXhvnh5mJiY9Ex7zGSpJNKU4dsga2F4YM
2XWFAZPi611I687uo6OrNgOpxl/0Uc8lJWtbO5851lKSBhO4kapbKb9e4mZFJmbG
P/56IXEzWOw+MA79x/rPn7nXiLP/zAWo+yYwfJUxxxCnhwgOeKQUBxsPV+rucoMO
8mZv3GO6IuuqjGXR+oJWyFwhXU2W0GvoT5hoDMt71icH8U7cWGULB3Vo/CRNO30U
4T4MGMccOKBBwufIZQ3PcPMlwigaPmiOUhNvFAHr0onaY32K39RJBqJFowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFArS716Q24gv5SLDp81JBb0KDTltMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvQ3RMdlhwRGJpQ19sSXNPbnpVa0Z2UW9OT1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgniAABA
MA0GCSqGSIb3DQEBCwUAA4IBAQBwR+oDlG36gCzKmjwOojkz9CzA7IMLjIs5X51u
gMzzAxpLHi103cdYDdchwCCRrOB3nng9MTEB3Pix8UgMmBo0jOafK1JDJYMYLpWx
+o56Mxs92RtWhqGQ24LqPNpWuB3ZlYJ8BqWyQRtKPyPDo/KxwnbIoj8yEHn2XEuf
9LY1CFPjpF64UkSlSc5pZUFMMB1Lf8BfLRR1G2TdRqcyNgT8j5GnUtQU4h1rFy43
T5Fm9qARhOjKnyZA7H6ZJLZtCM35JYEDm5kLrSTQb9cSjfOUY1l3kyMJPdTUpW0P
mOnWaOvP5sEW7X/XoLS/lL4QxN8NmZuf18OeYcDVypAx1TlK
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:49 2025 by rpki-client